Hi,
to clarify questions asked by Matt:
I think we can rely that usermod --lock / --unlock does secure enough
things.
deluser --lock => usermod -lock. Nothing else.
deluser --system --lock => usermod -lock. Nothing else.
adduser --unlock => usermod --unlock. Nothing else.
adduser --system --unlock => usermod --unlock. Nothing else.
adduser --system for an account that is locked: Go through the same
motions that we would do if adduser --system is called for an existing
user:
if (user properties are as specified in the call (already
implemented)):
usermod --unlock (ignore "is already unlocked")
exit RET_OK
else:
bomb out like we already do
Greetings
Marc
