what happened to this project?

[maci0]

@nalind it's a shame this never got included into fedora/rhel.
With something like this /usr/bin/passwd wouldnt need to be a suid binary anymore.
Every user could just have normal file access to his /etc/passwd.d/${USERNAME} file.

[nalind]

Nothing really happened to it, it's just not being used very much.

I think there was a thread on the fedora-devel mailing list where we were considering distributing data files in packages to avoid having to run useradd while installing packages that needed unprivileged accounts, but then we realized that that meant that those users would be deleted when the package was removed. This can have the unintended effect of leaving files owned by those users belonging to unresolvable UIDs, if you're lucky, or to a UID that is allocated to some other user if you're less lucky, so we abandoned the idea.

If you're considering using it to allow users to edit their own passwd entries, I'd advise against it, as there's no safeguard to prevent them from modifying their UID to an arbitrarily value, such as 0. If the goal is to avoid having an SUID passwd command, and SGID is acceptable, I think the Openwall tcb package is a safer option.

Thanks for considering it, though.

[maci0]

my intended use case for this was somewhat different .. maybe you have an idea.
a user connects to a machine via ssh. his login shell is a program which enters a linux namespace container and drops him there. obviously that user has to exist in the containers /etc/passwd as well.
no problem there just add him.. but when the user changes its own password only the passwd file in the containers root filesystem gets changed. thefore the user still cant connect via ssh using its new password. i will look at openwall tcb, thanks.