Can I just touch the dovecot.index instead?
BH> Maybe. Not sure what environment variable holds its location, BH> though. And I'm not 100% sure it always exists or whether you'd BH> have to special-case the first-time login. (Will 'touch' creating BH> a zero-length index cause trouble for dovecot? I suspect not.)
Also be aware that the script is not being run with the uid of the user - it is /usr/libexec/dovecot/imap that drops privs - so touching the index file if it does not already exist may cause problems later when the user process wants to update the index file.
What if the script only touched the dovecot.index if it exists? That would likely not be too difficult to test for with shell script.
Matt
If you have sessreg from the X11 distribution you could also try:
#!/bin/sh if test -z "$DUMP_CAPABILITY"; then /usr/bin/sessreg -a -L /var/log/lastlog -u none -w none -l imap -h "$IP" "$USER" fi exec /usr/libexec/dovecot/imap
to put an entry into /var/log/lastlog (though note you need two scripts for both IMAP and POP logins).
Also, I am bit confused. Why must the script exec imap?
It doesn't _have_ to. It's a micro-optimisation. If the script did not exec the user imap process then a /bin/sh process would be sitting around waiting for the user imap process to exit and when it did then the /bin/sh process would itself just exit.