Overview
This is a mock UNIX shell with a user management system written in rust. I built it as an educational project to better understand password and user management. The shell features extendable permission based commands, secure user operations, and hash + salt secret storage.
Details
Auth Library
The authentication library provides:
- Hand-rolled Hashing
- Custom SHA256-iter implementation (Educational only, not for production use)
- OS-based salt generation for use in hashes
- Credential Database
- Database for storing, loading, and saving hashed passwords in a
/etc/passwdstyled format - Methods for CRUD password operations + hashed comparisons
- Secure input on the commandline
- Database for storing, loading, and saving hashed passwords in a
Interactive Shell
The REPL shell is managed by an environment struct that holds user information, the command registry, and the credentials backend. Commands are extensible by design, with a standard structure for permissions, calling convention, and help messages. Commands have permission levels that enforce access control for logged out, user, and root.
Supported Commands
| Command | Arguments | Min Privilege | Description |
|---|---|---|---|
users | None | list all accounts | |
help | None | list all commands | |
whoami | None | print current username | |
clear | None | clear screen | |
exit | None | exit the shell | |
login | <account> | None | login to an account |
logout | User | logout of an account | |
switchuser | <account> | User | logout and login to another account |
chname | [account] <name> | User | change account name, if root change a different accounts |
chpass | [account] | User | change password, if root can change another account |
mkuser | <account> | Root | create an account |
rmuser | <account> | Root | delete an account |
reset | Root | delete all accounts, logout |