While Podman automatically populates /etc/passwd and /etc/group with
matching entries for the mapped host user, such a feature is missing
from Docker. Install libnss-unknown, which will return passwd entries of
the form "uid-1000" for all unknown UIDs, to avoid warnings and other
weird behaviour that may occur when running as an unnamed user.

`-o` must be passed to useradd now to allow non-unique user entries, as
with libnss-unknown, every UID is considered occupied.