I think the solution is quite simple. Let's replace
chown -Rhf root:root /etc/tomcat8/ || true with rm -rf /etc/tomcat8 I mean purge means purge. Remove all files, don't leave anything behind. As another improvement suggestion for Tomcat 9, we could stop deleting the tomcat user on purge and let the admin decide. I believe this is even consensus within the project and will protect against reusing files with the old GID and UID for something unintended.
signature.asc
Description: OpenPGP digital signature
