Package: adduser Version: 3.113+nmu3 Severity: wishlist Hi,
how to handle an account on package purge is a discussion going on for more than a decade now. After the umpteenth re-hash of the issue on #debian-devel, I have gotten the impression that there is rough consensus for not deleting system accounts on package purge. The most prominent argument for this situation is that the local admin might have given file ownership to the account while the package was installed, and when the account is deleted and its uid re-used later, those files may become accessible to an unintended entity. Currently, deluser --system will just print a warning if the account to be deleted is actually a system user by virtue of its UID range and exit. Maybe it would be a good idea to change this behavior to locking the account ("!" in shadow) if deluser is asked to delete a system account? This doesn't prevent a privileged account to su/sudo/setuid into the account, but it will prevent logins as this account while keeping the UID reserved. Greetings Marc