Comment by gmueckl

This doesn't follow. There are clear technicaö means to achieve complience in all of these scemarios. All those installers can, for example, check a file in /etc to determine the pirported user's age. If this does need external verification, this file can be signed by a third party identity checking service.

If the distros ship this mechanisms enabled in their binaires, but the users install circumvention tools (e.g. a package manager without checking mechanisms) from a thurd party, the distro provider should be off the hook.