Marco d'Itri <md@Linux.IT> writes:
On May 12, Simon Josefsson <simon@josefsson.org> wrote:
Having some mechanism to create package-specific users seems like one
useful goal, and I don't understand why each package has to write
scripts to invoke 'adduser' and deal with all the complexity around that
on their own. There could be a declarative interface a package can use
and say 'USERS+=saned' or 'USERS+=munin' or 'USERS+=openldap' and that's
it.
We have one: it is documented in sysusers.d(5).
Now you just need to persuade everybody to use it.
Oh I wasn't aware of that, thanks for the pointer. Is there any known
reason (except lack of time) that people aren't using it? I'll see if I
can come up with a way to use it in some packages, I think 'pqconnect'
would be a good candidate -- the postinst script is only there to call
addgroup+adduser and it always felt like a hack.
https://salsa.debian.org/python-team/packages/pqconnect/-/issues/13