Thank you for your reply 314random, the second link was informative:
"The owner profile is special and is used to store sensitive system-wide operating system data. This is why the owner profile needs to be logged in after a reboot before other user profiles can be used. "
"GrapheneOS enables support for ending secondary user profile sessions after logging into them. It adds an end session button to the lockscreen and in the global action menu accessed by holding the power button. This fully purges the encryption keys and puts the profiles back at rest. This can't be done for the owner profile without rebooting due to it encrypting the sensitive system-wide operating system data."
My understanding is GrapheneOS implementation of FDE limits the device to one person (owner). There is currently limited support of multiple persons on one device: After a reboot the owner must unlock the device before other persons may use the device; Alternatively the owner credentials are shared with all persons, so that they may unlock the device themselves, with the caveat of granting root access to all persons.
Ideally, after a reboot it would be possible for persons to use the device without unlocking the owner account. In this way multiple persons could share one device, without being dependent on the owner being present to unlock the device.
Use case a) One Device: teacher(owner), students (users)
Use case b) One Device: parents(owners), children (users)
Use case c) One Device: employer(owner), employees (users)
Is such support planned/possible to implement in the future or present?