Re: MAXLOGNAME + /etc/group + chkgrp invalid character _at_

From: Chuck Swiger <cswiger_at_mac.com>
Date: Tue, 08 Nov 2011 16:08:46 -0800
On Nov 8, 2011, at 3:47 PM, Dan The Man wrote:
> In the daily cron "Daily run output" email always get the following:
> 
> Verifying group file syntax:
> chkgrp: /etc/group: line 3: '_at_' invalid character

chkgrp expects group names to consist of characters in isalnum().

> Could we modify system to support email addresses as usernames.

Sure, that's why FreeBSD comes with source code.
You can modify anything you like.  :-)

However, if you want to use a domain-aware login mechanism, Kerberos is in the base system, and SASL and LDAP are available in ports.  You're not going to break anything allowing "_at_" into the list of characters which pw(8) likes, but the flatfile passwd and group files are not hierarchical the way domain-aware network identity systems are.

A secondary issue is that there is rarely a one-to-one relationship between email addresses and users; many email addresses are aliases which expand either to a different username, or even to multiple users.

> From my testing it works fine, even with "Daily run output" complaining I can still su to user i added in wheel group.
> We'd need to fix ckkgrp source,
> adduser source, and making move to:
> #define MAXLOGNAME 256   in /usr/src/sys/sys/param.h

You can do that also, but I think you'll break compatibility with NIS/YP.

You might not care, but don't be surprised if you find that folks aren't willing to adopt this change back into FreeBSD-- I've seen a few people wanting to increase MAXLOGNAME since 2003 or so.

Regards,
-- 
-Chuck
Received on Tue Nov 08 2011 - 23:08:48 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:20 UTC