:: Re: [DNG] systemd allows elevated a…
Página superior
Eliminar este mensaje
Responder a este mensaje
Autor: Hendrik Boom
Fecha:  
A: dng
Asunto: Re: [DNG] systemd allows elevated access from unit files?
On Mon, Jul 03, 2017 at 04:36:30PM +0200, Evilham wrote:
> Hi there,
>
> Am 03/07/2017 um 16:08 schrieb dev:

...
> >
> > useradd 0day works on Devuan. adduser 0day does not. Which is correct?
>
> I had this discussion yesterday, so here are my 2 cents :-).
>
> It is quite inconsistent what a "valid username" is, apparently it has
> gotten better.
>
> According to POSIX, a valid username may include: a-z, A-Z, 0-9, ., -, _
> Where "-" cannot appear at the beginning. There is no further
> restriction on the other chars.
> http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap03.html#tag_03_435
>
> So, useradd works because it's lower level, adduser does not, because it
> comes from shadow and they have more restrictions on what a valid name
> is. IMHO that's a bug in shadow.
> https://github.com/shadow-maint/shadow/blob/master/libmisc/chkname.c#L52
>
> It is not possible, for example to execute: adduser name.lastname, which
> is a valid POSIX username (but useradd name.lastname works fine).


It's not clear to me whether this is a bug in the adduser that's been
around for ages, or n a systemd replacement for it.

-- hendrik