Username character limit uniqueness

[sparek-3]

There used to be a requirement in cPanel that the first 8 characters of a system user had to be unique on the server. You could have a username of abcdefghijklmno but then you couldn't have a username of abcdefghpqrstuv - because the first 8 characters (abcdefgh) was already in use.

This restriction was due to the way MySQL usernames were created - assuming you have the system username prefixed to the MySQL username.

Not meaning to rehash the stupidity in all of this. But this first 8 character uniqueness does not appear to be a restriction now, might've been removed for some time I'm just now noticing it.

I have some legacy systems in place that checks the uniqueness of a username's first 8 characters which would appear to no longer apply.

I suppose the reasoning for this is that all of the supported MySQL/MariaDB services now support longer database usernames, so the uniqueness of the first 8 characters is no longer an issue.

My question is - is there a first x number of character uniqueness still in play with cPanel system users?

 

[cPanelAnthony]

Hello! I can confirm it is still in play. Two cPanel users cannot share the first eight characters for the username.

 

[sparek-3]

You sure?

Have you tried it?

Have you tried it on cPanel 94.0.19?


So, you're saying that if I create an account and use the username abcdefghijklmno I won't be able to create an account on that same server with the username abcdefghpqrstuv?

I seem to be able to do such an activity.

Do I have a setting misconfigured some where?

 

[cPanelAnthony]

You sure?

Have you tried it?

Have you tried it on cPanel 94.0.19?


So, you're saying that if I create an account and use the username abcdefghijklmno I won't be able to create an account on that same server with the username abcdefghpqrstuv?

I seem to be able to do such an activity.

Do I have a setting misconfigured some where?

Hello! I tested it right out of the box on cPanel version 94 and100 and it wouldn't let me make a username with the same eight characters as another. However, I ended up finding the issue.

Reserved, Invalid, and Misconfigured Usernames | cPanel & WHM Documentation

This document explains cPanel & WHM's username restrictions and what to do if you encounter an invalid, reserved, or misconfigured username.

docs.cpanel.net

If you plan to use MySQL® or PostgreSQL® as a database engine, the first eight characters must be unique on the system.

It looks like the eight-character limit is needed for MySQL and PostgreSQL. When I switched both of my test VMs from MySQL to MariaDB, the 8 unique character restrictions no longer applied. Are you running MariaDB?

 

[sparek-3]

Yes, I'm using MariaDB.

Although I really thought this restriction was in place regardless of what SQL service was being used on the server. Although, I really can't say when I last tested the 8 character uniqueness and when I switched all of our servers over to MariaDB. So it's possible (although I don't think it's likely) that I switched to MariaDB after I last tested the first 8 character username uniqueness.

I suspect that at some point in time - cPanel dropped the "use the first 8 characters of a username to prepend to a SQL username" and instead considered the type and version of SQL service running on a server and newer versions of SQL services (maybe just MariaDB?) allow for much longer SQL usernames - so the requirement for the first 8 characters of a system username being unique was dropped. I just don't remember seeing a memo about that, but it's entirely possible that this got lost in the release notes some where.

I know it used to be, MySQL usernames had a small maximum length (for some reason 17 characters stick out in my mind, but I don't know where I got that). And while that version of MySQL was still popular and heavily in use, cPanel - in their infinite wisdom - decided to allow much longer usernames, up to 16 characters if I remember. But because the "standard" version of MySQL running on most cPanel servers only allowed for a small number of username characters and in order to allow database username uniqueness across system users, the first 8 characters of an account's system username followed by an underscore and then the specified MySQL username was how MySQL usernames were created. This necessitated the first 8 characters of any cPanel system user to be unique.

This was all probably before the Oracle debacle with MySQL and when there wasn't really a choice of SQL service - it was MySQL or MySQL.

Then cPanel allowed administrators to switch to MariaDB or keep MySQL. MariaDB allowed for longer usernames, but I still believe that cPanel still limited the SQL usernames in order to keep everything the same regardless of if a system was using MySQL or MariaDB.

I'm not sure what versions of MySQL cPanel is allowing now. Nor am I sure of what the max SQL username limit is for these versions of MySQL. I'm not sure if the first 8 character username uniqueness is still necessary for creating MySQL usernames.

But evidently, some where along the lines cPanel removed the restriction for systems that use MariaDB. With MariaDB, SQL usernames can be the full 16 character system user, and underscore, and then a descriptive string.

Just wasn't aware that that had changed.

 

[Brian N]

FWIW it was changed LONG ago for MariaDB: 56 Release Notes | cPanel & WHM Documentation

However, as you also said, I don't understand why it's still a requirement for MySQL. Even this KB article suggests that the limit should no longer exist with MySQL 5.7:

https://support.cpanel.net/hc/en-us/articles/360059353114-Why-are-my-database-usernames-prefixed-by-the-full-username-

For MariaDB 10.x and MySQL 5.7.9, the maximum username length changed. For MariaDB, the maximum username length is 80 characters. For MySQL, 5.7.9 the maximum username length is 30 characters. This restriction does still apply in MySQL 8.

But that's confusing as well. The restriction doesn't apply to 5.7 but still applies to 8.0? Am I interpreting that correctly? What sense does that make?!

Can anyone confirm if the 8-character username uniqueness restriction applies to MySQL 5.7 servers? (I can confirm it does with 8.0)

 

[cPanelAnthony]

FWIW it was changed LONG ago for MariaDB: 56 Release Notes | cPanel & WHM Documentation

However, as you also said, I don't understand why it's still a requirement for MySQL. Even this KB article suggests that the limit should no longer exist with MySQL 5.7:

https://support.cpanel.net/hc/en-us/articles/360059353114-Why-are-my-database-usernames-prefixed-by-the-full-username-

But that's confusing as well. The restriction doesn't apply to 5.7 but still applies to 8.0? Am I interpreting that correctly? What sense does that make?!

Can anyone confirm if the 8-character username uniqueness restriction applies to MySQL 5.7 servers? (I can confirm it does with 8.0)

I will inquire and see what I can find.

 

[Brian N]

I tried transferring some accounts to a server running MySQL 8.0 and did indeed get username collision errors. So it seems to still be a restriction. At any rate, I put in the feature request below to remove it. Maybe it'll happen one day.

Remove 8 character 'uniqness' requirement for usernames with MySQL 5.7+

 

[cPanelAnthony]

Apologies for not getting back to this more quickly. It does seem to still be a restriction; thank you for updating the thread.