this is not for all case because people may have multiple checkouts of the source tree (other than /usr/src) this is good only for releases.

The main goal of mdo(1) I had in mind when I implemented is cases where on some system operators have to run commands as another user, like I connect ssh me@machine, then I need to do some things as nextcloud user. so basically every people in the "admin" group can run a command as nextcloud.
being able to have on this machine nextcloud the default user mdo switches to make it more user friendly, but yes this is sugar, not a strong requirement.

I am puzzled here, yes I like this, as it makes mdo(1) way more versatile, but I am also wondering if we are not here a little bit over thinking this, I get the completeness of it, but I fail at seeing a practical use case for this, and this adds lots of complexity to the code. Caan you share example on how you expect this to be used?

I love this!

LGTM, note I think we should flag those packages as "vital", meaning they cannot be removed beside explicitly asked by the user.

I really like this idea!

Really nice!

Consider adding your copyright at some point, you have done some significant additions to the code ;)

someone needs to understand why the not ok package are not ok, is this is related to the timestamp or not.

2 small remark, which I don't consider as blockers for your code, but imho are worse thinking about for further improvements in particular the part about using resolvconf.