Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I would like to modify PAM such that when a person authentications, PAM tries the username exactly as given (which is how it normally works), then if there is no exact match, tries either the all lower case version, or the first case-insensitive match. I downloaded the latest PAM source, from http://www.kernel.org/pub/linux/libs...-1.0.1.tar.bz2 but I am not exactly sure, where in there, I need to start looking. I thought pam_unix was the responsible module, so I checked in modules/pam_unix/pam_unix_acct.c.
I'm guessing I'd want to manually change all usernames to the lower case spelling, then change line 190 from:
uname = void_uname;
to
uname = lcase(void_uname);
But that would really not do all I wanted because it wouldn't attempt the exact given username first, or search for any case.
Am I missing an easier solution to this? Has someone else already done it? (No, I do not have the option to mandate which capitalization user names will be given as.) I don't need a lecture on why you think usernames should be lower case, or why you think case is important. I'm asking if anyone has experience making PAM authenticate insensitive to case.
The easiest way is to modify your adduser stuff so it lowercases the username before it creates them, then your lcase mod that you've already done will work no matter how mixed the case is that the user has decided to log in with. Many isps do this in their email and connection authentication databases because people will use all different kinds of capitalization on their namesR. Otherwise you'll have a complete explosion in the size of your search for what possible letters might be capitialized.
OK, seriously, I meant it when I said I didn't want to debate the righteousness of all lower case. My name is not billy. It is Billy. That is reality. Now I don't really care what my username is, but other people do. If it really was true that that usernames could only be lower case, then login, and any other program, shouldn't have any trouble ignoring the case of usernames it's given. However, it is quite possible to create two users with the same username, and different capitalization (or two users who's usernames differ only in case if that's how you would like to say it). I don't know of anyone who actually does this, but is possible.
Mr. C., your name is Mr. C., not mr. c.. Machines exist to improve the lives of humans, not create arbitrary constraints upon them. I do not use Unix. I use GNU/Linux. The very name declares "not Unix".
Further, my intention is not to place constraints on users, but to fix the machine so that it may respond with better exception handling when looking up a username.
The referenced man page is either incorrect, or when it used the word "should" it was speaking of the personal tastes of its author. I have used usernames before with capitalization, and experienced no trouble logging in (gdm and ttys). Perhaps that limitation corrected in the RedHat derived distributions I use. And, any debate over whether capitalization is 'good' or 'bad' or 'ok' is irrelevant. That's not the goal.
The goal is to allow a person, specifying any capitalization-only variant, and the correct password, to authenticate to their account. Once they're in, the ${USER} variable, and whoami, should show them the username as stored in /etc/passwd. I only mean to fix the authentication process to accept variance in capitalization of HUMAN PROVIDED username before/during authentication.
It sounds like the lcase() idea would be the easiest to implement still. I was hoping there was some alternate pam_unix.so that included an option for this.
The constraints are placed by system standards. You can user other authentication methods as you see fit and to suit your needs, but standard unix/linux /etc/passwd is lowercase. Game over.
If you want to develop your own version of a distribution, and change various library calls, system utilities, tty driver, etc. by all means, go right ahead. It is far more difficult that you imagine.
The constraints are placed by system standards. ... but standard unix/linux /etc/passwd is lowercase.
I created a user named IUseUpperCase, just a minute ago, logged in, and am posting this reply as that user. This is on Fedora 8 x86_64 with no extra effort my part aside from "useradd IUseUpperCase". The man page is incorrect.
I do not intend to have a user named IUseUpperCase and a user named iuseuppercase. What I want is to have just one user, and they log in using whatever capitalization they prefer.
This http://puszcza.gnu.org.ua/software/p...ules.html#SEC6 Seems to be close to what I want, but I can't figure how where to put it in /etc/pam.d/system-auth so that it does its transform before anything sees the username.
You are missing the point. There are OTHER dependencies that you are not aware of.
Its not that you can't create user names with mixed case. Its that other tools are case-preserving, case-insensitive, or case-sensitive. For example, MTAs such as sendmail or postfix:
man aliases:
Quote:
The name is a local address (no domain part). Use double quotes when
the name contains any special characters such as whitespace, `#', `:',
or `@'. The name is folded to lowercase, in order to make database
lookups case insensitive.
That's fine. Any tools that get launched after login would get the username from ${USER} or get the UID of the person that started the process. I don't mean to change what the user's username is. I mean to change how they authenticate. How the person authenticates, to become the user. After authentication, they would be the user precisely capitalized as specified in /etc/passwd
Its not fine, and your thesis is quite simply incorrect. Other applications use standard library calls such as getpwnam() to extract information from the passwd database. And they make assumptions based upon standard practices. Thus, user "joe" will also get email sent to your different user Joe, or JOe or JoE. Case does matter, whether or not you want to believe it.
Thanks for being done with it. It was obvious from the beginning all you wanted to do was argue semantics of username capitalization, which I explicitly stated was not welcome. My question was never about usernames themselves. Stop getting distracted. It was about AUTHENTICATION. I'll wait, and try to figure out how to make this work on my own, or with help from someone else.
Last edited by BillyCrook; 07-02-2008 at 03:51 AM.
I guess to re state the whole thing again. say there is a user bob, with a home directroy at /home/bob/ I need bob to be able to log in by supplying the username "iamnotbob" and the password of the user bob. There we go. A nice example without using capitalization anywhere. Now take that concept, replacing iamnotbob with bob, and extrapolate it to flexible input matching like samba does. That's what I'm trying to do.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.