Debian Bug report logs - #450954
Username 'admin' is reserved

Package: user-setup; Maintainer for user-setup is Debian Install System Team <debian-boot@lists.debian.org>; Source for user-setup is src:user-setup.

Reported by: Bill West <bill@bwi.com>

Date: Mon, 12 Nov 2007 17:06:02 UTC

Severity: minor

Tags: wontfix

Reply or subscribe to this bug.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Debian Install System Team <debian-boot@lists.debian.org>:
Bug#450954; Package debian-installer. Full text and rfc822 format available.

Acknowledgement sent to Bill West <bill@bwi.com>:
New Bug report received and forwarded. Copy sent to Debian Install System Team <debian-boot@lists.debian.org>. Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Bill West <bill@bwi.com>
To: submit@bugs.debian.org
Subject: Username 'admin' is reserved
Date: Mon, 12 Nov 2007 12:01:34 -0500
Package: debian-installer
Version:

Performed netboot install of testing (lenny) from debian.lcs.mit.edu,
on Nov. 11, 2007. Don't know how to get version information of
the installer, since it is downloaded from server, and then disappears.

When setting up the user account, the username 'admin' was rejected
as being 'reserved' in Debian Etch.

1.  This seems unreasonable if true. We have about 50 systems that
have this username, and I am sure there are many more systems using
'admin' as a username out in the world.

2.  There is no tool to migrate existing systems that have accounts
with username 'admin' that I know of, and it is probably impossible
to make one. (For example, mysql command line tool defaults to the
current username when connecting to the database server, so it would
be necessary to update the mysql tables to migrate the 'admin' user
to a different username.

3.  After the system is installed, adduser allows creating a user
with the username 'admin' with no complaint.

It is not really a problem that the installer does not allow creation
of an account with the username 'admin', just an inconvenience.  However,
the error message should not indicate that the 'admin' username is reserved,
since this is apparently not the case.

Bill West

BWI
887 Main Street, Suite D
Monroe, Connecticut  06468-2800
877 567-7450, 203 261-6027
FAX  203 261-5061
info@bwi.com
http://www.bwi.com

BWI and RackPaq are registered trademarks and
Destwin is a trademark of Bill West Incorporated




Information forwarded to debian-bugs-dist@lists.debian.org, Debian Install System Team <debian-boot@lists.debian.org>:
Bug#450954; Package debian-installer. Full text and rfc822 format available.

Acknowledgement sent to 450954@bugs.debian.org:
Extra info received and forwarded to list. Copy sent to Debian Install System Team <debian-boot@lists.debian.org>. Full text and rfc822 format available.

Message #10 received at 450954@bugs.debian.org (full text, mbox):

From: Frans Pop <elendil@planet.nl>
To: Bill West <bill@bwi.com>, 450954@bugs.debian.org
Subject: Re: Bug#450954: Username 'admin' is reserved
Date: Mon, 12 Nov 2007 18:44:48 +0100
reassign 450954 user-setup
severity 450954 minor
tags 450954 wontfix
thanks

On Monday 12 November 2007, Bill West wrote:
> When setting up the user account, the username 'admin' was rejected
> as being 'reserved' in Debian Etch.

According to the comments in the list of reserved user names, admin is 
included because it's a "Other miscellaneous system users/groups created by 
common packages".
I don't know exactly which common package creates admin (I suspect some 
database package).

This means that although admin is not actually used in a default 
installation, having it already in use could cause problems if that 
particular Debian package is installed later.
Therefore we prefer to list it as "reserved" to prevent its accidental use, 
but you are of course free to ignore that and create the account manually 
after installation (as you've already done).

Tagging the report "won't fix", but leaving it open as others may disagree.

Cheers,
FJP




Bug reassigned from package `debian-installer' to `user-setup'. Request was from Frans Pop <elendil@planet.nl> to control@bugs.debian.org. (Mon, 12 Nov 2007 17:54:06 GMT) Full text and rfc822 format available.

Severity set to `minor' from `normal' Request was from Frans Pop <elendil@planet.nl> to control@bugs.debian.org. (Mon, 12 Nov 2007 17:54:06 GMT) Full text and rfc822 format available.

Tags added: wontfix Request was from Frans Pop <elendil@planet.nl> to control@bugs.debian.org. (Mon, 12 Nov 2007 17:54:07 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Debian Install System Team <debian-boot@lists.debian.org>:
Bug#450954; Package user-setup. Full text and rfc822 format available.

Acknowledgement sent to Christian Perrier <bubulle@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian Install System Team <debian-boot@lists.debian.org>. Full text and rfc822 format available.

Message #21 received at 450954@bugs.debian.org (full text, mbox):

From: Christian Perrier <bubulle@debian.org>
To: 450954@bugs.debian.org
Cc: Bill West <bill@bwi.com>, cjwatson@debian.org
Subject: Re: Bug#450954: Username 'admin' is reserved
Date: Tue, 13 Nov 2007 06:14:36 +0000
[Message part 1 (text/plain, inline)]
(Cc Colin Watson to get attention)

Quoting Frans Pop (elendil@planet.nl):
> reassign 450954 user-setup
> severity 450954 minor
> tags 450954 wontfix
> thanks
> 
> On Monday 12 November 2007, Bill West wrote:
> > When setting up the user account, the username 'admin' was rejected
> > as being 'reserved' in Debian Etch.
> 
> According to the comments in the list of reserved user names, admin is 
> included because it's a "Other miscellaneous system users/groups created by 
> common packages".
> I don't know exactly which common package creates admin (I suspect some 
> database package).

From the changelog comment when this was added:

  [ Colin Watson ]
  * Detect and error out on reserved usernames, i.e. those that are already
    used by some parts of the system. Unfortunately there's no particularly
    straightforward way to identify a reserved username, and the only way I
    can think of is to maintain a blacklist; so I've collated this from the
    base-passwd master files and those user and group names I found on some
    of my systems. Feel free to extend this as the need arises.


So, Colin might tell this if he can find the systems he was looking at
when he did that change and he can find the information about which
package is using "admin".


[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian Install System Team <debian-boot@lists.debian.org>:
Bug#450954; Package user-setup. Full text and rfc822 format available.

Acknowledgement sent to Colin Watson <cjwatson@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian Install System Team <debian-boot@lists.debian.org>. Full text and rfc822 format available.

Message #26 received at 450954@bugs.debian.org (full text, mbox):

From: Colin Watson <cjwatson@debian.org>
To: Christian Perrier <bubulle@debian.org>
Cc: 450954@bugs.debian.org, Bill West <bill@bwi.com>
Subject: Re: Bug#450954: Username 'admin' is reserved
Date: Tue, 13 Nov 2007 10:01:01 +0000
On Tue, Nov 13, 2007 at 06:14:36AM +0000, Christian Perrier wrote:
> Quoting Frans Pop (elendil@planet.nl):
> > On Monday 12 November 2007, Bill West wrote:
> > > When setting up the user account, the username 'admin' was rejected
> > > as being 'reserved' in Debian Etch.
> > 
> > According to the comments in the list of reserved user names, admin is 
> > included because it's a "Other miscellaneous system users/groups created by 
> > common packages".
> > I don't know exactly which common package creates admin (I suspect some 
> > database package).
> 
> From the changelog comment when this was added:
> 
>   [ Colin Watson ]
>   * Detect and error out on reserved usernames, i.e. those that are already
>     used by some parts of the system. Unfortunately there's no particularly
>     straightforward way to identify a reserved username, and the only way I
>     can think of is to maintain a blacklist; so I've collated this from the
>     base-passwd master files and those user and group names I found on some
>     of my systems. Feel free to extend this as the need arises.
> 
> So, Colin might tell this if he can find the systems he was looking at
> when he did that change and he can find the information about which
> package is using "admin".

Ubuntu creates the admin group and adds the first user to it in order to
grant them sudo privileges. I forgot to comment this in the
reserved-usernames file at the time.

If you want to diverge on this, you can remove it if you like and I can
always add it back in for Ubuntu. It'll screw anyone who tries to
sidegrade to Ubuntu though.

Cheers,

-- 
Colin Watson                                       [cjwatson@debian.org]




Information forwarded to debian-bugs-dist@lists.debian.org, Debian Install System Team <debian-boot@lists.debian.org>:
Bug#450954; Package user-setup. Full text and rfc822 format available.

Acknowledgement sent to Christian Perrier <bubulle@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian Install System Team <debian-boot@lists.debian.org>. Full text and rfc822 format available.

Message #31 received at 450954@bugs.debian.org (full text, mbox):

From: Christian Perrier <bubulle@debian.org>
To: 450954@bugs.debian.org
Subject: Re: Bug#450954: Username 'admin' is reserved
Date: Tue, 13 Nov 2007 17:19:48 +0000
[Message part 1 (text/plain, inline)]
Quoting Colin Watson (cjwatson@debian.org):

> Ubuntu creates the admin group and adds the first user to it in order to
> grant them sudo privileges. I forgot to comment this in the
> reserved-usernames file at the time.
> 
> If you want to diverge on this, you can remove it if you like and I can
> always add it back in for Ubuntu. It'll screw anyone who tries to
> sidegrade to Ubuntu though.


I personnally think it wouldn't be good to diverge on this. I think we
all benefit from the differences between Debian and Ubuntu installer
being as close as possible.

I therefore suggest we keep admin as a reserved login, but better
document this in th reserved-usernames file.

[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian Install System Team <debian-boot@lists.debian.org>:
Bug#450954; Package user-setup. (Tue, 11 Feb 2014 20:03:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Josh Kelley <joshkel@gmail.com>:
Extra info received and forwarded to list. Copy sent to Debian Install System Team <debian-boot@lists.debian.org>. (Tue, 11 Feb 2014 20:03:05 GMT) Full text and rfc822 format available.

Message #36 received at 450954@bugs.debian.org (full text, mbox):

From: Josh Kelley <joshkel@gmail.com>
To: 450954@bugs.debian.org
Subject: Re: Bug#450954: Username 'admin' is reserved
Date: Tue, 11 Feb 2014 14:59:52 -0500
Ubuntu no longer uses the admin group (and, as far as I can tell,
never used the admin username).

http://askubuntu.com/a/122500/5682
https://bugs.launchpad.net/ubuntu/+source/policykit-1/+bug/893842

Based on this, I suggest removing admin from the list of reserved names.

-- 
Josh Kelley



Information forwarded to debian-bugs-dist@lists.debian.org, Debian Install System Team <debian-boot@lists.debian.org>:
Bug#450954; Package user-setup. (Sun, 02 Mar 2014 15:00:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Cyril Brulebois <kibi@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian Install System Team <debian-boot@lists.debian.org>. (Sun, 02 Mar 2014 15:00:04 GMT) Full text and rfc822 format available.

Message #41 received at 450954@bugs.debian.org (full text, mbox):

From: Cyril Brulebois <kibi@debian.org>
To: Josh Kelley <joshkel@gmail.com>, 450954@bugs.debian.org
Cc: Colin Watson <cjwatson@debian.org>
Subject: Re: Bug#450954: Username 'admin' is reserved
Date: Sun, 2 Mar 2014 15:57:49 +0100
[Message part 1 (text/plain, inline)]
Josh Kelley <joshkel@gmail.com> (2014-02-11):
> Ubuntu no longer uses the admin group (and, as far as I can tell,
> never used the admin username).
> 
> http://askubuntu.com/a/122500/5682
> https://bugs.launchpad.net/ubuntu/+source/policykit-1/+bug/893842

(The latter contradicts what you put in parentheses.)

> Based on this, I suggest removing admin from the list of reserved names.

Thanks, but I'll leave that up to Colin.

Mraw,
KiBi.
[signature.asc (application/pgp-signature, inline)]

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Apr 23 18:59:00 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.