Comment 3 for bug 1332538

we will need to use libnss-extrausers to manage the non-system users anyway on the readonly images, i wonder if we cant also use the extrausers password/group files for other users, migrate them from password to extrausers on first boot and watch additions/removals to the readonly file during upgrades (which we process if necessary). that would make the UIDs persistent in the writable space.