Index: reserved-usernames =================================================================== --- reserved-usernames (revision 0) +++ reserved-usernames (revision 0) @@ -0,0 +1,94 @@ +# Static users from base-passwd/passwd.master. +root +daemon +bin +sys +sync +games +man +lp +mail +news +uucp +proxy +www-data +backup +list +irc +gnats +nobody + +# Other static groups from base-passwd/group.master. +adm +tty +disk +kmem +dialout +fax +voice +cdrom +floppy +tape +sudo +audio +dip +operator +src +shadow +utmp +video +sasl +plugdev +staff +users +nogroup + +# Reserved usernames listed in base-passwd/README. +netplan +ftn +mysql +tac-plus +alias +qmail +qmaild +qmails +qmailr +qmailq +qmaill +qmailp +asterisk +vpopmail +vchkpw + +# Other miscellaneous system users/groups created by common packages. +Debian-exim +admin +bind +crontab +cupsys +dhcp +dictd +ftp +fuse +gdm +# "hal" is a bit annoying, because it's also a not uncommon human name. It's +# haldaemon in Ubuntu ... +hal +haldaemon +hplilp +identd +klog +lpadmin +messagebus +netdev +powerdev +saned +sbuild +scanner +slocate +ssh +sshd +ssl-cert +statd +syslog +tftpd Index: debian/user-setup.install =================================================================== --- debian/user-setup.install (revision 40628) +++ debian/user-setup.install (working copy) @@ -2,3 +2,4 @@ user-setup-ask usr/lib/user-setup user-setup-apply usr/lib/user-setup functions.sh usr/lib/user-setup +reserved-usernames usr/lib/user-setup Index: debian/user-setup-udeb.templates =================================================================== --- debian/user-setup-udeb.templates (revision 40628) +++ debian/user-setup-udeb.templates (working copy) @@ -80,6 +80,12 @@ a lower-case letter, which can be followed by any combination of numbers and more lower-case letters. +Template: passwd/username-reserved +Type: error +_Description: Reserved username + The user name you entered (${USERNAME}) is reserved for use by the system. + Please select a different one. + Template: passwd/user-password Type: password _Description: Choose a password for the new user: Index: debian/changelog =================================================================== --- debian/changelog (revision 40628) +++ debian/changelog (working copy) @@ -1,3 +1,14 @@ +user-setup (1.6) UNRELEASED; urgency=low + + * Detect and error out on reserved usernames, i.e. those that are already + used by some parts of the system. Unfortunately there's no particularly + straightforward way to identify a reserved username, and the only way I + can think of is to maintain a blacklist; so I've collated this from the + base-passwd master files and those user and group names I found on some + of my systems. Feel free to extend this as the need arises. + + -- Colin Watson Wed, 13 Sep 2006 21:55:40 +0100 + user-setup (1.5) unstable; urgency=low [ Frans Pop ] Index: debian/user-setup-udeb.install =================================================================== --- debian/user-setup-udeb.install (revision 40628) +++ debian/user-setup-udeb.install (working copy) @@ -1,4 +1,5 @@ user-setup-ask usr/bin user-setup-apply usr/bin functions.sh usr/lib/user-setup +reserved-usernames usr/lib/user-setup finish-install.d usr/lib Index: user-setup-ask =================================================================== --- user-setup-ask (revision 40628) +++ user-setup-ask (working copy) @@ -143,6 +143,15 @@ continue fi + if ! grep -v '^#' /usr/lib/user-setup/reserved-usernames | \ + grep -q "^$USER$"; then + db_fset passwd/username seen false + db_fset passwd/username-reserved seen false + db_input critical passwd/username-reserved + STATE=3 + continue + fi + db_get passwd/user-password-crypted || true if ! test "$RET" ; then db_input critical passwd/user-password || true