refactor: replace nix crate with rustix + users

[peytonr18]

Summary

This PR replaces the nix crate with rustix and users crates for user lookups and file ownership operations. This change improves long-term maintainability by moving to more focused, stable dependencies.

Motivation

The current nix dependency is used in a very limited way (user lookups and chown), but introduces several long‑term risks:

• Maintenance status: Currently marked as "looking-for-maintainer" on crates.io
• API volatility: 71 releases since 2014 with frequent breaking changes
• Broad scope: Wraps many Unix APIs, making it prone to churn

The replacement crates offer better stability.

Changes

Code Updates

provision/ssh.rs --> Replace nix::unistd::chown with rustix::fs::chown; introduce SshUser helper
provision/mod.rs --> Replace nix::unistd::User::from_name with users::get_user_by_name
provision/mod.rs --> Replace nix::unistd::User::from_name with users::get_user_by_name

Ssh User

The nix::unistd::User type exposes mutable public fields, which allowed tests to override values such as the home directory. The users::User type is immutable and getter-only.

To preserve testability without relying on mutable system structs, this PR introduces a small SshUser data holder that can be:

• Constructed from a real users::User in production
• Constructed directly with test-controlled values in unit tests

Advantages:

• Reduced dependency surface and churn
• Actively maintained libraries with clearer ownership
• Stronger safety guarantees via rustix I/O-safe abstractions
• Cleaner separation between syscalls and user database access

Disadvantages:

• Introduces an additional dependency (users) for user lookups
• Minor API differences (UID/GID types, getter-based access)
• Less granular error reporting for failed user lookups

[peytonr18]

I believe once we merge in #279 , the CI will pass for this PR.

[cjp256]

LGTM, thanks!

[cadejacobson]

E2E logs look good!