On Wed, 2004-12-29 at 12:55 +0300, Peter Clark wrote:
Does the the virtualmail user need to have a shell account ? Do I have to change the last_valid_uid/gid to the dovecot user or leave them on the virtualmail user ? No, and technically you don't even need a virtualmail user, just a uid and gid. So, for instance, you could do this (so long as you were certain that
On Tuesday 28 December 2004 23:40, Roi Efrati wrote: the numbers in question would never be used for a real user/group):
first_valid_uid = 5000 last_valid_uid = 5000 first_valid_gid = 5000 last_valid_gid = 5000
first_valid_gid / last_valid_gid aren't really that important to change. They are only extra checks to prevent accidental use of eg. some daemon accounts due to unset passwords. So if you are using only virtual users and not /etc/passwd at all, it's rather useless to change them.
If you want to use 5000 UID, just make sure the userdb returns 5000 as UID.
And there was talk about auth_user in this thread too. The most important thing with it is that it must not be the same as login_user (1.0-tests enforce this check). Other than that, it's better to be the least privileged user that has access to passdb and userdb, but just using root isn't that bad either.