NEW_ID — Core Identity Manager

Linux user management GUI for proot, Termux, and standard Linux desktops.
Built with Python + PyQt6. Manage users, groups, SSH keys, account security — all from a clean dark UI.

---

Features

Category	Capabilities
User Management	Create, remove, list users (UID ≥ 1000)
Search	Realtime filter in user list
Password	Reset password (sha512_crypt / openssl fallback)
Shell	Change login shell from available shells
Lock / Unlock	Disable / re-enable password login (passwd -l/u)
Group Manager	Add / remove user from groups (dropdown select)
SSH Key Manager	Add public keys, view authorized_keys
Account Expiry	Set or remove expiry date (chage)
No Login	Toggle /usr/sbin/nologin shell on/off
Activity Log	All actions logged to /var/log/cim_activity.log
Login History	last command (Linux) or CIM activity log (proot)
Protection	Primary users (UID 1000, aid_*) auto-protected

---

Project Structure

.
├── core-identity-manager.py   # Main application source
├── build-bin.sh               # Build binary using PyInstaller
├── install.sh                 # Desktop entry installer
├── NEW_ID                     # Built binary (after build)
└── NEW_ID.png                 # App icon

---

Requirements

Dependency	Install
Python 3.10+	apt install python3
PyQt6	apt install python3-pyqt6 or pip install PyQt6
passlib (optional)	pip install passlib — falls back to openssl
PyInstaller (build only)	pip install pyinstaller

---

Build

# Build NEW_ID binary from source
bash build-bin.sh

Output: ./NEW_ID — single self-contained executable.

Note: --windowed is not used — Linux does not support it.
Build artifacts (build/, dist/, *.spec) are cleaned automatically.

---

Install

# Install pre-built binary + desktop entry
sudo ./install.sh

# Build from source AND install in one step
sudo ./install.sh --build

# Remove from system
sudo ./install.sh --uninstall

What install.sh does

Step	Action
Binary	Copies NEW_ID → /usr/local/bin/NEW_ID
Icon	Copies NEW_ID.png → /usr/share/pixmaps/new-id.png
Desktop entry	Creates /usr/share/applications/new-id.desktop
Polkit (non-proot)	Creates /usr/share/polkit-1/actions/org.new-id.policy

Desktop entry

Exec=sudo /usr/local/bin/NEW_ID
Terminal=true

Clicking the app icon opens a terminal, asks for sudo password, then launches the GUI.

---

Run

# From terminal (recommended)
sudo NEW_ID

# Or from application menu:
# System → Administration → NEW ID

---

Proot / Termux Support

NEW_ID is optimized for proot-distro Debian on Termux (Android).

Feature	Behavior in proot
getent	Not used — /etc/passwd read directly
last command	Not available — uses CIM activity log instead
pkexec	Not used — sudo launcher
/etc/sudoers	Uses /etc/sudoers.d/username per-user file
passlib missing	Falls back to openssl passwd -6
Login history	Reads /var/log/cim_activity.log

Auto-detects proot via $PROOT or $TERMUX_VERSION environment variables.

---

Activity Log

All actions are recorded to /var/log/cim_activity.log in JSON format:

{"ts": "2026-03-06 10:05:39", "action": "CREATE",      "user": "sumit",    "detail": "proot+sudoers"}
{"ts": "2026-03-06 10:12:00", "action": "PASSRESET",   "user": "sumit",    "detail": ""}
{"ts": "2026-03-06 10:15:00", "action": "SHELLCHANGE",  "user": "sumit",    "detail": "/bin/zsh"}
{"ts": "2026-03-06 10:20:00", "action": "REMOVE",       "user": "testuser", "detail": "Deleted: /home/testuser"}

Viewable in-app via 📋 HISTORY → All Activity.

---

Protected Users

The following users are protected — they cannot be removed or have credentials modified:

• Standard system accounts: root, nobody, daemon, bin, www-data, etc.
• UID 1000 user (auto-detected — e.g. debian, ubuntu, kali)
• aid_* accounts (Android UID accounts in Termux proot)

Protected users are shown with a 🔒 badge in the info panel. Destructive buttons are automatically disabled when a protected user is selected.

---

Button Reference

Button	Action	Protected User
🐚 SHELL	Change login shell	✅ allowed
🔑 PASSWORD	Reset password	❌ disabled
🗑 REMOVE	Delete user + home	❌ disabled
📋 HISTORY	View activity log	✅ allowed
🔒 LOCK	Disable password login	✅ allowed
🔓 UNLOCK	Re-enable password login	✅ allowed
➕ GROUP	Add to group	❌ disabled
➖ GROUP	Remove from group	❌ disabled
🔐 ADD KEY	Add SSH public key	❌ disabled
👁 SSH KEYS	View authorized_keys	✅ allowed
📅 EXPIRY	Set account expiry date	❌ disabled
🚫 NO LOGIN	Toggle nologin shell	❌ disabled

---

License

MIT — free to use, modify, and distribute.

---

Credits

Built on top of:

• PyQt6 — Qt6 Python bindings
• passlib — password hashing
• PyInstaller — binary packaging
• proot-distro — Android Linux environment