[Bug 1927078] [NEW] Don't allow useradd to use fully numeric names

Tue, 04 May 2021 03:50:49 -0700 

Public bug reported:

[Description]

Fully numeric names support in Ubuntu is inconsistent in Focal onwards
because systemd does not like them[1] but are still allowed by default
by useradd, leaving the session behavior in hands of the running
applications. Two examples:

1. After creating a user named "0", the user can log in via ssh or
console but loginctl won't create a session for it:

root@focal:/home/ubuntu# useradd -m 0
root@focal:/home/ubuntu# id 0
uid=1005(0) gid=1005(0) groups=1005(0)

..

0@192.168.122.6's password:
Welcome to Ubuntu 20.04.2 LTS (GNU/Linux 5.8.0-48-generic x86_64)

Last login: Thu Apr  8 16:17:06 2021 from 192.168.122.1
$ loginctl
No sessions.
$ w
 16:20:09 up 4 min,  1 user,  load average: 0.03, 0.14, 0.08
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
0        pts/0    192.168.122.1    16:17    0.00s  0.00s  0.00s w  

And pam-systemd shows the following message:

Apr 08 16:17:06 focal sshd[1584]: pam_unix(sshd:session): session opened for 
user 0 by (uid=0)
Apr 08 16:17:06 focal sshd[1584]: pam_systemd(sshd:session): pam-systemd 
initializing
Apr 08 16:17:06 focal sshd[1584]: pam_systemd(sshd:session): Failed to get user 
record: Invalid argument


2. With that same username, every successful authentication in gdm will loop 
back to gdm again instead of starting gnome, making the user unable to login.


Making useradd fail (unless --badnames is set) when a fully numeric name is 
used will make the default OS behavior consistent.


[Other info]

- Upstream does not support fully numeric usernames
- useradd has a --badnames parameter that would still allow the use of these 
type of names

** Affects: shadow (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: shadow (Ubuntu Focal)
     Importance: Undecided
         Status: New

** Affects: shadow (Ubuntu Groovy)
     Importance: Undecided
         Status: New

** Affects: shadow (Ubuntu Hirsute)
     Importance: Undecided
         Status: New

** Affects: shadow (Ubuntu Impish)
     Importance: Undecided
         Status: New

** Also affects: shadow (Ubuntu Groovy)
   Importance: Undecided
       Status: New

** Also affects: shadow (Ubuntu Hirsute)
   Importance: Undecided
       Status: New

** Also affects: shadow (Ubuntu Focal)
   Importance: Undecided
       Status: New

** Also affects: shadow (Ubuntu Impish)
   Importance: Undecided
       Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1927078

Title:
  Don't allow useradd to use fully numeric names

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1927078/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to