Skip to content
This repository has been archived by the owner. It is now read-only.

@crawford crawford released this May 20, 2016 · 200 commits to master since this release

Security Fixes:

  • Fall back to pam_deny in authentication (Security Brief)
  • Remove login shell for operator user
  • Stop disabling SHA512 password hashes in PAM
    • This restores the previous pre-PAM behavior of allowing SHA512 password hashes


  • The image signing key has been updated again, revoking the sub-key that signed 1045.0.0 and 1047.0.0 and adding a new sub-key for this and future releases.
  • Add rkt-admin group which has access to /etc/rkt
  • GCE images are now provisioned by Ignition instead of coreos-cloudinit


Assets 2