Per-user stuff

The configuration import subsystem sets up various things for users that it considers to be actual people.

The passwd database is consulted for the list of user accounts on the system. User accounts are considered to be actual people when they satisfy all of the following conditions:


The list of system accounts includes root and no per-user system-level services or per-user management is set up for the superuser.

Accounts are not checked to see whether they have a home directory, which one might think to be a way to detect users that are people. It is possible that the home directory of a real person's account is auto-mounted and that at import time it is currently not. Moreover: several non-people accounts have valid home directories, such as alias (for qmail), uucp, and mysql.

Accounts are not considered non-people for having "*" (or some such) as their password, which one might think to be another way to detect users that are people. It is legitimate for a real person's account to have no password in the user account database, and always use private/public keys for login authentication.

Conversely, accounts are not considered people for having an unlocked, proper, password.