add a list of reserved usernames for centos

salt/users/init.sls

@@ -3,7 +3,9 @@
 # If a user is changed from present to absent, their usergroup will be removed, but any additional usergroups that were created
 # for that user will remain.
 
-{% for username, userdeets in pillar.get('users', {}).items() %}
+{% from 'users/map.jinja' import reserved_usernames with context %}
+
+{% for username, userdeets in pillar.get('users', {}).items() if username not in reserved_usernames %}
   {% if 'status' in userdeets %}
     {% if userdeets.status == 'absent' %}
 

salt/users/map.jinja

@@ -0,0 +1,38 @@
+{% set reserved_usernames = [
+    'root',
+    'bin',
+    'daemon',
+    'adm',
+    'lp',
+    'sync',
+    'shutdown',
+    'halt',
+    'mail',
+    'operator',
+    'games',
+    'ftp',
+    'nobody',
+    'systemd-network',
+    'dbus',
+    'polkitd',
+    'tss',
+    'sshd',
+    'ossec',
+    'postfix',
+    'chrony',
+    'ntp',
+    'tcpdump',
+    'socore',
+    'soremote',
+    'elasticsearch',
+    'stenographer',
+    'suricata',
+    'zeek',
+    'curator',
+    'kratos',
+    'kibana',
+    'elastalert',
+    'ossecm',
+    'ossecr',
+    'logstash'
+] %}