- Groups that were removed from the config are now emptied (all their users are removed from it). This makes the behaviour consistent with the way we treat users. They're never removed (to avoid GID re-use) but effectively disabled.
- Mutable users are now fully supported. Previously, Userborn would disable
all users and drain all groups that were not in it's current config. Now, if
mutable users are enabled via
USERBORN_MUTABLE_USERS, only users/groups that were in the previous Userborn config are disabled/drained.
- Group memberships in /etc/users are now forcibly unique and alphabetically sorted, even if they weren't sorted in the config.
- Update xcrypt to 0.3.1. Now Userborn supports 32 bit.
- Userborn now calls
libxcryptdirectly via thexcryptcrate instead of shelling out tomkpasswd. This enables us to not change the password hash when a plaintext password is provided. We now check whether the password from the config matches the hashed password and then re-use the salt instead of generating a new salt. Please note that this changes nothing about the security posture of Userborn. If you provide a plaintext password to Userborn, there is nothing Userborn can do to protect it from leaking. - You can now configure the path to the
nologinbinary via the compile-time environment variableUSERBORN_NO_LOGIN_DEFAULT_PATHand the runtime variableUSERBORN_NO_LOGIN_PATH. These values are used when no explicit shell is provided in the user config.
- /etc/{group,passwd,shadow} are now sorted by GID/UID. This follows the
behaviour of systemd-sysusers, update-users-groups.pl and generally what the
shadow package does, most notably
pwck --sort.