Fully numeric usernames in Focal

Victor Tapia victor.tapia at canonical.com
Thu Apr 8 16:58:36 UTC 2021 

Hi,

While reviewing a bug in Focal I noticed that useradd allows the creation
of fully numeric usernames[1] but systemd does not like them[2]. This
triggers issues in apps relying on systemd, such as gnome/gdm (returns to
gdm after authenticating). For instance, after creating user 0, the user
can log in via ssh or console but loginctl won't create a session for it:

root at focal:/home/ubuntu# useradd -m 0
root at focal:/home/ubuntu# id 0
uid=1005(0) gid=1005(0) groups=1005(0)

..

0 at 192.168.122.6's password:

Welcome to Ubuntu 20.04.2 LTS (GNU/Linux 5.8.0-48-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

  System information as of Thu Apr  8 16:17:51 UTC 2021

  System load:  0.34              Processes:             157
  Usage of /:   77.2% of 7.58GB   Users logged in:       0
  Memory usage: 6%                IPv4 address for ens3: 192.168.122.6
  Swap usage:   0%

 * Introducing self-healing high availability clusters in MicroK8s.
   Simple, hardened, Kubernetes for production, from RaspberryPi to DC.

     https://microk8s.io/high-availability

0 updates can be installed immediately.
0 of these updates are security updates.

Your Hardware Enablement Stack (HWE) is supported until April 2025.

Last login: Thu Apr  8 16:17:06 2021 from 192.168.122.1
$ loginctl
No sessions.
$ w
 16:20:09 up 4 min,  1 user,  load average: 0.03, 0.14, 0.08
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
0        pts/0    192.168.122.1    16:17    0.00s  0.00s  0.00s w

And pam-systemd shows the following message:

Apr 08 16:17:06 focal sshd[1584]: pam_unix(sshd:session): session opened
for user 0 by (uid=0)
Apr 08 16:17:06 focal sshd[1584]: pam_systemd(sshd:session): pam-systemd
initializing
Apr 08 16:17:06 focal sshd[1584]: pam_systemd(sshd:session): Failed to get
user record: Invalid argument




I personally think that fully numeric usernames are generally a bad idea,
but I'm not familiar with the background on this topic (I assume this is
not an expected behavior, as it started happening in Focal). Should useradd
allow such usernames given the interaction with systemd? If so, can we
document this somewhere?

Thanks,

Victor


[1] man useradd

On Debian, the only constraints are that usernames must neither start with
a dash ('-') nor plus ('+') nor tilde ('~') nor contain a colon (':'), a
comma (','), or a whitespace (space: ' ', end of line: '\n', tabulation:
'\t', etc.). Note that using a slash ('/') may break the default algorithm
for the definition of the user's home directory.

[2] https://github.com/systemd/systemd/blob/main/docs/USER_NAMES.md

"Similar, no names consisting of an initial hyphen and otherwise entirely
made up of digits (rationale: avoid confusion with negative, numeric
UID/GID specifications, e.g. -1)"

This topic has been discussed a few times:
https://github.com/systemd/systemd/issues/15141#issuecomment-722219603
https://github.com/systemd/systemd/pull/15352#issuecomment-652897620
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-devel/attachments/20210408/ce28b722/attachment.html>

More information about the ubuntu-devel mailing list