invalid user name, with dot
 

I am trying to useradd a username: m.smith. I get "useradd: invalud user name 'm.smith'". I know I've done this before, about 8 months ago, because I have 11 such users of the format fi.lastname. Apparently I forgot what I did.

What's the solution? (Slackware 14.1).

I do not really suggest you to use invalid names, but actually you can try to create that user with an accepted name and rename it in /etc/passwd later.
I wouldn't do that.

I found a few threads of interest:

http://www.linuxquestions.org/questi...period-945610/
http://www.linuxquestions.org/questi...r-name-793776/
https://bbs.archlinux.org/viewtopic.php?id=165574

Apparently, having a period in the username has never been allowed by useradd, but you can manually do it by editing /etc/passwd and /etc/shadow and creating a home directory, though I wouldn't recommend that either. You could also hack the useradd source code to allow periods and recompile, which would probably be a better solution if you really need it. As far as I can tell, there aren't really any major reasons why having a period in a username would cause problems.

The issues that I can think of is usernames that start with a . would cause things like the default home directory name to be a hidden file. It may also break gnu versions chown and scripts that use it, if the user.group format is used.

probably won't parse right by those tools if it was
I am sure other software like for example various daemons for FTP, or web applications, if they are secure probably filter their inputs and only allow legal usernames to be entered. Your users with noncanonical names may also have issues with these applications.

Basically this isn't a good idea.

I don't consider those major issues, though of course one of those cases we haven't thought about might end up being a major issue. I agree it's not a good idea if it's not needed for some reason.

We don't have usernames that start with a dot, but policy dictates no choice otherwise. Our email addresses end up being f.last@mydom.com where 'f' is first initial and 'last' is last name. Yes, I can see that `chown group.f.last file` could be confusing, but not that much. The chown program could assume the 1st token is group and remaining tokens are user. And, we can always do `chown 200:1019 file` and not have a problem. passwd and other such programs seem to work fine with usernames having a dot.

I did edit the /etc/passwd and /etc/shadow files, which seems to have worked, but I swear I didn't do this a year ago when I created a batch of other users -- I just can't remember what I did if not the edit approach.

Well if it were me I would still use canonical user names and create e-mail alias in that situation. I do application security testing so I see lots of environments and even in mostly windows shops I can think of very few cases where anyone has user names with characters outsize [A-z0-9] for network/pc logins anyway.

Not a bad idea, but the users in question are external, not tech-savvy. They log into webmail with their userId (containing '.'). So, having an un-dotted "real" userId doesn't help. Though, having said that I suppose I could alias dot.name to canonical nodotname.

In fact, that's one of the reasons we do have dots in the name - it makes it harder for spammers to synthesize email names. When we first created this set of users, without dot.names, one user was immediately flooded with spam since spammers had been trying that dotless id for quite a while.

Also, I've actually seen quite a few email addresses with dots in the usename portion. Perusing one of the maillog files shows 590 unique email addresses with dots in their names.

mfoley Makes sense. Sorry I did not mean to imply dots were unusual or in anyway disallowed in e-mail addresses, that is certainly not the case. I am not sure how . in e-mail addresses will do much to stop spam. If someone decides to target your domain they will likely do enough intelligence gathering ahead of time determine the address formats you use. first.last@, f.last@, last.first@ are all pretty common patterns that someone will likely try by just guessing. You might have got lucky because someones spam script was especially lame but I would not consider this any real protection. If you have been attacked in that way once, you can be sure it will happen again. You might want to look at other means of filtering.

To throw more mud on the problem. A decade ago when I first installed Slackware and used KDE's GUI User tool it let me create my username with a capital letter. Now if I try to useradd or adduser at the console of one of my servers it disallows this.

So me thinks its possible to use another tool to create your .'ed user name. if so inclined.

A google search leads to some forums where useradd or adduser will accept a --badname (or something like that I can't recall) that will allow a bad user name but it appears the version in Slackware doe not accept that switch.

chemfire: Thanks for the feedback and no, having a dot in the name is not our only means of thwarting spammers! There are rules in Sendmail and various mechanism with spamassassin and clamav. I've just happened to notice that there are less issues with j.smith versus jsmith, that's all.

Editing /etc/passwd and /etc/shadow seems to work OK with no bad side effects. In the past, I doubt I used one of the tools enine talked about, but I could swear I did something other than edit the passwd/shadow files. Perhaps I am deluded and my memory is playing tricks on me.

For now, I guess I'll go with the editing method.