- Helps protect against users named 'root'
- Makes it clearer that you should not rely on these users
for general PAM work, because they are prefixed.
Fixes#9
- Load config only once at startup.
A lot of jupyterhub config (like user lists) take effect only at
startup, so live reload is not super useful. It will make the
software more complex, so let's not do it.
- Add pyyaml as a dependency of tljh.
- Remove escapism dependency since it is not actually used
Dynamic Users are neat and probably very useful for a tmpnb
style situation. However, for regular use they have the following
problems:
1. Can't set ProtectHome=no, so you can never apt install or
similar from inside admin accounts.
2. Dynamic uid / gid makes it hard to write sudo rules. We want
admin users to have sudo.
3. Persistent uids / gids are very useful for ad-hoc ACLs between
users. gid sharing isn't the most flexible sharing mechanism,
but it is well known & quite useful.
4. /etc/skel is pretty useful!
