diff --git a/init/postsrsd.default.in b/init/postsrsd.default.in
index 50049f2105..9302b6dbfa 100644
--- a/init/postsrsd.default.in
+++ b/init/postsrsd.default.in
@@ -21,7 +21,7 @@ SRS_SEPARATOR==
 # When postsrsd is installed for the first time, a random secret is generated
 # and stored in /etc/postsrsd.secret. For most installations, that's just fine.
 #
-SRS_SECRET=@SYSCONF_DIR@/@PROJECT_NAME@.secret
+SRS_SECRET=@SYSCONF_DIR@/@PROJECT_NAME@/@PROJECT_NAME@.secret
 
 # Length of hash to be used in rewritten addresses
 SRS_HASHLENGTH=4
@@ -44,7 +44,7 @@ SRS_REVERSE_PORT=10002
 # Drop root privileges and run as another user after initialization.
 # This is highly recommended as postsrsd handles untrusted input.
 #
-RUN_AS=nobody
+RUN_AS=@PROJECT_NAME@
 
 # Bind to this address
 #