On Sun, 2022-02-20 at 10:03 +0100, Ricardo Fraile wrote: > Only to point that adduser is the recommended way to handle accounts in > maintainer scripts [1] and Debian Code Search reports 267 packages using > it [2], but dh_sysusers [3] seems to handle the same task on the > packages and works with useradd under the hood too.
There is certainly some work to be done to reconcile the three different ways of managing users. There needs to be: - a "right way" to add a system user from a package - a "right way" to add a system user from the command line - a "right way" to do low-level user management tasks I had envisioned "adduser" as a Debian policy enforcer on top of the more distribution-agnostic tools from shadow. But, it is true now that some features are confusingly duplicated across these methods. Notably, there are settings for system user UID ranges in both /etc/login.defs and /etc/adduser.conf. There may be value in keeping "adduser" as a higher level tool that can do helpful things by default (e.g., avoid forbidden UIDs, avoid UID reuse, do additional clean up of at jobs w/o need for configs, etc.). I am unsure how to proceed, but I know it will require working well with the shadow maintainers. I think I'll start a discussion through the proper channel. Thanks! -- Jason Franklin