Oh and such creation/deletion of system users/groups should then definitely done by some centrally managed code.
This would also allow to easily update things like home-dir, shell or the GECOS field. Right now most installations quickly run out of sync, e.g. many legacy installations will have system users with /bin/false as shell, while apparently at some point this was changed to /usr/sbin/nologin . Cheers, Chris.
