Why does the debian installer force me to use a username starting with a-z while adduser doesn't enfore this?

Question

I have just installed Ubuntu Server, through the standard cli menu driven interface and it prompted me to create a new account.

Attempting to create my numerical user (e.g. 12345), I got an "Invalid Username" error, specifying that the username must start with a lower-case letter.

So I created an alternative username and logged in no problem.

Then as the root user I used the useradd command to create my prefered numerical username, and it created it with no errors or comments.

After checking the /etc/adduser.conf configuration file, I found that although there was the NAME_REGEX="^[a-z]..." entry, it was commented out, therefore, not the default.

So why enforce it upon installation when it is not the default setting, causing me to have to go through this routine every-time I install it?

Is there an alternative way to force a numerical user upon installation or do I need to investigate the kickstart option?

Unfortunately my username has to be numerical as enforced through my clients policy.

My clients policy enforces the numerical usernames, and separating the user would cause unnecessary work. — geedoubleya, Oct 08 '14 at 13:25
Wow, I'm surprised it works at all, seeing how tools like chown let you use numerical user/group ids interchangeably with textual user/group names. — Ulrich Schwarz, Oct 08 '14 at 13:30
Appreciate the edit @braiam, much better, I would just like to know for future reference why you have removed the ubuntu tag? — geedoubleya, Oct 08 '14 at 13:59
Ubuntu (and pretty much every debian-based distro) uses the Debian installer as installer underneath. It isn't a behavior characteristic of Ubuntu but of the d-i. — Braiam, Oct 08 '14 at 14:09

score 4 · Accepted Answer · edited Apr 13 '17 at 12:36

4

In my opinion, you need to recommend to your client to change their policy. As Ulrich Schwarz said in a comment, it's kind of surprising that all-numeric usernames work at all.

Consider this: if a user called 12345 exists in the system, how would you use the chown command to change a file's uid to the numeric value 12345? Hint: it's actually possible, but even the manpage doesn't say how. Any automated script trying to do something like this would probably break.

And chown isn't the only command. There are quite possibly other components of the system that will break in worse ways when exposed to all-numeric usernames.

There is a thread about chaning the rules followed by adduser. Apparently it used to forbid names starting with digits.

edited Apr 13 '17 at 12:36

Community

1

answered Oct 08 '14 at 14:38

Celada

44,132

Absolutely I agree, however, all usernames have the same UID, so this is how they have avoided potential pitfalls so far which makes it difficult for me to justify them changing their policy. I will just script a solution - thanks. – geedoubleya Oct 08 '14 at 14:45
1

I wont even say how wrong that is... Lets make a typo and give them all UID 0, OOPS! Good Luck – eyoung100 Oct 08 '14 at 14:57
To clarify my comment, all numerical usernames have an equal uid, e.g. username 12345 has uid 12345 - but still... – geedoubleya Oct 08 '14 at 16:15
You all guys are wrong. All files have stored it's owner info using UIDs. It is stored inside of i-nodes. Only one place where an owner's name is mapped from a UID to a real name is /etc/passwd file. Properly designed tool should to begin with examine the first column inside this file to check if a given name is a real username and then in case of missing it examine third column to check if a given name is a UID. It may be only confusing for human operator but not from a system point of view. – Sebastian Piech Oct 08 '14 at 23:13
@SebastianPiech nobody is wrong here, not even eyoung100 (who simply misunderstood what the OP meant about "same UID"). Nobody claimed that the system (kernel) would become confused about ownership of files. It's just commands and scripts that interpret arguments as either a username or a uid when a given value could potentially be both. Note however that the OP's solution of setting the uid equal to the numeric value of the username neatly bypasses the problem. – Celada Oct 09 '14 at 00:51
Note also that despite my answer and notwithstanding the restrictions imposed by the Debian installer, the POSIX rules actually stand on the OP's client's side since they actually do allow numeric usernames. It's just that I recommended in my answer to be conservation and avoid trouble even though the standard permits it. – Celada Oct 09 '14 at 00:53
@Celada I just commented the approach 'using numbers as real user names is not correct and can cause some problems' :-). And I meant commentators are wrong with this approach. It's because correctly implemented tools and scripts should easily distinguish between UIDs and login names, even if have not any option to precisely indicate the choice. Making equal UIDs to 'numerical' user names is not necessary, but it's ok for convenience and the order. I know, I know it's not the OP's problem and off-topic rather but very interesting however :-) – Sebastian Piech Oct 09 '14 at 09:26

Why does the debian installer force me to use a username starting with a-z while adduser doesn't enfore this?

1 Answers1