WIP: compose: Add experimental/sysusers option

First, we add support for a new `experimental:` key.  Then
there's a new `sysusers` key underneath that.

When enabled, we drop all of the other previous passwd handling.
In practice the only one that was used was having static files.
That is a pain to maintain.

However, we need to statically assign non-zero uid/gid for any
files that come from a base ostree commit.  Anything else
would mean the user/groups could be unpredictably assigned in different
rpm-ostree runs.

This code now checks for an errors out on that.

In order to convert *fully* to sysusers, we install an interceptor for
`useradd/groupadd` that talk back via a pipe to the compose process.
These invocations then get translated to drop into a new`
`sysusers.d/rpmostree-auto.conf` file.

This way we don't need to require that every RPM have ported to
sysusers.d.

At the end, we drop everything in `/etc/passwd` and `/etc/group`
except for the `root:` entries, relying on `systemd-sysusers` to
readd everything at boot time.

Closes: #49

Author: cgwalters

docs/manual/treefile.md

@@ -253,3 +253,7 @@ version of `rpm-ostree`.
 
  * `rojig`: Object, optional.  Sub-keys are `name`, `summary`, `license`,
    and `description`.  Of those, `name` and `license` are mandatory.
+
+ * `sysusers`: boolean, optional: Defaults to `false`. Enable generation of
+   systemd sysusers.d entries based on `useradd` invocations.  If enabled,
+   this overrides `preserve-passwd`.  It also obsoletes `check-passwd`.

rust/src/lib.rs

@@ -51,3 +51,5 @@ pub use journal::*;
 mod utils;
 pub use utils::*;
 mod openat_utils;
+mod sysusers;
+pub use sysusers::*;