#5822 Cannot create user with username exactly 255 charaters long
Closed: Fixed None Opened 6 years ago by dkupka.

Steps to reproduce:

$ ipa config-mod --maxusername 255
$ ipa user-add $(printf "x%.s" {1..255}) --first Test --last User

Got:

ipa: ERROR: invalid 'login': may only include letters, numbers, _, -, . and $

Expected:

----------------------------
Added user "xxxxx...x"
----------------------------
...

The root cause is uid pattern in baseuser.py

pattern='^[a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,252}[a-zA-Z0-9_.$-]?$'

it results in rejecting usernames longer than 254 characters.

I propose replacing "{0,252}" with "*", the length is checked on other places anyway.


    mbasti: just replacing '{0, 252}' with '*' in regexp (twice)

    + open doc bug for RHEL7.3 because the regexp is listed there

    dkupka: there are more similar regexps (group (cn), idviews (uid), topology (topologysegmentname)) maybe it is worth to take look on them too.

    [mkosek] do not boil the oceans :-) I would do the fix that mbasti suggests (4-liner) and move to more important tickets

This ticket is out of scope of 4.4.0 release. Moving to 4.4.1. Note that 4.4.1 needs to be triaged, therefore not everything will be implemented.

master:

  • 3720080 Fix regexp patterns in parameters to not enforce length
  • 8f8e3d0 Use constant for user and group patterns

ipa-4-4:

  • 85ee93d Fix regexp patterns in parameters to not enforce length
  • 6391441 Use constant for user and group patterns

Metadata Update from @dkupka:
- Issue assigned to mbasti
- Issue set to the milestone: FreeIPA 4.4.2

5 years ago

Login to comment on this ticket.

Metadata