-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Incorrect username validation #8
Comments
Default regex Allows It may have some unforseen consequences I think having strictly lower case alphanumeric usernames, and leaving the Fancy Stuff to gecos fullname I may be wrong if I am I will happily implement it |
So as far as I can see online
All ignore The name regex As they are apparently really volatile, and cause and Unprofessionally written scripts to break |
This is wrong. Those regexes only allow -_. and alphanumeric (also can't start with a .). If they are allowing any more then our config to set those regexes are incorrect and none standard. We should be allowing whatever adduser allows, it has all the protections in place already, that's why it has a --allow-bad-names flag to override if you need (we do not need). |
Not correct, they all seem to be allowing - _ and . except calamares (not tried vanilla)? So they are either using the regexes or implemented their own version of the default check. |
Ok... I will switch the regex |
Thank you very much for looking into this! |
Here we are checking for only alphanumeric: https://github.com/PikaOS-Linux/pkg-pika-first-setup/blob/c6b9d3743223bdc0611bdf0c80dc3ea902742cc7/src/first_setup/user_carousel/mod.rs#L232C12-L232C29
This needs to instead use the regexes of NAME_REGEX and SYS_NAME_REGEX to check against as this is what adduser does.
The text was updated successfully, but these errors were encountered: