1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-18 10:35:55 +00:00

Allow weird characters in usernames if an admin persists on that:

a) Convert all the remaining older Perl system() calls to the new,
   more secure LIST format so they are robust to whitespace and
   shell metacharacters in their arguments.
b) Add a new option: -force, which allows adding usernames containing
   characters that are otherwise illegal.

PR:		bin/22860 bin/31049
This commit is contained in:
Yaroslav Tykhiy 2002-01-02 18:54:40 +00:00
parent 62ec4add59
commit 1b0805da95
Notes: svn2git 2020-12-20 02:59:44 +00:00
svn path=/head/; revision=88827

View File

@ -30,6 +30,7 @@
# read variables
sub variables {
$verbose = 1; # verbose = [0-2]
$force = 0; # relax username validity check if true
$defaultusepassword = "yes"; # use password authentication for new users
$defaultenableaccount = "yes"; # enable the account by default
$defaultemptypassword = "no"; # don't create an empty password
@ -44,7 +45,7 @@ sub variables {
$etc_shells = "/etc/shells";
$etc_passwd = "/etc/master.passwd";
$group = "/etc/group";
$pwd_mkdb = "pwd_mkdb -p"; # program for building passwd database
@pwd_mkdb = qw(pwd_mkdb -p); # program for building passwd database
# List of directories where shells located
@ -226,7 +227,7 @@ sub home_partition_valid {
# check for valid passwddb
sub passwd_check {
system("$pwd_mkdb -C $etc_passwd");
system(@pwd_mkdb, '-C', $etc_passwd);
die "\nInvalid $etc_passwd - cannot add any users!\n" if $?;
}
@ -327,13 +328,29 @@ sub new_users_name {
sub new_users_name_valid {
local($name) = @_;
if ($name !~ /^[a-z0-9_][a-z0-9_\-]*$/ || $name eq "a-z0-9_-") {
if ($force) {
if ($name eq "a-z0-9_-") {
warn "Please enter a username.\a\n";
return 0;
}
if ($name =~ /[:\n]/) {
warn "Illegal username, which would break your passwd file.\a\n";
return 0;
}
if ($name !~ /^[a-z0-9_][a-z0-9_\-]*$/) {
warn "Caution: Username contains illegal characters.\n" .
"Adding this user may cause utilities " .
"or applications to malfunction,\n" .
"or even impose a security risk on your system.\a\n";
}
} elsif ($name !~ /^[a-z0-9_][a-z0-9_\-]*$/ || $name eq "a-z0-9_-") {
warn "Illegal username.\n" .
"Please use only lowercase Roman, decimal, underscore, " .
"or hyphen characters.\n" .
"Additionally, a username should not start with a hyphen.\a\n";
return 0;
} elsif ($username{$name}) {
}
if ($username{$name}) {
warn "Username ``$name'' already exists!\a\n"; return 0;
}
return 1;
@ -564,7 +581,7 @@ sub new_users_pwdmkdb {
local($last) = shift;
local($name) = shift;
system("$pwd_mkdb -u $name $etc_passwd");
system(@pwd_mkdb, '-u', $name, $etc_passwd);
if ($?) {
warn "$last\n";
warn "``$pwd_mkdb'' failed\n";
@ -861,6 +878,7 @@ usage: adduser
[-class login_class]
[-config_create]
[-dotdir dotdir]
[-f|-force]
[-group login_group]
[-h|-help]
[-home home]
@ -934,6 +952,7 @@ sub parse_arguments {
if (/^--?(v|verbose)$/) { $verbose = 1 }
elsif (/^--?(s|silent|q|quiet)$/) { $verbose = 0 }
elsif (/^--?(debug)$/) { $verbose = 2 }
elsif (/^--?(f|force)$/) { $force = 1 }
elsif (/^--?(h|help|\?)$/) { &usage }
elsif (/^--?(home)$/) { $home = $argv[0]; shift @argv }
elsif (/^--?(shell)$/) { $defaultshell = $argv[0]; shift @argv }
@ -1050,9 +1069,9 @@ sub home_create {
# copy files from $dotdir to $homedir
# rename 'dot.foo' files to '.foo'
print "Copy files from $dotdir to $homedir\n" if $verbose;
system("cp -R $dotdir $homedir");
system("chmod -R u+wrX,go-w $homedir");
system("chown -R $name:$group $homedir");
system('cp', '-R', $dotdir, $homedir);
system('chmod', '-R', 'u+wrX,go-w', $homedir);
system('chown', '-R', "$name:$group", $homedir);
# security
opendir(D, $homedir);