Это частично обсуждено здесь в shadow
страница справочника.
выборка
$ man shadow
...
...
encrypted password
Refer to crypt(3) for details on how this string is interpreted.
If the password field contains some string that is not a valid result of
crypt(3), for instance ! or *, the user will not be able to use a unix
password to log in (but the user may log in the system by other means).
This field may be empty, in which case no passwords are required to
authenticate as the specified login name. However, some applications which
read the /etc/shadow file may decide not to permit any access at all if the
password field is empty.
A password field which starts with a exclamation mark means that the
password is locked. The remaining characters on the line represent the
password field before the password was locked.
В зависимости от Вашей версии страницы справочника для adduser
на это ссылаются там.
выборка adduser страница справочника
--disabled-login
Do not run passwd to set the password. The user won't be able
to use her account until the password is set.
--disabled-password
Like --disabled-login, but logins are still possible (for exam-
ple using SSH RSA keys) but not using password authentication.
Не следуя симлинкам. Он показывает только путь, где находит библиотеку. ldd - диагностический инструмент и если он следует по симлинкам, препятствующим диагностике.