Does cyrus user need a shell?

[Giles Malet]

> whether cyrus (or other user cyrus-imapd runs as) need a shell?

We run multiple servers, with tens of thousands of users' mailboxes on each, and there are only a few user accounts on the servers. Those are the admins. So the answer is no, they don't need one for running the Cyrus stuff. There might be other reasons that force it though, such as authentication.

We use Kerberos (via PAM) to authenticate to a Microsoft server. We have an option in krb5.conf to allow authentication to succeed without there being a local account (I think it's verify_ap_req_nofail = false). If you need a locally stored password or whatever you might need user accounts....

g