Participants
Oliver Elphick
Oliver Elphick
Bruce Momjian
Bruce Momjian
John Goerzen
John Goerzen
The Hermit Hacker
The Hermit Hacker
Attachments

No attachments in this thread

Thread Outline
#1Oliver ElphickOliver Elphick
Apr 26, 1998
#2Bruce MomjianBruce Momjianto Oliver Elphick (#1)
Apr 26, 1998
#3...#5
John GoerzenThe Hermit HackerOliver Elphick
to Oliver Elphick (#1)
Apr 28, 1998
#3John GoerzenJohn Goerzento Oliver Elphick (#1)
Apr 28, 1998
#4The Hermit HackerThe Hermit Hackerto John Goerzen (#3)
Apr 28, 1998
#5Oliver ElphickOliver Elphickto The Hermit Hacker (#4)
Apr 28, 1998

User names cannot contain `-'

Started by Oliver Elphickover 27 years ago5 messages
#1Oliver Elphick
Oliver Elphick
olly@lfix.co.uk

I have a bug reported on the Debian package of 6.3.2:

videotapes=> grant all on tapes to www-data;
ERROR: aclparse: non-existent user "www"

It is, in fact, impossible to create the user www-data:

template1=> create user www-data;
ERROR: parser: parse error at or near "-"
template1=> create user 'www-data';
ERROR: parser: parse error at or near "'"

So there are two problems:

1. The error message

`ERROR: aclparse: non-existent user "www"'

is incorrect. The parser should actually object to the `-' character; it
appears to be silently dropping the `-data'.

2. The range of possible user names is not the same as the range of possible
Unix login names. However, the manual pages do not define what characters
are valid. The SQL standard is silent on this point; it simply regards
the current user name as an identifier supplied by the system. On the
other hand, it is clear that PostgreSQL regards a user name as an SQL
identifier, so that there is no distinction of case and no punctuation
characters are allowed.

Is it possible to make the parser accept the full range of Unix login names,
including some punctuation characters and upper- and lower-case letters?

--
Oliver Elphick Oliver.Elphick@lfix.co.uk
Isle of Wight http://www.lfix.co.uk/oliver

PGP key from public servers; key ID 32B8FAA1

========================================
Come to me, all you who labour and are heavily laden, and I will
give you rest. Take my yoke upon you, and learn from me; for I am
meek and lowly in heart, and you shall find rest for your souls.
For my yoke is easy and my burden is light. (Matthew 11: 28-30)

#2Bruce Momjian
Bruce Momjian
maillist@candle.pha.pa.us
In reply to: Oliver Elphick (#1)
Re: [HACKERS] User names cannot contain `-'

I have a bug reported on the Debian package of 6.3.2:

videotapes=> grant all on tapes to www-data;
ERROR: aclparse: non-existent user "www"

It is, in fact, impossible to create the user www-data:

template1=> create user www-data;
ERROR: parser: parse error at or near "-"
template1=> create user 'www-data';
ERROR: parser: parse error at or near "'"

So there are two problems:

1. The error message

`ERROR: aclparse: non-existent user "www"'

is incorrect. The parser should actually object to the `-' character; it
appears to be silently dropping the `-data'.

2. The range of possible user names is not the same as the range of possible
Unix login names. However, the manual pages do not define what characters
are valid. The SQL standard is silent on this point; it simply regards
the current user name as an identifier supplied by the system. On the
other hand, it is clear that PostgreSQL regards a user name as an SQL
identifier, so that there is no distinction of case and no punctuation
characters are allowed.

We allow undercores, but not dashes.

-- 
Bruce Momjian                          |  830 Blythe Avenue
maillist@candle.pha.pa.us              |  Drexel Hill, Pennsylvania 19026
  +  If your life is a hard drive,     |  (610) 353-9879(w)
  +  Christ can be your backup.        |  (610) 853-3000(h)
#3John Goerzen
John Goerzen
jgoerzen@complete.org
In reply to: Oliver Elphick (#1)
Re: User names cannot contain `-'

"Oliver Elphick" <olly@lfix.co.uk> writes:

I have a bug reported on the Debian package of 6.3.2:

videotapes=> grant all on tapes to www-data;
ERROR: aclparse: non-existent user "www"

It is, in fact, impossible to create the user www-data:

template1=> create user www-data;
ERROR: parser: parse error at or near "-"
template1=> create user 'www-data';
ERROR: parser: parse error at or near "'"

I believe createuser program did that for me (either that or it was
preinstalled; I don't recall.) I did not issue a direct SQL command
to do it, so I think it is likely that createuser did it.

In any case:

template1=> select usename, usesysid, valuntil from pg_shadow;
usename |usesysid|valuntil
--------+--------+----------------------------
postgres| 31|Sat Jan 31 00:00:00 2037 CST
www-data| 33|Sat Jan 31 00:00:00 2037 CST
jgoerzen| 1000|Sat Jan 31 00:00:00 2037 CST
(3 rows)

--
John Goerzen Linux, Unix programming jgoerzen@complete.org |
Developer, Debian GNU/Linux (Free powerful OS upgrade) www.debian.org |
----------------------------------------------------------------------------+
``You'll notice that this scanner, Bill [Gates]...'' <Blue Screen of Death>
``Whoa!'' <Applause> ``Moving right along....'' -- Microsoft (Comdex
video at: http://cnn.com/TECH/computing/9804/20/gates.comdex/index.html

Import Notes
Reply to msg id not found: OliverElphicksmessageofSun26Apr1998080209+0200
#4The Hermit Hacker
The Hermit Hacker
scrappy@hub.org
In reply to: John Goerzen (#3)
Re: [HACKERS] Re: User names cannot contain `-'

On 27 Apr 1998, John Goerzen wrote:

"Oliver Elphick" <olly@lfix.co.uk> writes:

I have a bug reported on the Debian package of 6.3.2:

videotapes=> grant all on tapes to www-data;
ERROR: aclparse: non-existent user "www"

It is, in fact, impossible to create the user www-data:

template1=> create user www-data;
ERROR: parser: parse error at or near "-"
template1=> create user 'www-data';
ERROR: parser: parse error at or near "'"

I believe createuser program did that for me (either that or it was
preinstalled; I don't recall.) I did not issue a direct SQL command
to do it, so I think it is likely that createuser did it.

In any case:

template1=> select usename, usesysid, valuntil from pg_shadow;
usename |usesysid|valuntil
--------+--------+----------------------------
postgres| 31|Sat Jan 31 00:00:00 2037 CST
www-data| 33|Sat Jan 31 00:00:00 2037 CST
jgoerzen| 1000|Sat Jan 31 00:00:00 2037 CST
(3 rows)

This might have already been gone over, but if this was an upgrade
from a previous release, its possible that this was created with a
'dump/reload'?

#5Oliver Elphick
Oliver Elphick
olly@lfix.co.uk
In reply to: The Hermit Hacker (#4)
Re: [HACKERS] Re: User names cannot contain `-'

The Hermit Hacker wrote:

template1=> select usename, usesysid, valuntil from pg_shadow;
usename |usesysid|valuntil
--------+--------+----------------------------
postgres| 31|Sat Jan 31 00:00:00 2037 CST
www-data| 33|Sat Jan 31 00:00:00 2037 CST

...

This might have already been gone over, but if this was an upgrade
from a previous release, its possible that this was created with a
'dump/reload'?

Createuser does not use the CREATE USER command. It updates the
system tables directly. This enables it to be used to specify a user id,
which CREATE USER does not allow. However, it also allows inconsistencies
to arise, as here. So createuser can put in user names that CREATE USER
cannot and that GRANT does not recognise.

--
Oliver Elphick Oliver.Elphick@lfix.co.uk
Isle of Wight http://www.lfix.co.uk/oliver

PGP key from public servers; key ID 32B8FAA1

========================================
Come to me, all you who labour and are heavily laden, and I will
give you rest. Take my yoke upon you, and learn from me; for I am
meek and lowly in heart, and you shall find rest for your souls.
For my yoke is easy and my burden is light. (Matthew 11: 28-30)

Import Notes
Reply to msg id not found: MessagefromTheHermitHackerscrappy@hub.orgofTue28Apr1998083529EDT.Pine.NEB.3.95.980428083446.6639C-100000@hub.org | Resolved by subject fallback
← Back to Topics