[Feature Request] Introduce user.name operand

[Dietr1ch]

Summary:

Today you can write rules matching a user's Id (as in id -u $USERNAME), but when writing rules it's easier to refer to user names.

Introducing the user.name operand can make maintaining rules easier.
Implementation wise, we can at some point (reading, compiling rules) translate it to user.id to avoid matching strings.

Why?

While the UI helps selecting the Id, there's some issues with this,

• Rules are harder to share across machines since User Ids may change (different distros or user creation order).
• Rules are harder to generate
  • (On NixOS we can write rules in the system config, but can't hardcode Ids as those haven't been picked for users/groups that don't exist yet)
• Rules are harder to read.
  • I'm not sure why, but some rules don't show a user name, only some Id that looks quite obscure.

[gustavo-iniguez-goya]

This has been requested several times #1116

One of the problems is if there's a new user added after the daemon is launched. We could monitor /etc/passwd for changes, and reload the list of usernames accordingly.

I'll write a PoC for this and see how it goes.