die_if_bad_username: tighten up a bit

die_if_bad_username: tighten up a bit

function                                             old     new   delta
die_if_bad_username                                   77      97     +20

Based on patches from Tito.
The changes are:
better comments
we disallow '@' now - in practice such usernames will be unusable
use of the portable filename character set plus '$'
don't use isalnum as it allows non-ASCII letters in legacy 8-bit locales (pointed out by Rich Felker)
enforce maximum length of LOGIN_NAME_MAX (including NUL)
don't allow '$', '.', and '-' as first char
don't print the illegal char in error message as if it is a wide char it will be unreadable
print the position of the illegal character

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>