Provided by: dh-sysuser_1.6.0_all bug

NAME
       dh_sysuser - manage system users required for package operation


SYNOPSIS
       dh_sysuser [debhelper options] [username options] ...


DESCRIPTION
       dh_sysuser is an alternative to the more popular dh_installsysusers addon; dh_sysuser is a debhelper
       addon providing a simple way to create system users required for package operation (for example, to run a
       service with dropped privileges).

       Compared to dh_installsysusers, dh_sysuser injects a different dependency that plays nice with
       alternative init systems, non-linux ports or initless systems.  Packages builded with dh_sysuser will
       still work fine under systemd at the cost of an additional dependency (sysuser-helper).

       dh_sysuser should not be used when the upstream source provides a sysusers.d conf file already installed
       in /usr/lib/sysusers.d/; for such cases please use dh_installsysusers.

       The user creation itself is delegated to a systemd-sysusers provider, with a fallback to the
       minsysusers(8) utility for systems where a systemd-sysuser provider is not available.

       •   The  primary  group of the new user is created with the same name as the user. The new users will not
           be a member of any other group except the primary one.

       •   New users have the /etc/shadow password field set to '!', making it impossible to log in.

       •   By default new users have the shell set to /usr/sbin/nologin. It is  still  possible  to  get  a  new
           user's shell with su -s.

       •   The  default home directory is set to /; if a different home is chosen, the home directory is created
           (see  below),  its  permissions  are   adjusted   according   to   the   SYS_DIR_MODE   variable   in
           /etc/adduser.conf.  By  default,  this  results  in  the  mode 0755 for the home directory.Files from
           /etc/skel are NOT copied.

           WARNING: The data stored in new user's  home  directory  are  world-readable.   If  you  (as  package
           maintainer) need full control over home directory permissions, please file a bug.

       •   It's  possible to override the default setting for user's home and shell, add a GECOS comment and set
           the user's UID. Please see sysusers.d(5) format.

       dh_sysuser  looks  for  a   debian/package.minsysusers  file,  if  one  exists,  and   installs   it   as
       /usr/lib/sysusers.d/package.conf;  then  it adds a postinstall snippet code to make sure that the user is
       created at  package  postinstall.   The   debian/package.minsysusers  file  is  expected  to  follow  the
       sysusers.d(5) conf file specification.

   CRUFT OF SYSTEM USERS
       Creating a system user (or a user in general) is easy, but safely removing one is hard. Former version of
       this package used to remove users on purge when home was set to /nonexistent or was empty; however a user
       may  be  allowed  to  write  files  outside  his  home, and since UIDs are reusable, this may represent a
       security risk.  With the current version of this package users are never removed automatically.


EXAMPLES
       With the following debian/package.minsysusers control file, you get respectively:

           u     foo     -  "foo user"   /nonexistent      -
           g     bar     -
           m    baz  gname

       a system user foo with a gecos comment "foo user" and home set to /nonexistent: the  foo  group  will  be
       also created; a system group bar; add gname group as supplementary group of baz user.


SEE ALSO
       useradd(8), groupadd(8), usermod(8)

perl v5.40.0                                       2025-01-22                                      DH_SYSUSER(1)