feat: Add rootful capability

tasks/config.yml

@@ -1,15 +1,24 @@
 ---
 # tasks file for podman
 
-- name: Disable global podman auto-update
-  ansible.builtin.systemd_service:
-    name: podman-auto-update.timer
-    enabled: false
+- name: Create dedicated group
+  ansible.builtin.group:
+    name: "{{ podman_user }}"
+  become: true
+
+- name: Create dedicated user
+  ansible.builtin.user:
+    name: "{{ podman_user }}"
+    comment: Dedicated Podman user
+    home: "{{ podman_user_homedir }}"
+    password_lock: true
+    shell: /bin/bash
+    group: podman
   become: true
 
 - name: Enable lingering for podman user
   ansible.builtin.command:
-    cmd: "{{ item }}"
+    cmd: "{{ item }}"
     creates: /var/lib/systemd/linger/{{ podman_user }}
   become: true
   loop: