* bug#53743: Using spaces in names doesn't have complete sanitization
@ 2022-02-03 4:49 Tsarina Baelarina Nina
2022-02-03 18:32 ` Maxime Devos
0 siblings, 1 reply; 4+ messages in thread
From: Tsarina Baelarina Nina @ 2022-02-03 4:49 UTC (permalink / raw)
To: 53743
[-- Attachment #1.1: Type: text/plain, Size: 452 bytes --]
I put my name as Tsarina Baelarina Nina, as opposed to my real name. It
created the correct home profile, but also included the two extra empty
directories in my home directory as included in the attachment for
proof. I think I remember reading something about camel casing for user
names on the system, as in the name can't start with a capital letter,
but I thought you could get away with spaces if you escaped the strings
properly \(space).
[-- Attachment #1.2: Type: text/html, Size: 563 bytes --]
[-- Attachment #2: Screenshot from 2022-02-02 20-39-05.png --]
[-- Type: image/png, Size: 306476 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* bug#53743: Using spaces in names doesn't have complete sanitization
2022-02-03 4:49 bug#53743: Using spaces in names doesn't have complete sanitization Tsarina Baelarina Nina
@ 2022-02-03 18:32 ` Maxime Devos
2022-02-04 4:18 ` Leo Famulari
2022-02-04 4:50 ` Leo Famulari
0 siblings, 2 replies; 4+ messages in thread
From: Maxime Devos @ 2022-02-03 18:32 UTC (permalink / raw)
To: Tsarina Baelarina Nina, 53743
[-- Attachment #1.1: Type: text/plain, Size: 765 bytes --]
Tsarina Baelarina Nina schreef op wo 02-02-2022 om 20:49 [-0800]:
> I put my name as Tsarina Baelarina Nina, as opposed to my real name.
> It created the correct home profile, but also included the two extra
> empty directories in my home directory as included in the attachment
> for proof. I think I remember reading something about camel casing
> for user names on the system, as in the name can't start with a
> capital letter, but I thought you could get away with spaces if you
> escaped the strings properly \(space).
I can reproduce with the attached configuration.
I'm wondering what software is creating these 'Baelarina' and 'Nina'
subdirectories of '/home/Tsarina Baelarina Nina/' ... is it Guix, is it
GDM, is it the GNOME desktop ...?
[-- Attachment #1.2: vm-image.tmpl --]
[-- Type: text/plain, Size: 4524 bytes --]
;; This is an operating system configuration for a VM image.
;; Modify it as you see fit and instantiate the changes by running:
;;
;; guix system reconfigure /etc/config.scm
;;
(use-modules (gnu) (guix) (srfi srfi-1))
(use-service-modules desktop mcron networking spice ssh xorg sddm)
(use-package-modules bootloaders certs fonts nvi
package-management wget xorg)
(define vm-image-motd (plain-file "motd" "
\x1b[1;37mThis is the GNU system. Welcome!\x1b[0m
This instance of Guix is a template for virtualized environments.
You can reconfigure the whole system by adjusting /etc/config.scm
and running:
guix system reconfigure /etc/config.scm
Run '\x1b[1;37minfo guix\x1b[0m' to browse documentation.
\x1b[1;33mConsider setting a password for the 'root' and 'guest' \
accounts.\x1b[0m
"))
;;; XXX: Xfce does not implement what is needed for the SPICE dynamic
;;; resolution to work (see:
;;; https://gitlab.xfce.org/xfce/xfce4-settings/-/issues/142). Workaround it
;;; by manually invoking xrandr every second.
(define auto-update-resolution-crutch
#~(job '(next-second)
(lambda ()
(setenv "DISPLAY" ":0.0")
(setenv "XAUTHORITY" "/home/guest/.Xauthority")
(execl (string-append #$xrandr "/bin/xrandr") "xrandr" "-s" "0"))
#:user "guest"))
(pk 'os
(operating-system
(host-name "gnu")
(timezone "Etc/UTC")
(locale "en_US.utf8")
(keyboard-layout (keyboard-layout "us" "altgr-intl"))
;; Label for the GRUB boot menu.
(label (string-append "GNU Guix " (package-version guix)))
(firmware '())
;; Below we assume /dev/vda is the VM's hard disk.
;; Adjust as needed.
(bootloader (bootloader-configuration
(bootloader grub-bootloader)
(targets '("/dev/vda"))
(terminal-outputs '(console))))
(file-systems (cons (file-system
(mount-point "/")
(device "/dev/vda1")
(type "ext4"))
%base-file-systems))
(users (cons (user-account
(name "Tsarina Baelarina Nina")
(comment "GNU Guix Live")
(password "") ;no password
(group "users")
(supplementary-groups '("wheel" "netdev"
"audio" "video")))
%base-user-accounts))
;; Our /etc/sudoers file. Since 'guest' initially has an empty password,
;; allow for password-less sudo.
(sudoers-file (plain-file "sudoers" "\
root ALL=(ALL) ALL
%wheel ALL=NOPASSWD: ALL\n"))
(packages (append (list font-bitstream-vera nss-certs nvi wget)
%base-packages))
(services
(append (list (service gnome-desktop-service-type)
;; Uncomment the line below to add an SSH server.
;;(service openssh-service-type)
;; Add support for the SPICE protocol, which enables dynamic
;; resizing of the guest screen resolution, clipboard
;; integration with the host, etc.
(service spice-vdagent-service-type)
(simple-service 'cron-jobs mcron-service-type
(list auto-update-resolution-crutch))
;; Use the DHCP client service rather than NetworkManager.
(service dhcp-client-service-type))
;; Remove some services that don't make sense in a VM.
(remove (lambda (service)
(let ((type (service-kind service)))
(or (memq type
(list #;gdm-service-type
sddm-service-type
wpa-supplicant-service-type
cups-pk-helper-service-type
network-manager-service-type
modem-manager-service-type))
(eq? 'network-manager-applet
(service-type-name type)))))
(modify-services %desktop-services
(login-service-type config =>
(login-configuration
(inherit config)
(motd vm-image-motd)))))))
;; Allow resolution of '.local' host names with mDNS.
(name-service-switch %mdns-host-lookup-nss)))
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 260 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* bug#53743: Using spaces in names doesn't have complete sanitization
2022-02-03 18:32 ` Maxime Devos
@ 2022-02-04 4:18 ` Leo Famulari
2022-02-04 4:50 ` Leo Famulari
1 sibling, 0 replies; 4+ messages in thread
From: Leo Famulari @ 2022-02-04 4:18 UTC (permalink / raw)
To: Maxime Devos; +Cc: 53743, Tsarina Baelarina Nina
On Thu, Feb 03, 2022 at 06:32:51PM +0000, Maxime Devos wrote:
> Tsarina Baelarina Nina schreef op wo 02-02-2022 om 20:49 [-0800]:
> > I put my name as Tsarina Baelarina Nina, as opposed to my real name.
> > It created the correct home profile, but also included the two extra
> > empty directories in my home directory as included in the attachment
> > for proof. I think I remember reading something about camel casing
> > for user names on the system, as in the name can't start with a
> > capital letter, but I thought you could get away with spaces if you
> > escaped the strings properly \(space).
>
> I can reproduce with the attached configuration.
> I'm wondering what software is creating these 'Baelarina' and 'Nina'
> subdirectories of '/home/Tsarina Baelarina Nina/' ... is it Guix, is it
> GDM, is it the GNOME desktop ...?
I'm not very familiar with this part of the system, but I think that
user home directories are created here, in ((gnu build activation)
activate-users+groups):
https://git.savannah.gnu.org/cgit/guix.git/tree/gnu/build/activation.scm?id=ff093f5739a61e77b296feccc48d260b9bb574c0#n160
^ permalink raw reply [flat|nested] 4+ messages in thread
* bug#53743: Using spaces in names doesn't have complete sanitization
2022-02-03 18:32 ` Maxime Devos
2022-02-04 4:18 ` Leo Famulari
@ 2022-02-04 4:50 ` Leo Famulari
1 sibling, 0 replies; 4+ messages in thread
From: Leo Famulari @ 2022-02-04 4:50 UTC (permalink / raw)
To: Maxime Devos; +Cc: 53743, Tsarina Baelarina Nina
On Thu, Feb 03, 2022 at 06:32:51PM +0000, Maxime Devos wrote:
> I can reproduce with the attached configuration.
> I'm wondering what software is creating these 'Baelarina' and 'Nina'
> subdirectories of '/home/Tsarina Baelarina Nina/' ... is it Guix, is it
> GDM, is it the GNOME desktop ...?
I tried to create a minimal reproducer by editing the user-account in
'gnu/system/examples/bare-bones.tmpl' with the name "Tsarina Baelarina
Nina".
Guix did the right thing, and created a single directory called
'/home/Tsarina Baelarina Nina/', without the bogus subdirectories.
So, if it is caused by Guix, it's not the basic user-account tooling
that does it.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2022-02-04 4:52 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-02-03 4:49 bug#53743: Using spaces in names doesn't have complete sanitization Tsarina Baelarina Nina
2022-02-03 18:32 ` Maxime Devos
2022-02-04 4:18 ` Leo Famulari
2022-02-04 4:50 ` Leo Famulari
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).