rewrite of "user_accounts" task for linux hardening

[DonEstefan]

• fixes password ageing not enforced #570
• avoids ansible "command" usage of "awk" in favor of "getent passwd" module
• consolidate "login.defs" file handling in one place (the file got modified "login_defs" task. The "user_accounts" task then parsed the file instead of re-using the values used during modification)
• enforces home dir ownership (in addition to folder permissions)
• home dir locations are read from PAM (instead of expecting them to be in "/home/*"). This is more reliable and obsoletes a workaround for the "/home/lost+found" home dir of the non-existing "lost+found" user.
• adds user_account handling for root user

Before merging you might want to spend some extra thoughts on:

• testing (I tested RHEL8 only)
• default values for newly introduced vars and changed existing vars
• deprecation of either os_always_ignore_users or os_ignore_users variable. They seem to do exactly the same thing..?

[rndmh3ro]

Hi @DonEstefan,

thanks for your PR! However this PR combines too many different things into one big PR. Can you please create separate PRs for the different issues so we can discuss the implementation separately?

[DonEstefan]

I'm closing this and will create separate pull requests