Package: debian-policy Version: 4.6.0.1 Severity: minor Hi,
9.2.2 distinguishes between 100-999: Dynamically allocated system users and groups. and 1000-59999: Dynamically allocated user accounts. This wording is a bit confusing, but this is probably caused by the ambiguity between users and accounts. I am also astonished that the 1000-59999 GIDs are not mentioned in policy, or is a group also a very special kind of account? Probably yes, at least that's what groupadd's docs say. So the easiest way to solve this and to be consistent with passwd/shadow would be: How about: 100-999: Dynamically allocated system user and system group accounts. Packages which need a user or group, but can have them and their UID/GIDs allocated dynamically and differently on each system, should use "adduser --system" or "addgroup --system" to create them as needed. These tools will check for the existence of the user or group, and if necessary choose an unused id based on the ranges specified in "adduser.conf". 1000-59999: Dynamically allocated user and group accounts. By default "adduser" and "addgroup" will choose UIDs and GIDs for user and group accounts in this range, though "adduser.conf" may be used to modify this behavior. Greetings Marc
