Package: adduser Version: 3.121 Severity: important This is one of the bugs resulting from the policy and debian-devel consultations that happened in March 2022.
deluser --system should not remove an account but instead lock it (same procedure than deluser --lock, see #1008082) There should be a configuration option in /etc/deluser.conf, for example DELUSER_SYS_ACTION with the options "lock" and "delete", defaulting to "lock". If set to "delete", deluser --system should actually delete the user to give the local admin the opportunity to configure deluser to actually get rid of pacakage accounts automatically (therefore taking responsibility to not having given files to the account). delgroup --system should honor DELUSER_SYS_ACTION as well, with "lock" being a noop. Document (README.adduser-for-packages, deluser(8)) using deluser --system as recommendation to call in postrm purge. Severity important since the suggested policy change depends on this feature. Blocks: #1006912 Blocked by: #1008082 Reason: suggested policy change, #1006912