--- a/files/etc/prayer-accountd.cf +++ b/files/etc/prayer-accountd.cf @@ -8,6 +8,10 @@ # Default accountd.cf file suitable for RedHat Linux only. # See distribution for some sample files for FreeBSD and Solaris +accountd_port = 145 + +authtype = pam + msforward_name = ".MSforward" forward_name = ".forward" aliases_name = "vacation.aliases" --- a/files/Makefile +++ b/files/Makefile @@ -66,21 +66,16 @@ install-aconfig: install-motd: $(INSTALL) -o $(RO_USER) -g $(RO_GROUP) -m $(PUBLIC_FILE) \ - etc/motd.html ${BROOT}${PREFIX}/etc + etc/motd.html ${BROOT}/etc/prayer install: - PREFIX=$(BROOT)$(PREFIX) VAR_PREFIX=$(BROOT)$(VAR_PREFIX) \ - RO_USER=$(RO_USER) RO_GROUP=$(RO_GROUP) \ - RW_USER=$(RW_USER) RW_GROUP=$(RW_GROUP) \ - PUBLIC_DIR=$(PUBLIC_DIR) PRIVATE_DIR=$(PRIVATE_DIR) \ - PUBLIC_FILE=$(PUBLIC_FILE) PRIVATE_FILE=$(PRIVATE_FILE) \ - PUBLIC_EXEC=$(PUBLIC_FILE) PRIVATE_EXEC=$(PRIVATE_EXEC) \ - BIN_DIR=$(BIN_DIR) INSTALL=$(INSTALL) \ - ./install.sh - if [ ! -f $(BROOT)$(PREFIX)/certs/prayer.pem ]; then $(MAKE) install-cert; fi + ${INSTALL} -d -o ${RO_USER} -g ${RO_GROUP} -m ${PUBLIC_DIR} ${BROOT}${PREFIX} + ${INSTALL} -d -o ${RO_USER} -g ${RO_GROUP} -m ${PUBLIC_DIR} ${BROOT}/etc/prayer + + tar -c --owner ${RO_USER} --group ${RO_GROUP} --mode "a-x+X" icons static | tar -C ${BROOT}${PREFIX} -x if [ ! -f $(BROOT)$(PRAYER_CONFIG_FILE) ]; then $(MAKE) install-config; fi if [ ! -f $(BROOT)$(ACCOUNTD_CONFIG_FILE) ]; then $(MAKE) install-aconfig; fi - if [ ! -f $(BROOT)$(PREFIX)/etc/motd.html ]; then $(MAKE) install-motd; fi + if [ ! -f $(BROOT)/etc/prayer/motd.html ]; then $(MAKE) install-motd; fi redhat-install-init.d: install -D -o root -g root -m 755 \ --- a/files/etc/prayer.cf.SRC +++ b/files/etc/prayer.cf.SRC @@ -20,7 +20,7 @@ var_prefix = "__VAR_PREFIX__" # User ID to run as if we start off as root prayer_user = "prayer" # Group ID to run as if we start off as root -prayer_group = "prayer" +prayer_group = "nogroup" # Run prayer as background process. # TRUE => will return as soon as valid configuration is found. @@ -53,7 +53,7 @@ directory_perms = 0750 imapd_user_map = "" # Default imapd server. -imapd_server = localhost +imapd_server = localhost/notls # Name of Prayer user preferences file on IMAP server prefs_folder_name = ".prayer" @@ -270,11 +270,11 @@ icon_expire_timeout = 7d # Locatation of SSL certificate file (only used if SSL ports defined). # Required if we are going to provide SSL services. -ssl_cert_file = "$prefix/certs/prayer.pem" +ssl_cert_file = "/etc/ssl/certs/ssl-cert-snakeoil.pem" # Locatation of SSL private key file (only used if SSL ports defined). # Required if we are going to provide SSL services. -ssl_privatekey_file = "$prefix/certs/prayer.pem" +ssl_privatekey_file = "/etc/ssl/private/ssl-cert-snakeoil.key" # Master server will regenerate shared RSA key at this interval: ssl_rsakey_lifespan = 15m @@ -282,8 +282,9 @@ ssl_rsakey_lifespan = 15m # RSA key remains fresh in child process for this long after first actual use. ssl_rsakey_freshen = 15m -# SSL session cache timeout. -ssl_session_timeout = 24h +# SSL session cache timeout. Uncomment to enable SSL session caching. +# You should also arrange for prayer-ssl-prune to be run periodically. +#ssl_session_timeout = 24h # EGD socket, if system has no /dev/urandom #egd_socket = "/var/prngd/urandom" @@ -374,13 +375,15 @@ sendmail_path = /usr/lib/sendmail ispell_path = /usr/bin/ispell # Message of the day file -motd_path = "$prefix/etc/motd.html" +#motd_path = "/etc/prayer/motd.html" -# HTML to insert into login page -#login_insert1_path = "$prefix/etc/ucsnews.html" - -# HTML to insert into login page -#login_insert2_path = "$prefix/etc/ucsnews.html" +# HTML to make available to login template as $login_insert1 +# (only used in "cam" template set). +#login_insert1_path = "/etc/prayer/login1.html" + +# HTML to make available to login template as $login_insert2 +# (currently not used in any template set). +#login_insert2_path = "/etc/prayer/login2.html" # Login security: Prayer's front page defaults to a login form. # If the user does not connect via SSL then this can be changed @@ -409,10 +412,11 @@ bin_dir = "__BIN_DIR__" # Various directories used by the running system # Logs stored in $log_dir -log_dir = "$var_prefix/logs" +log_dir = "/var/log/prayer" # $lock_dir used for interlocking between prayer processes -lock_dir = "$var_prefix/locks" +# (only on Debian GNU/kFreeBSD) +lock_dir = "$var_prefix" # $socket_dir is location for unix domain sockets which connect frontend # to backend in proxy mode of operation. @@ -420,7 +424,7 @@ socket_dir = "$var_prefix/socke # Split socket directory into 64 subdirs keyed on first letter of sessionID # Code provides compatibility in both directions: can switch back and forward -socket_split_dir = TRUE +socket_split_dir = FALSE # Name of Unix domain socket (in $socket_dir) used for initial handshake # between prayer and prayer-session processes when a user logs in @@ -434,7 +438,7 @@ ssl_session_dir = "$var_prefix/ssl_s tmp_dir = "$var_prefix/tmp" # Location for PID files for prayer and prayer-session master processes. -pid_dir = "$var_prefix/pid" +pid_dir = "$var_prefix" # Interface to Hermes finger database #lookup_rpasswd = "/data/finger/rpasswd.cdb" @@ -452,7 +456,7 @@ pid_dir = "$var_prefix/pid" # Template stuff template_path = "__PREFIX__/templates" -template_set = "cam" +template_set = "old" template_use_compiled = TRUE template old "Traditional" @@ -601,14 +605,14 @@ hiersep = "/" dualuse = FALSE # Names of postponed_folder and sent_mail_folder, relative to maildir -postponed_folder = "postponed-msgs" -sent_mail_folder = "sent-mail" +postponed_folder = "Drafts" +sent_mail_folder = "Sent" # Default domain for outgoing mail. Defaults to "$hostname". # default_domain = "" # Language for ispell. -ispell_language = "british" +ispell_language = "american" # Size of small and large compose windows small_cols = 80