diff --git a/squid.spec b/squid.spec
index 6c7297b..d6a54c2 100644
--- a/squid.spec
+++ b/squid.spec
@@ -2,7 +2,7 @@
 
 Name:     squid
 Version:  5.5
-Release:  3%{?dist}
+Release:  4%{?dist}
 Summary:  The Squid proxy caching server
 Epoch:    7
 # See CREDITS for breakdown of non GPLv2+ code
@@ -18,6 +18,7 @@ Source5:  squid.pam
 Source6:  squid.nm
 Source7:  squid.service
 Source8:  cache_swap.sh
+Source9:  squid.sysusers
 
 Source98: perl-requires-squid.sh
 
@@ -52,10 +53,7 @@ Patch502: squid-5.5-CVE-2022-41318.patch
 Requires: bash gawk
 # for httpd conf file - cachemgr script alias
 Requires: httpd-filesystem
-Requires(pre): shadow-utils
-Requires(post): systemd
-Requires(preun): systemd
-Requires(postun): systemd
+
 # squid_ldap_auth and other LDAP helpers require OpenLDAP
 BuildRequires: make
 BuildRequires: openldap-devel
@@ -87,6 +85,8 @@ BuildRequires: systemd-rpm-macros
 # systemd notify
 BuildRequires: systemd-devel
 
+%{?systemd_requires}
+%{?sysusers_requires_compat}
 
 # Old NetworkManager expects the dispatcher scripts in a different place
 Conflicts: NetworkManager < 1.20
@@ -242,6 +242,8 @@ rm -f $RPM_BUILD_ROOT%{_sysconfdir}/squid/squid.conf.documented
 # remove unpackaged files from the buildroot
 rm -f $RPM_BUILD_ROOT/squid.httpd.tmp
 
+# sysusers.d
+install -p -D -m 0644 %{SOURCE9} %{buildroot}%{_sysusersdir}/squid.conf
 
 %files
 %license COPYING 
@@ -283,15 +285,10 @@ rm -f $RPM_BUILD_ROOT/squid.httpd.tmp
 %{_libdir}/squid/*
 %{_datadir}/snmp/mibs/SQUID-MIB.txt
 %{_tmpfilesdir}/squid.conf
+%{_sysusersdir}/squid.conf
 
 %pre
-if ! getent group squid >/dev/null 2>&1; then
-  /usr/sbin/groupadd -g 23 squid
-fi
-
-if ! getent passwd squid >/dev/null 2>&1 ; then
-  /usr/sbin/useradd -g 23 -u 23 -d /var/spool/squid -r -s /sbin/nologin squid >/dev/null 2>&1 || exit 1 
-fi
+%sysusers_create_compat %{SOURCE9}
 
 for i in /var/log/squid /var/spool/squid ; do
         if [ -d $i ] ; then
@@ -334,8 +331,6 @@ do
   end
 end
 
-
-
 %post
 %systemd_post squid.service
 
@@ -354,6 +349,9 @@ fi
 
 
 %changelog
+* Mon Nov 07 2022 Luboš Uhliarik <luhliari@redhat.com> - 7:5.5-4
+- Resolves: #2095468 - [RFE] squid use systemd-sysusers
+
 * Mon Nov 07 2022 Luboš Uhliarik <luhliari@redhat.com> - 7:5.5-3
 - Resolves: #2130253 - CVE-2022-41318 squid: buffer-over-read in SSPI and SMB
   authentication
diff --git a/squid.sysusers b/squid.sysusers
new file mode 100644
index 0000000..f9cc56b
--- /dev/null
+++ b/squid.sysusers
@@ -0,0 +1,2 @@
+g squid 23 -
+u squid 23 "Squid proxy user" /var/spool/squid /sbin/nologin