diff -urp shadow-4.0.4.1.orig/lib/getdef.c shadow-4.0.4.1/lib/getdef.c --- shadow-4.0.4.1.orig/lib/getdef.c Mon May 12 02:40:08 2003 +++ shadow-4.0.4.1/lib/getdef.c Thu Nov 11 20:23:41 2004 @@ -77,6 +77,7 @@ static struct itemdef def_table[] = { { "GETPASS_ASTERISKS", NULL }, { "GID_MAX", NULL }, { "GID_MIN", NULL }, + { "GROUPNAME_MAX", NULL }, { "HUSHLOGIN_FILE", NULL }, { "ISSUE_FILE", NULL }, { "KILLCHAR", NULL }, @@ -119,7 +120,8 @@ static struct itemdef def_table[] = { { "ULIMIT", NULL }, { "UMASK", NULL }, { "USERDEL_CMD", NULL }, - { "USERGROUPS_ENAB", NULL } + { "USERGROUPS_ENAB", NULL }, + { "USERNAME_MAX", NULL } }; #ifndef LOGINDEFS diff -urp shadow-4.0.4.1.orig/libmisc/chkname.c shadow-4.0.4.1/libmisc/chkname.c --- shadow-4.0.4.1.orig/libmisc/chkname.c Mon May 12 05:29:14 2003 +++ shadow-4.0.4.1/libmisc/chkname.c Thu Sep 30 08:46:31 2004 @@ -8,6 +8,7 @@ #include "rcsid.h" RCSID ("$Id: chkname.c,v 1.8 2003/05/12 05:29:14 kloczek Exp $") #include +#include "getdef.h" #include "defines.h" #include "chkname.h" #if HAVE_UTMPX_H @@ -34,8 +35,14 @@ static int good_name (const char *name) return 1; } +static unsigned int min (unsigned int a, unsigned int b) +{ + return a < b ? a : b; +} + int check_user_name (const char *name) { + unsigned int max_len; #if HAVE_UTMPX_H struct utmpx ut; #else @@ -44,9 +51,10 @@ int check_user_name (const char *name) /* * User names are limited by whatever utmp can - * handle (usually max 8 characters). + * handle and the settings in login.defs */ - if (strlen (name) > sizeof (ut.ut_user)) + max_len = min (getdef_unum ("USERNAME_MAX", 32), sizeof (ut.ut_user)); + if (strlen (name) > max_len) return 0; return good_name (name); @@ -55,10 +63,9 @@ int check_user_name (const char *name) int check_group_name (const char *name) { /* - * Arbitrary limit for group names - max 16 - * characters (same as on HP-UX 10). + * Arbitrary limit for group names. */ - if (strlen (name) > 16) + if (strlen (name) > min (getdef_unum ("GROUPNAME_MAX", 32), 32)) return 0; return good_name (name); diff -urp shadow-4.0.4.1.orig/man/login.defs.5 shadow-4.0.4.1/man/login.defs.5 --- shadow-4.0.4.1.orig/man/login.defs.5 Thu May 1 18:17:39 2003 +++ shadow-4.0.4.1/man/login.defs.5 Thu Nov 11 20:24:46 2004 @@ -27,6 +27,9 @@ .\" .\" $Id: login.defs.5,v 1.12 2003/05/01 18:17:39 kloczek Exp $ .\" +.\" 2004/09/29 Juan M. Bello Rivas +.\" Documented USERNAME_MAX and GROUPNAME_MAX +.\" .TH LOGIN.DEFS 5 .SH NAME /etc/login.defs \- shadow password suite configuration @@ -77,6 +80,10 @@ default. This option is OR'ed with the \ Range of group IDs to choose from for the fBuseradd\fR and \fBgroupadd\fR programs. .\" +.IP "GROUPNAME_MAX (number)" +Maximum number of characters for group names. This value can't be greater than +32. If not specified, 32 characters will be assumed. +.\" .IP "MAIL_DIR (string)" The mail spool directory. This is needed to manipulate the mailbox when its corresponding user account is modified or deleted. If not specified, a @@ -112,6 +119,11 @@ If defined, this command is run when rem It should remove any at/cron/print jobs etc. owned by the user to be removed (passed as the first argument). .\" +.IP "USERNAME_MAX (number)" +Maximum number of characters for user names. This value must be less than or +equal to the length of an user name in utmp login records (usually 32 +characters). If not specified, 32 characters will be assumed. +.\" .SH CROSS REFERENCE The following cross reference shows which programs in the shadow password suite use which parameters. @@ -122,6 +134,9 @@ CHFN_AUTH CHFN_RESTRICT CHFN_AUTH .IP groupadd 12 GID_MAX GID_MIN +GROUPNAME_MAX +.IP groupmod 12 +GROUPNAME_MAX .IP newusers 12 PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE UMASK @@ -133,11 +148,13 @@ GID_MAX GID_MIN PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE UID_MAX UID_MIN UMASK +USERNAME_MAX GROUPNAME_MAX .IP userdel 12 MAIL_DIR USERDEL_CMD .IP usermod 12 MAIL_DIR +USERNAME_MAX .ad .SH BUGS Much of the functionality that used to be provided by the shadow password