Question about FreeBSD and long usernames

jhell jhell at DataIX.net
Mon Apr 4 02:18:51 UTC 2011 

On Wed, Jan 19, 2011 at 04:04:04PM +0100, Mateusz Kwiatkowski wrote:
> Hi, 
> 
> I have noticed inconsistent behaviour of some tools while working with
> long usernames.
> 

I dont get why you would need or want to work with longer usernames but
if that is your goal then lets continue below...

> At first, 17 chars username (UT_NAMESIZE is set to 16, MAXLOGNAME to
> 17):
> # pw user add verylongusername 
> pwd_mkdb: jira_pawprintgames: username too long
> 

The problem here is not ``verylongusername'' thats exactly 16 characters
in the U.S. not sure where you think the other 2 characters came from.

jira_pawprintgames: is 18 characters long and that is where pw(8) is
bailing out. Utility is working correctly as it should here.

> But it is possible to create such user with vipw:
> # id verylongusername
> uid=1005(verylongusername) gid=1003(users) groups=1003(users)

As stated above your not adding a very long user name here, but vipw is
exactly of the type (editor) does not really need to verify what your
putting into the file and shouldnt... its editing and if you have added
a user name that long then its a failure on the admins part for doing
so.

> 
> We can make use of this account:
> su - verylongusername
> % id
> uid=1005(verylongusername) gid=1003(users) groups=1003(users)

I sure hope so its 16 charaters long.

> 
> # passwd verylongusername
> Changing local password for verylongusername
> New Password:
> Retype New Password:
> #

Same as previous statement.

> 
> 18 chars username:
> # id verylongusername1 
> uid=1006(verylongusername1) gid=1003(users) groups=1003(users)
> 
> # su - verylongusername1
> su: username too long

This is 17 characters, you are now exactly 1 character past the limit
and this is where you start seeing failures and think it is an
inconsistancy though everything before was correct except
``jira_pawprintgames''

> 
> # sudo -u verylongusername1 id
> uid=1006(verylongusername1) gid=1003(users) groups=1003(users)
> 

This is not of the base system, though the maintainer may be interested
in a patch that makes this cooperate with the standard maximum length of
a username. It may just be that sudo(1) is just mapping to the UID & GID
here rather than checking lenght.

> It's possible to change password:
> # passwd verylongusername1
> Changing local password for verylongusername1
> New Password:
> Retype New Password:
> #

It is not passwd's job to determine what it can and cannot set a
password on so even in this situation if you have managed to vipw(8) and
add a user with astronomical length, it is not the utilities fault its
PEBKAC.

> 
> When trying to login with ssh (17 chars username worked ok):
> Jan 19 14:46:08 xxxx sshd[39050]: setlogin(verylongusername1):
> Invalid argument
> 
> Why some tools deny using long usernames, while
> others permit? Should it be corrected?

I do not see a problem at all using a correct length and not trying to
force a username into the passwd by means of vipw(8).


-- 

  Regards,

  J. Hellenthal
  JJH48-ARIN
  0x89D8547E

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 558 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20110404/8f7770b5/attachment.pgp

More information about the freebsd-hackers mailing list