Disk Quotas module: numeric usernames show unlimited quota

Webmin 2.111
Debian 12

Go into the Disk Quotas module.
Enter a username that starts with a letter and click the Edit User Quotas button.
The next page shows the /home filesystem along with their currently enabled quota and disk use.
All good.

Go into the Disk Quotas module.
Enter a username comprised of numbers only and click the Edit User Quotas button.
The next page shows the /home filesystem and an unlimited quota with 0 disk use.
Click the link for /home and the next page shows the correct quota and disk use stats.

Something isn’t parsing correctly for numeric usernames.


As far as I know a “username” in Linux cannot be all numeric. This would cause a conflict with a “user id” which is numeric.

There is no such limitation on usernames.

It’s common practice to keep usernames alphanumeric, but there is no technical reason to.

The only “conflict” with userid is potential confusion when using ls -l and other options to view ownership/permissions. However, all of our userids are 4 digits and all our usernames are 6+ digits.

Does Linux really care?
Is it not just about the program (language) that is “interpreting” the stored information? Is that language type safe? It should be. The data representing a “username” should be “interpreted” as alphanumeric.

I always thought the rule was the first character had to be a letter. I’m reasonably confident some system tools will choke on all-numeric input (though there’s probably no technical reason Virtualmin and Webmin should, but we should protect you from doing something that’ll break elsewhere).

I found this, which includes source code from shadow-utils (which indicates _ is also allowed in the first character):

We shouldn’t deal in what “should be”, but rather what is. And, historically, there absolutely was a limitation on usernames that required a letter or _ in the first character of a user name. I haven’t heard of that changing, but I haven’t dug into current docs or source to confirm it…but, I can’t think of why it would have changed. I assume the developers knew what they were doing and had a good reason for doing it.

Hence we had the famous millennium fiasco. (or infamous Y2K bug)

what is a number anyway - just a different arrangement of runes it is a mere interpretation

Software that originated in the early days often carries historical legacies.

I call them bugs they came from narrow minded thinking. the developers at the time thought that there were only 6 or 7 bits in a byte. we now use many more bits to represent all sorts of characters (零 some of which we still refer to as “numbers”). Isn’t time to move on and accept the world as it is now?

Is it always possible?

1 Like

This is off-topic. The question continues to be what is and not what you think should be. We don’t and can’t decide how Linux users work, there’s a whole ecosystem we all depend on that we have no control over.

POSIX doesn’t have a limitation on numbers in usernames nor does it specify that a username must start with a letter:

IEEE Std 1003.1-2001 is one of the POSIX standards (“Portable
Operating System Interface for Unix”)
3.426 User Name
A string that is used to identify a user; see also User
Database. To be portable across systems conforming to
IEEE Std 1003.1-2001, the value is composed of
characters from the portable filename character set. The
hyphen should not be used as the first character of a
portable user name.

3.276 Portable Filename Character Set
The set of characters from which portable filenames are
Z a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3
4 5 6 7 8 9 . -
The last three characters are the period, underscore, and
hyphen characters, respectively.

IOW, usernames can begin with letters, numbers, periods, or underscores. The only limitation on the first character is that it cannot be a hyphen.

adduser(8) is configured via adduser.conf(5). The default adduser.conf file has a NAME_REGEX that prevents creating accounts that start with a number. However, there’s nothing stopping the system administrator from changing NAME_REGEX to include numbers as the first character in usernames or to use fully numeric usernames. And, the PAM system has no such limitation and can be configured to support any setup you want for usernames.

IOW, a system that cannot handle numeric usernames is no longer POSIX-compliant and doesn’t follow Linux standards either (or Debian standards anyway; not sure how other distros are configured).

Thus, Webmin not being able to handle numeric usernames in the Disk Quotas module is a bug.


I disagree.
The question is about “Why does the Disk Quota module (of Webmin) use a numeric username?”

It is really quite clear that the underlying data is not numeric (it is the same as any data - just a collection of bytes) so somewhere within the module the decision has been made to “interpret” that data as a number.

If both usernames and user_id data were handled correctly (type safe) there should be no problem withe the module. username would be understood as “strings” (can contain 0…9 characters) and user_id understood as whatever.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.