[users] Expand documentation of the settings

src/modules/users/users.conf

@@ -14,6 +14,12 @@
 # These Global Storage keys are set when the configuration for this module
 # is read and when they are modified in the UI.
 ---
+### GROUPS CONFIGURATION
+#
+# The system has groups of uses. Some special groups must be
+# created during installation. Optionally, there are special
+# groups for users who can use sudo and for supporting autologin.
+
 # Used as default groups for the created user.
 # Adjust to your Distribution defaults.
 #
@@ -41,18 +47,6 @@ defaultGroups:
       system: true
     - audio
 
-# Some Distributions require a 'autologin' group for the user.
-# Autologin causes a user to become automatically logged in to
-# the desktop environment on boot.
-# Disable when your Distribution does not require such a group.
-autologinGroup:  autologin
-# You can control the initial state for the 'autologin checkbox' here.
-# Possible values are:
-#  - true to check or
-#  - false to uncheck
-# These set the **initial** state of the checkbox.
-doAutologin:     true
-
 # When *sudoersGroup* is set to a non-empty string, Calamares creates a
 # sudoers file for the user. This file is located at:
 #     `/etc/sudoers.d/10-installer`
@@ -63,9 +57,22 @@ doAutologin:     true
 # the setting will be duplicated in the `/etc/sudoers.d/10-installer` file,
 # potentially confusing users.
 sudoersGroup:    wheel
-# If set to `false` (the default), writes a sudoers file with `(ALL)`
-# so that the command can be run as any user. If set to `true`, writes
-# `(ALL:ALL)` so that any user and any group can be chosen.
+
+# Some Distributions require a 'autologin' group for the user.
+# Autologin causes a user to become automatically logged in to
+# the desktop environment on boot.
+# Disable when your Distribution does not require such a group.
+autologinGroup:  autologin
+
+
+### ROOT AND SUDO
+#
+# Some distributions have a root user enabled for login. Others
+# rely entirely on sudo or similar mechanisms to raise privileges.
+
+# If set to `false` (the default), writes a sudoers file with `ALL=(ALL)`
+# so that commands can be run as any user. If set to `true`, writes
+# `ALL=(ALL:ALL)` so that any user and any group can be chosen.
 sudoersConfigureWithGroup: false
 
 # Setting this to false, causes the root account to be disabled.
@@ -83,6 +90,24 @@ setRootPassword: true
 # NOTE: *doReusePassword* requires *setRootPassword* to be enabled.
 doReusePassword: true
 
+
+### PASSWORDS AND LOGIN
+#
+# Autologin is convenient for single-user systems, but depends on
+# the location of the machine if it is practical. "Password strength"
+# measures measures might improve security by enforcing hard-to-guess
+# passwords, or might encourage a post-it-under-the-keyboard approach.
+# Distributions are free to steer their users to one kind of password
+# or another. Weak(er) passwords may be allowed, may cause a warning,
+# or may be forbidden entirely.
+
+# You can control the initial state for the 'autologin checkbox' here.
+# Possible values are:
+#  - true to check or
+#  - false to uncheck
+# These set the **initial** state of the checkbox.
+doAutologin:     true
+
 # These are optional password-requirements that a distro can enforce
 # on the user. The values given in this sample file set only very weak
 # validation settings.