What were you trying to do that didn't work?

Build an image using composer with CIS security.

Please provide the package NVR for which bug is seen:

osbuild-composer-88.3-1.el9_3.x86_64

How reproducible:

Easy

Steps to reproduce

1- Create blueprint.

1. cat test.toml
   name = "test"
   description = "basic test build"
   version = "0.0.3"
   modules = []
   groups = []
   distro = ""

[[packages]]
name = "scap-security-guide"
version = "*"

[customizations]

[[customizations.user]]
name = "secapproot"
password = "redhat123"
key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDIjbtOyUhRkSzyUIJRGYW7EhgqzOsQeMptXzl3xWlvjUUqe3zT7ZMRxirPPBaiM/khJvGXM11URNMkBVbtJvLd4NEHlcEegIdqU5oMOOmpqpvNYysQuDPvZFLLn9Ev6tsdqTakpdkC/bTqQqrlrMgbJS/pQy0hBT2maoEMgByIEoynHwPincVyyXDnYYb7IhNW7bG4zjwo5uz0LPPICBT+3wPQ8Kt6Ha60Ujco9bkxq1+pd6nWkm1EKJ6p/q/y3G/4IucHRpHSarzxVeMnA1plFn+w/TTZEDeG9YHbE+ItrG7pL5HYFD94+PLyK1GYJbNvdHnTtIHe9XiCJCVFH3kf jcastran@MacBook-Pro"
groups = ["wheel"]

[customizations.openscap]
datastream = "/usr/share/xml/scap/ssg/content/ssg-rhel9-ds.xml"
profile_id = "xccdf_org.ssgproject.content_profile_cis"

2- Create the image from the blueprint

1. composer-cli blueprints push test.toml
2. composer-cli compose start test installer-iso

3- Install using the iso and kickstart provided and the resulting system secapproot user is locked out

Actual results

users are expired and cannot be un-expired