Skip to content

v0.1.0 — First Release

Choose a tag to compare

View all tags
@pierre-warnier pierre-warnier released this 24 Mar 15:09
· 91 commits to main since this release
v0.1.0
e1cf435
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

shadow-rs v0.1.0

Memory-safe Rust reimplementation of all 14 Linux shadow-utils tools. Drop-in replacement for GNU shadow-utils.

Tools

passwd useradd userdel usermod groupadd groupdel groupmod pwck grpck chage chpasswd chfn chsh newgrp

Highlights

  • Single multicall binary — 894 KB stripped, 4x faster than GNU
  • 562 tests — unit, integration (all 14 tools), property-based, 4 fuzz targets
  • Zero unsafe code outside FFI — unsafe_code = "deny" enforced at workspace level
  • Security hardened — atomic file writes, password zeroing (zeroize), core dump suppression, env sanitization, audit logging, SELinux support
  • 3-distro CI — Debian (glibc), Alpine (musl), Fedora (SELinux)
  • Packaging — Makefile with setuid, Debian .deb, Fedora .rpm
  • MIT license — GPL clean-room development, no GPL source referenced
  • Reviewed — GitHub Copilot (automated) + Google Gemini CLI (manual security audit)

Install

# From source
cargo build --release
sudo make install

# Docker test
docker compose run --rm debian cargo test --workspace

What's next

  • v0.2.0: Shell completions (clap_complete), Landlock filesystem restriction
  • Future: uutils ecosystem integration (Path A)

See CHANGELOG.md for full details.

Assets 2
Loading