Date: Sat, 3 May 2003 19:02:24 +0100 From: Dominic Marks <dom@cus.org.uk> To: Norikatsu Shigemura <nork@FreeBSD.org> Cc: freebsd-ports-bugs@FreeBSD.org Subject: Re: ports/51593: Maintainer Update: mail/dovecot Message-ID: <20030503180224.GA12431@cus.org.uk> In-Reply-To: <200305031616.h43GGNWh066633@freefall.freebsd.org> References: <200305031616.h43GGNWh066633@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 03/05/2003 09:16, Norikatsu Shigemura wrote: > Synopsis: Maintainer Update: mail/dovecot > > State-Changed-From-To: open->feedback > State-Changed-By: nork > State-Changed-When: Sat May 3 09:04:15 PDT 2003 > State-Changed-Why: > Please make diff -urN /usr/ports/mail/dovecot YOU-HOPE-TO-CHANGE-THIS. > This patch should be adapt for mail/dovecot, or I can't commit your patch. > > > Responsible-Changed-From-To: freebsd-ports-bugs->nork > Responsible-Changed-By: nork > Responsible-Changed-When: Sat May 3 09:04:15 PDT 2003 > Responsible-Changed-Why: > I'll handle this. > > http://www.freebsd.org/cgi/query-pr.cgi?pr=51593 As requested: diff -ruN /usr/ports/mail/dovecot/Makefile dovecot/Makefile --- /usr/ports/mail/dovecot/Makefile Thu Jan 16 18:33:15 2003 +++ dovecot/Makefile Sat May 3 18:59:41 2003 @@ -2,24 +2,109 @@ # Date created: 12/08/2002 # Whom: Dominic Marks <d.marks@student.umist.ac.uk> # -# $FreeBSD: ports/mail/dovecot/Makefile,v 1.7 2003/01/12 17:40:06 naddy Exp $ +# $FreeBSD: ports/mail/dovecot/Makefile,v 1.10 2003/03/31 09:18:00 edwin Exp $ # PORTNAME= dovecot -PORTVERSION= 0.99.5 +PORTVERSION= 0.99.9 CATEGORIES= mail ipv6 MASTER_SITES= http://dovecot.procontrol.fi/ MAINTAINER= d.marks@student.umist.ac.uk +COMMENT= Secure and compact IMAP and POP3 servers + +LIB_DEPENDS= iconv.3:${PORTSDIR}/converters/libiconv USE_REINPLACE= yes GNU_CONFIGURE= yes -CONFIGURE_ARGS+= --disable-shadow --enable-ipv6 \ - --localstatedir=/var/dovecot --with-ssl=openssl \ - --with-vpopmail --with-pam --with-rawlog \ - --with-ssldir=/var/dovecot/ssl - +CONFIGURE_ARGS+= --without-shadow --enable-ipv6 \ + --localstatedir=/var --with-ssl=openssl \ + --with-ssldir=/var/dovecot/ssl --with-pop3d \ + --with-pam +CONFIGURE_ENV+= CPPFLAGS=-I${LOCALBASE}/include \ + LDFLAGS=-L${LOCALBASE}/lib + +# +# Feature Autodetection +# +.if exists(${LOCALBASE}/lib/libsasl.so.2) +WITH_SASL2= yes +.endif + +.if exists(${LOCALBASE}/vpopmail/bin/vckpw) +WITH_VPOPMAIL= yes +.endif + +.if exists(${LOCALBASE}/lib/libldap.so.2) +WITH_LDAP2= yes +.endif + +.if exists(${LOCALBASE}/lib/libpq.so.3) +WITH_PGSQL= yes +.endif + +# +# SASL2 support +# +# SASL provides authentication support to +# session-based protocols. This is can be +# used by dovecot for authentication sources. +# +.if WITH_SASL2 +LIB_DEPENDS+= sasl2.2:${PORTSDIR}/security/cyrus-sasl2 +CONFIGURE_ARGS+= --with-cyrus-sasl2 +.endif + +# +# VPopMail Support +# +# vpopmail provides easy authentication and +# multi-domain features. It was originally +# created for use with Qmail. +# +.if WITH_VPOPMAIL +VPOPMAIL= ${LOCALBASE}/vpopmail/bin/vchkpw +BUILD_DEPENDS+= ${VPOPMAIL}:${PORTSDIR}/mail/vpopmail +CONFIGURE_ARGS+= --with-vpopmail +.endif + +# +# OpenLDAP Support +# +# LDAP is the light-weight directory access +# protocol and can be used by Dovecot for its +# user database. +# +.if WITH_LDAP2 +LIB_DEPENDS+= ldap.2:${PORTSDIR}/net/openldap20 +CONFIGURE_ARGS+= --with-ldap +.endif + +# +# PostgreSQL Support +# +# PostgreSQL is a powerful SQL database which +# can be used to store user tables. +# +.if WITH_PGSQL +LIB_DEPENDS+= pq.3:${PORTSDIR}/databases/postgresql +CONFIGURE_ARGS+= --with-pgsql +.endif + +pre-everything: + @${ECHO_MSG} "==> Dovecot Options" + @${ECHO_MSG} "==> See the Makefile for descriptions." + @${ECHO_MSG} "==> ------------------------------------------" + @${ECHO_MSG} "==> o SASL2 Support + WITH_SASL2" + @${ECHO_MSG} "==> o VPoPMail SUpport + WITH_VPOPMAIL" + @${ECHO_MSG} "==> o OpenLDAP2 Support + WITH_LDAP2" + @${ECHO_MSG} "==> o PostgreSQL Support + WITH_PGSQL" + @${ECHO_MSG} "==> ------------------------------------------" + pre-build: + @${REINPLACE_CMD} -e 's,%%SSLDIR%%,/var/dovecot/ssl,' \ + ${WRKSRC}/doc/mkcert.sh \ + ${WRKSRC}/dovecot-example.conf @${REINPLACE_CMD} -e 's,%%PREFIX%%,${PREFIX},' \ ${WRKSRC}/dovecot-example.conf @@ -28,26 +113,31 @@ ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL do-install: - @${MKDIR} ${PREFIX}/lib/dovecot + @${MKDIR} ${PREFIX}/libexec/dovecot ${INSTALL_PROGRAM} \ ${WRKSRC}/src/imap/imap \ - ${WRKSRC}/src/auth/imap-auth \ - ${WRKSRC}/src/login/imap-login \ - ${PREFIX}/lib/dovecot/ - ${INSTALL_DATA} ${WRKSRC}/dovecot-example.conf ${PREFIX}/etc/ - ${INSTALL_PROGRAM} ${WRKSRC}/src/master/imap-master ${PREFIX}/sbin/ + ${WRKSRC}/src/pop3/pop3 \ + ${WRKSRC}/src/auth/dovecot-auth \ + ${WRKSRC}/src/imap-login/imap-login \ + ${WRKSRC}/src/pop3-login/pop3-login \ + ${PREFIX}/libexec/dovecot/ + ${INSTALL_DATA} ${WRKSRC}/dovecot-example.conf ${PREFIX}/etc/ + ${INSTALL_PROGRAM} ${WRKSRC}/src/master/dovecot ${PREFIX}/sbin/ post-install: @${MKDIR} /var/dovecot @${MKDIR} /var/dovecot/ssl + @${MKDIR} /var/dovecot/ssl/certs + @${MKDIR} /var/dovecot/ssl/private @${MKDIR} /var/dovecot/auth + @${CHOWN} -R dovecot:dovecot /var/dovecot @${MKDIR} /var/dovecot/login - @${CHOWN} -R imapd:imapd /var/dovecot - @if [ ! -f ${PREFIX}/etc/rc.d/dovecot-imapd.sh ]; then \ - ${ECHO} "Installing dovecot-imapd.sh startup file."; \ - ${INSTALL_SCRIPT} -m 751 ${FILESDIR}/dovecot-imapd.sh \ - ${PREFIX}/etc/rc.d/dovecot-imapd.sh; \ - fi + @${CHOWN} root:dovecot /var/dovecot/login + @${MKDIR} /var/run/dovecot + @${CHMOD} 0700 /var/run/dovecot + @${CHOWN} root:dovecot /var/run/dovecot + ${INSTALL_SCRIPT} -m 751 ${FILESDIR}/dovecot.sh.sample \ + ${PREFIX}/etc/rc.d/dovecot.sh.sample .if !defined(NOPORTDOCS) @${MKDIR} ${PREFIX}/share/doc/dovecot @${INSTALL_DATA} \ @@ -58,7 +148,16 @@ ${WRKSRC}/doc/nfs.txt \ ${WRKSRC}/doc/configuration.txt \ ${WRKSRC}/doc/mail-storages.txt \ + ${WRKSRC}/doc/dovecot-ldap.conf \ + ${WRKSRC}/doc/dovecot-pgsql.conf \ + ${WRKSRC}/doc/dovecot-openssl.cnf \ + ${WRKSRC}/doc/mkcert.sh \ + ${FILESDIR}/README.FreeBSD \ ${PREFIX}/share/doc/dovecot .endif + @${CP} ${PKGMESSAGE} ${WRKDIR}/pkg-message + @${REINPLACE_CMD} -e 's,%%PREFIX%%,${PREFIX},g' \ + ${WRKDIR}/pkg-message + @${CAT} ${WRKDIR}/pkg-message .include <bsd.port.mk> diff -ruN /usr/ports/mail/dovecot/distinfo dovecot/distinfo --- /usr/ports/mail/dovecot/distinfo Thu Jan 16 18:33:15 2003 +++ dovecot/distinfo Tue Apr 29 16:24:40 2003 @@ -1 +1 @@ -MD5 (dovecot-0.99.5.tar.gz) = b9e592f23213be9db3603f8bda8235cd +MD5 (dovecot-0.99.9.tar.gz) = 37b5c3fffcaa704bf2f4c373b5735b62 diff -ruN /usr/ports/mail/dovecot/files/README.FreeBSD dovecot/files/README.FreeBSD --- /usr/ports/mail/dovecot/files/README.FreeBSD Thu Jan 1 01:00:00 1970 +++ dovecot/files/README.FreeBSD Mon Apr 28 13:42:12 2003 @@ -0,0 +1,58 @@ +# +# README.FreeBSD +# +# $FreeBSD$ +# + + o Dovecot currently will not allow users with a user or group id of 0 + to login. Because of this you will not be able to open root's + mailbox, or any of the mailboxes of users in the wheel group. This is + intended as a security feature, and isn't an issue on Linux because + the concept of wheel is not enforced by GNU su. + + + 2003/04/15 + It is now possible to change this behavior to allow wheel users to + check their mailboxes with Dovecot. Add the following line to your + dovecot.conf: + + allow_zero_gid = yes + + o The configuration which is supplied with this port is installed into + PREFIX/etc/dovecot-example.conf and PREFIX defaults to /usr/local. + I have attempted to choose what appears to be the best mixture of + performance and compatibility and set Dovecot up to start POP3 and + IMAP services for all the local users of the machine. This should be + enough for the simplest sites to get up and running straight away. + + o Enabling SSL services should be easy, the Dovecot port is configured + by default to keep its SSL information under /var/dovecot/ssl, if you + already have certificates you wish to use then you can override this + in the configuration. If you don't have a certificate and wish to + make your own it should be as simple as: + + # cd PREFIX/share/doc/dovecot/ + # vi dovecot-openssl.conf + + Add information which describes your enivironment. + + # sh mkcert.sh + + Execute the certificate generator. This will put a new certificate + and private key under /var/dovecot/ssl. + + # cd PREFIX/etc/ + # vi dovecot.conf + + Reconfigure Dovecot to use SSL. + + The variables you will want to set in dovecot.conf to allow a SSL + secured POP3 and IMAP service are: + + + protocols = imap imaps pop3 pop3s + + ssl_disable = no + + You may wish to also change the following variables to reflect the + location of SSL certificates on your system. + + + ssl_cert_file = /var/dovecot/ssl/certs/imapd.pem + + ssl_key_file = /var/dovecot/ssl/private/imapd.pem diff -ruN /usr/ports/mail/dovecot/files/dovecot-imapd.sh dovecot/files/dovecot-imapd.sh --- /usr/ports/mail/dovecot/files/dovecot-imapd.sh Sun Sep 1 15:17:07 2002 +++ dovecot/files/dovecot-imapd.sh Thu Jan 1 01:00:00 1970 @@ -1,21 +0,0 @@ -#!/bin/sh - -if ! PREFIX=$(expr $0 : "\(/.*\)/etc/rc\.d/$(basename $0)\$"); then - echo "$0: Cannot determine the PREFIX" >&2 - exit 1 -fi - -case "$1" in -start) - [ -x ${PREFIX}/sbin/imap-master ] && \ - ${PREFIX}/sbin/imap-master && echo -n ' dovecot-imapd' - ;; -stop) - /usr/bin/killall imap-master && echo -n ' dovecot-imapd' - ;; -*) - echo "Usage: `basename $0` { start | stop }" >&2 - ;; -esac - -exit 0 diff -ruN /usr/ports/mail/dovecot/files/dovecot.sh.sample dovecot/files/dovecot.sh.sample --- /usr/ports/mail/dovecot/files/dovecot.sh.sample Thu Jan 1 01:00:00 1970 +++ dovecot/files/dovecot.sh.sample Mon Apr 28 13:42:12 2003 @@ -0,0 +1,21 @@ +#!/bin/sh + +if ! PREFIX=$(expr $0 : "\(/.*\)/etc/rc\.d/$(basename $0)\$"); then + echo "$0: Cannot determine the PREFIX" >&2 + exit 1 +fi + +case "$1" in +start) + [ -x ${PREFIX}/sbin/dovecot ] && \ + ${PREFIX}/sbin/dovecot && echo -n ' dovecot' + ;; +stop) + /usr/bin/killall dovecot && echo -n ' dovecot' + ;; +*) + echo "Usage: `basename $0` { start | stop }" >&2 + ;; +esac + +exit 0 diff -ruN /usr/ports/mail/dovecot/files/patch-allow-zero-gid dovecot/files/patch-allow-zero-gid --- /usr/ports/mail/dovecot/files/patch-allow-zero-gid Thu Jan 1 01:00:00 1970 +++ dovecot/files/patch-allow-zero-gid Mon Apr 28 13:42:12 2003 @@ -0,0 +1,172 @@ +Index: src/lib/restrict-access.c +=================================================================== +RCS file: /home/cvs/dovecot/src/lib/restrict-access.c,v +retrieving revision 1.10 +diff -u -3 -p -r1.10 restrict-access.c +--- src/lib/restrict-access.c 4 Mar 2003 04:00:13 -0000 1.10 ++++ src/lib/restrict-access.c 15 Apr 2003 17:37:26 -0000 +@@ -31,12 +31,14 @@ + #include <grp.h> + + void restrict_access_set_env(const char *user, uid_t uid, gid_t gid, +- const char *chroot_dir) ++ const char *chroot_dir, int allow_zg) + { + if (user != NULL && *user != '\0') + env_put(t_strconcat("RESTRICT_USER=", user, NULL)); + if (chroot_dir != NULL && *chroot_dir != '\0') + env_put(t_strconcat("RESTRICT_CHROOT=", chroot_dir, NULL)); ++ if (allow_zg == TRUE) ++ env_put(t_strdup("ALLOW_ZERO_GID=TRUE")); + + env_put(t_strdup_printf("RESTRICT_SETUID=%s", dec2str(uid))); + env_put(t_strdup_printf("RESTRICT_SETGID=%s", dec2str(gid))); +@@ -45,6 +47,7 @@ void restrict_access_set_env(const char + void restrict_access_by_env(int disallow_root) + { + const char *env; ++ int allow_zero_gid; + gid_t gid; + uid_t uid; + +@@ -97,8 +100,14 @@ void restrict_access_by_env(int disallow + i_fatal("We couldn't drop root privileges"); + } + +- if ((gid != 0 && uid != 0) || disallow_root) { ++ /* allow users with zero group id permission for BSD */ ++ env = getenv("ALLOW_ZERO_GID"); ++ allow_zero_gid = env == NULL ? FALSE : TRUE; ++ ++ if (allow_zero_gid == FALSE && ++ ((gid != 0 && uid != 0) || disallow_root)) { + if (getgid() == 0 || getegid() == 0 || setgid(0) == 0) + i_fatal("We couldn't drop root group privileges"); + } ++ + } +Index: src/lib/restrict-access.h +=================================================================== +RCS file: /home/cvs/dovecot/src/lib/restrict-access.h,v +retrieving revision 1.4 +diff -u -3 -p -r1.4 restrict-access.h +--- src/lib/restrict-access.h 4 Mar 2003 04:00:13 -0000 1.4 ++++ src/lib/restrict-access.h 15 Apr 2003 17:37:26 -0000 +@@ -4,7 +4,7 @@ + /* set environment variables so they can be read with + restrict_access_by_env() */ + void restrict_access_set_env(const char *user, uid_t uid, gid_t gid, +- const char *chroot_dir); ++ const char *chroot_dir, int allow_zg); + + /* chroot, setuid() and setgid() based on environment variables. + If disallow_roots is TRUE, we'll kill ourself if we didn't have the +Index: src/master/auth-process.c +=================================================================== +RCS file: /home/cvs/dovecot/src/master/auth-process.c,v +retrieving revision 1.41 +diff -u -3 -p -r1.41 auth-process.c +--- src/master/auth-process.c 2 Apr 2003 02:09:41 -0000 1.41 ++++ src/master/auth-process.c 15 Apr 2003 17:37:27 -0000 +@@ -307,7 +307,7 @@ static pid_t create_auth_process(struct + + /* setup access environment */ + restrict_access_set_env(group->set->user, pwd->pw_uid, pwd->pw_gid, +- group->set->chroot); ++ group->set->chroot, set->allow_zero_gid); + + /* set other environment */ + env_put(t_strconcat("AUTH_PROCESS=", dec2str(getpid()), NULL)); +Index: src/master/login-process.c +=================================================================== +RCS file: /home/cvs/dovecot/src/master/login-process.c,v +retrieving revision 1.40 +diff -u -3 -p -r1.40 login-process.c +--- src/master/login-process.c 15 Apr 2003 16:58:48 -0000 1.40 ++++ src/master/login-process.c 15 Apr 2003 17:37:27 -0000 +@@ -384,7 +384,8 @@ static void login_process_init_env(struc + clean_child_process() since it clears environment */ + restrict_access_set_env(group->set->user, + group->set->uid, set->login_gid, +- set->login_chroot ? set->login_dir : NULL); ++ set->login_chroot ? set->login_dir : NULL, ++ FALSE); + + env_put("DOVECOT_MASTER=1"); + +Index: src/master/mail-process.c +=================================================================== +RCS file: /home/cvs/dovecot/src/master/mail-process.c,v +retrieving revision 1.13 +diff -u -3 -p -r1.13 mail-process.c +--- src/master/mail-process.c 15 Apr 2003 16:58:48 -0000 1.13 ++++ src/master/mail-process.c 15 Apr 2003 17:37:28 -0000 +@@ -25,7 +25,7 @@ static int validate_uid_gid(uid_t uid, g + return FALSE; + } + +- if (uid != 0 && gid == 0) { ++ if (set->allow_zero_gid == FALSE && uid != 0 && gid == 0) { + i_error("mail process isn't allowed to be in group 0"); + return FALSE; + } +@@ -38,8 +38,9 @@ static int validate_uid_gid(uid_t uid, g + return FALSE; + } + +- if (gid < (gid_t)set->first_valid_gid || +- (set->last_valid_gid != 0 && gid > (gid_t)set->last_valid_gid)) { ++ if (set->allow_zero_gid == FALSE && ++ (gid < (gid_t)set->first_valid_gid || ++ (set->last_valid_gid != 0 && gid > (gid_t)set->last_valid_gid))) { + i_error("mail process isn't allowed to use " + "GID %s (UID is %s)", dec2str(gid), dec2str(uid)); + return FALSE; +@@ -150,7 +151,8 @@ int create_mail_process(int socket, stru + (paranoia about filling up environment without noticing) */ + restrict_access_set_env(data + reply->system_user_idx, + reply->uid, reply->gid, +- reply->chroot ? data + reply->home_idx : NULL); ++ reply->chroot ? data + reply->home_idx : NULL, ++ set->allow_zero_gid); + + restrict_process_size(process_size, (unsigned int)-1); + +Index: src/master/master-settings.c +=================================================================== +RCS file: /home/cvs/dovecot/src/master/master-settings.c,v +retrieving revision 1.16 +diff -u -3 -p -r1.16 master-settings.c +--- src/master/master-settings.c 2 Apr 2003 02:09:41 -0000 1.16 ++++ src/master/master-settings.c 15 Apr 2003 17:37:28 -0000 +@@ -46,6 +46,7 @@ static struct setting_def setting_defs[] + DEF(SET_INT, max_mail_processes), + DEF(SET_BOOL, verbose_proctitle), + ++ DEF(SET_BOOL, allow_zero_gid), + DEF(SET_INT, first_valid_uid), + DEF(SET_INT, last_valid_uid), + DEF(SET_INT, first_valid_gid), +@@ -153,6 +154,7 @@ struct settings default_settings = { + MEMBER(max_mail_processes) 1024, + MEMBER(verbose_proctitle) FALSE, + ++ MEMBER(allow_zero_gid) FALSE, + MEMBER(first_valid_uid) 500, + MEMBER(last_valid_uid) 0, + MEMBER(first_valid_gid) 1, +Index: src/master/master-settings.h +=================================================================== +RCS file: /home/cvs/dovecot/src/master/master-settings.h,v +retrieving revision 1.10 +diff -u -3 -p -r1.10 master-settings.h +--- src/master/master-settings.h 2 Apr 2003 02:09:41 -0000 1.10 ++++ src/master/master-settings.h 15 Apr 2003 17:37:29 -0000 +@@ -32,6 +32,7 @@ struct settings { + unsigned int max_mail_processes; + int verbose_proctitle; + ++ int allow_zero_gid; + unsigned int first_valid_uid, last_valid_uid; + unsigned int first_valid_gid, last_valid_gid; + diff -ruN /usr/ports/mail/dovecot/files/patch-dovecot-example.conf dovecot/files/patch-dovecot-example.conf --- /usr/ports/mail/dovecot/files/patch-dovecot-example.conf Thu Jan 16 18:33:15 2003 +++ dovecot/files/patch-dovecot-example.conf Mon Apr 28 13:42:12 2003 @@ -1,56 +1,193 @@ ---- dovecot-example.conf Thu Jan 2 10:33:53 2003 -+++ dovecot-example.conf.new Sat Jan 4 21:40:34 2003 -@@ -64,7 +64,7 @@ +--- dovecot-example.conf.orig Fri Apr 4 13:17:25 2003 ++++ dovecot-example.conf Sat Apr 19 14:11:40 2003 +@@ -7,11 +7,11 @@ + # --with-ssldir=/etc/ssl + + # Base directory where to store runtime data. +-#base_dir = /var/run/dovecot/ ++base_dir = /var/dovecot/ + + # Protocols we want to be serving: + # imap imaps pop3 pop3s +-#protocols = imap imaps ++protocols = imap pop3 + + # IP or host address where to listen in for connections. It's not currently + # possible to specify multiple addresses. "*" listens in all IPv4 interfaces. +@@ -27,18 +27,18 @@ + #pop3s_listen = + + # Disable SSL/TLS support. +-#ssl_disable = no ++ssl_disable = yes + + # PEM encoded X.509 SSL/TLS certificate and private key. They're opened before + # dropping root privileges, so keep the key file unreadable by anyone but + # root. Included doc/mkcert.sh can be used to easily generate self-signed + # certificate, just make sure to update the domains in dovecot-openssl.cnf +-#ssl_cert_file = /etc/ssl/certs/dovecot.pem +-#ssl_key_file = /etc/ssl/private/dovecot.pem ++ssl_cert_file = %%SSLDIR%%/certs/imapd.pem ++ssl_key_file = %%SSLDIR%%/private/imapd.pem + + # SSL parameter file. Master process generates this file for login processes. + # It contains Diffie Hellman and RSA parameters. +-#ssl_parameters_file = /var/run/dovecot/ssl-parameters.dat ++ssl_parameters_file = %%SSLDIR%%/parameters.dat + + # How often to regenerate the SSL parameters file. Generation is quite CPU + # intensive operation. The value is in hours, 0 disables regeneration +@@ -67,11 +67,11 @@ + # Directory where authentication process places authentication UNIX sockets + # which login needs to be able to connect to. The sockets are created when + # running as root, so you don't have to worry about permissions. +-#login_dir = /var/run/dovecot/login ++login_dir = /var/dovecot/login + + # chroot login process to the login_dir. Only reason not to do this is if you + # wish to run the whole Dovecot without roots. +-#login_chroot = yes ++login_chroot = yes + + ## +@@ -81,12 +81,12 @@ + login = imap - # Executable location + # Executable location. -#login_executable = /usr/libexec/dovecot/imap-login -+login_executable = %%PREFIX%%/dovecot/imap-login ++login_executable = %%PREFIX%%/libexec/dovecot/imap-login - # User to use for imap-login process - #login_user = imapd -@@ -76,7 +76,7 @@ - # Directory where imap-auth places authentication UNIX sockets which login - # needs to be able to connect to. The sockets are created when running as - # root, so you don't need to give imap-auth any access for it. --#login_dir = /var/run/dovecot/login -+login_dir = /var/dovecot/login + # User to use for the login process. The user must belong to a group where + # only it has access, it's used to control access for authentication process + # named sockets. +-#login_user = dovecot ++login_user = dovecot + + # Set max. process size in megabytes. If you don't use + # login_process_per_connection you might need to grow this. +@@ -100,7 +100,7 @@ + + # Number of login processes to create. If login_process_per_user is + # yes, this is the number of extra processes waiting for users to log in. +-#login_processes_count = 3 ++login_processes_count = 1 + + # Maximum number of extra login processes to create. The extra process count + # usually stays at login_processes_count, but when multiple users start logging +@@ -126,7 +126,7 @@ + login = pop3 + + # Exception to above rule being the executable location. +-#login_executable = /usr/libexec/dovecot/pop3-login ++login_executable = %%PREFIX%%/libexec/dovecot/pop3-login - # chroot imap-login process to the login_dir. Only reason not to do this - # is if you wish to run the whole imapd without roots. -@@ -111,7 +111,7 @@ + ## + ## Mail processes +@@ -139,10 +139,10 @@ + # Show more verbose process titles (in ps). Currently shows user name and + # IP address. Useful for seeing who are actually using the IMAP processes + # (eg. shared mailboxes or if same uid is used for multiple accounts). +-#verbose_proctitle = no ++verbose_proctitle = yes + + # Show protocol level SSL errors. +-#verbose_ssl = no ++verbose_ssl = yes + + # Valid UID/GID ranges for users, defaults to 500 and above. This is mostly + # to make sure that users can't log in as daemons or other system users. +@@ -160,7 +160,7 @@ + # WARNING: Never add directories here which local users can modify, that + # may lead to root exploit. Usually this should be done only if you don't + # allow shell access for users. See doc/configuration.txt for more information. +-#valid_chroot_dirs = ++valid_chroot_dirs = /var/mail + + # Default MAIL environment to use when it's not set. By leaving this empty + # dovecot tries to do some automatic detection as described in +@@ -179,7 +179,7 @@ + # mbox:~/mail/:INBOX=/var/mail/%u + # mbox:/var/mail/%d/%n/:INDEX=/var/indexes/%d/%n + # +-#default_mail_env = ++default_mail_env = mbox:/var/mail/%u + + # Space-separated list of fields to cache for all mails. Currently these + # fields are allowed followed by a list of commands they speed up: +@@ -224,7 +224,7 @@ + # arrives in half a hour, Dovecot closes the connection. This is still + # fine, except Outlook doesn't connect back so you don't see if new mail + # arrives. +-#client_workarounds = ++client_workarounds = oe6-fetch-no-newmail outlook-idle + + # Dovecot can notify client of new mail in selected mailbox soon after it's + # received. This setting specifies the minimum interval in seconds between +@@ -249,7 +249,7 @@ + # Save mails with CR+LF instead of plain LF. This makes sending those mails + # take less CPU, especially with sendfile() syscall with Linux and FreeBSD. + # But it also creates a bit more disk I/O which may just make it slower. +-#mail_save_crlf = no ++mail_save_crlf = yes + + # Use mmap() instead of read() to read mail files. read() seems to be a bit + # faster with my Linux/x86 and it's better with NFS, so that's the default. +@@ -261,7 +261,7 @@ + # know any MUA which would modify mail files directly. IMAP protocol also + # requires that the mails don't change, so it would be problematic in any case. + # If you care about performance, enable it. +-#maildir_copy_with_hardlinks = no ++maildir_copy_with_hardlinks = yes + + # Check if mails' content has been changed by external programs. This slows + # down things as extra stat() needs to be called for each file. If changes are +@@ -280,7 +280,7 @@ + # with is important to avoid deadlocks if other MTAs/MUAs are using both fcntl + # and flock. Some operating systems don't allow using both of them + # simultaneously, eg. BSDs. If dotlock is used, it's always created first. +-#mbox_locks = dotlock fcntl ++mbox_locks = fcntl + + # Should we create dotlock file even when we want only a read-lock? Setting + # this to yes hurts the performance when the mailbox is accessed simultaneously +@@ -310,7 +310,7 @@ ## # Executable location -#imap_executable = /usr/libexec/dovecot/imap -+imap_executable = %%PREFIX%%/dovecot/imap ++imap_executable = %%PREFIX%%/libexec/dovecot/imap + + # Set max. process size in megabytes. Most of the memory goes to mmap()ing + # files, so it shouldn't harm much even if this limit is set pretty high. +@@ -321,7 +321,7 @@ + ## + + # Executable location +-#pop3_executable = /usr/libexec/dovecot/pop3 ++pop3_executable = %%PREFIX%%/libexec/dovecot/pop3 # Set max. process size in megabytes. Most of the memory goes to mmap()ing # files, so it shouldn't harm much even if this limit is set pretty high. -@@ -292,7 +292,7 @@ - auth_userinfo = pam +@@ -374,10 +374,10 @@ + # vpopmail: vpopmail authentication + # ldap <config path>: LDAP, see doc/dovecot-ldap.conf + # pgsql <config path>: a PostgreSQL database, see doc/dovecot-pgsql.conf +-auth_passdb = pam ++auth_passdb = passwd # Executable location --#auth_executable = /usr/libexec/dovecot/imap-auth -+auth_executable = %%PREFIX%%/dovecot/imap-auth +-#auth_executable = /usr/libexec/dovecot/dovecot-auth ++auth_executable = %%PREFIX%%/libexec/dovecot/dovecot-auth # Set max. process size in megabytes. #auth_process_size = 256 -@@ -303,7 +303,7 @@ +@@ -402,7 +402,7 @@ - # Directory where to chroot the process. Most authentication backends don't - # work if this is set, and there's no point chrooting if auth_user is root. --#auth_chroot = -+auth_chroot = /var/dovecot/auth - - # Number of authentication processes to create - #auth_count = 1 -@@ -319,7 +319,7 @@ - #auth_realms = - #auth_userinfo = passwd-file /etc/passwd.imap - #auth_user = imapauth --#auth_chroot = /var/run/dovecot/auth -+#auth_chroot = /var/dovecot/auth + # More verbose logging. Useful for figuring out why authentication isn't + # working. +-#auth_verbose = no ++auth_verbose = yes - # if you plan to use only passwd-file, you don't need the two auth processes, - # simply set "auth_methods = plain digest-md5" + # digest-md5 authentication process. It requires special MD5 passwords which + # /etc/shadow and PAM doesn't support, so we never need roots to handle it. diff -ruN /usr/ports/mail/dovecot/files/patch-mkcert.sh dovecot/files/patch-mkcert.sh --- /usr/ports/mail/dovecot/files/patch-mkcert.sh Thu Jan 1 01:00:00 1970 +++ dovecot/files/patch-mkcert.sh Mon Apr 28 13:42:12 2003 @@ -0,0 +1,11 @@ +--- doc/mkcert.sh Tue Apr 15 14:28:24 2003 ++++ mkcert.sh.new Tue Apr 15 14:28:52 2003 +@@ -4,7 +4,7 @@ + # Edit dovecot-openssl.cnf before running this. + + OPENSSL=${OPENSSL-openssl} +-SSLDIR=${SSLDIR-/etc/ssl} ++SSLDIR=${SSLDIR-%%SSLDIR%%} + OPENSSLCONFIG=${OPENSSLCONFIG-dovecot-openssl.cnf} + + CERTFILE=$SSLDIR/certs/imapd.pem diff -ruN /usr/ports/mail/dovecot/pkg-comment dovecot/pkg-comment --- /usr/ports/mail/dovecot/pkg-comment Sun Sep 1 15:17:04 2002 +++ dovecot/pkg-comment Thu Jan 1 01:00:00 1970 @@ -1 +0,0 @@ -Secure and compact IMAP server diff -ruN /usr/ports/mail/dovecot/pkg-install dovecot/pkg-install --- /usr/ports/mail/dovecot/pkg-install Sun Sep 1 15:17:04 2002 +++ dovecot/pkg-install Mon Apr 28 13:42:12 2003 @@ -36,8 +36,8 @@ } if [ x"$2" = xPRE-INSTALL ]; then - USER=imapd - GROUP=imapd + USER=dovecot + GROUP=dovecot if /usr/sbin/pw groupshow "${GROUP}" 2>/dev/null; then echo "You already have a group \"${GROUP}\", so I will use it." @@ -57,7 +57,7 @@ else if /usr/sbin/pw useradd ${USER} -g ${GROUP} -h - \ -s /sbin/nologin \ - -c "Imap Daemon" + -c "Dovecot" then echo "Added user \"${USER}\"." else diff -ruN /usr/ports/mail/dovecot/pkg-message dovecot/pkg-message --- /usr/ports/mail/dovecot/pkg-message Thu Jan 1 01:00:00 1970 +++ dovecot/pkg-message Mon Apr 28 13:42:12 2003 @@ -0,0 +1,22 @@ +--------------------------------------------------------------------- + + You can get default configured IMAP and POP3 services running by + copying the following sample files to the given locations. In this + simple configuration Dovecot will authenticate users against the + systems passwd file and use the default /var/mail/$USER mbox files. + + %%PREFIX%%/etc/dovecot-example.conf + -> %%PREFIX%%/etc/dovecot.conf + + %%PREFIX%%/etc/rc.d/dovecot.sh.sample + -> %%PREFIX%%/etc/rc.d/dovecot.sh + + Further information on configuration can be found in: + + %%PREFIX%%/share/doc/dovecot/ + + FreeBSD specific information is covered in the following file: + + %%PREFIX%%/share/doc/dovecot/README.FreeBSD + +--------------------------------------------------------------------- diff -ruN /usr/ports/mail/dovecot/pkg-plist dovecot/pkg-plist --- /usr/ports/mail/dovecot/pkg-plist Thu Jan 16 18:33:15 2003 +++ dovecot/pkg-plist Tue Apr 29 16:31:29 2003 @@ -1,9 +1,11 @@ etc/dovecot-example.conf -etc/rc.d/dovecot-imapd.sh -lib/dovecot/imap -lib/dovecot/imap-auth -lib/dovecot/imap-login -sbin/imap-master +etc/rc.d/dovecot.sh.sample +libexec/dovecot/imap +libexec/dovecot/imap-login +libexec/dovecot/pop3 +libexec/dovecot/pop3-login +libexec/dovecot/dovecot-auth +sbin/dovecot %%PORTDOCS%%share/doc/dovecot/auth.txt %%PORTDOCS%%share/doc/dovecot/design.txt %%PORTDOCS%%share/doc/dovecot/nfs.txt @@ -11,5 +13,10 @@ %%PORTDOCS%%share/doc/dovecot/multiaccess.txt %%PORTDOCS%%share/doc/dovecot/configuration.txt %%PORTDOCS%%share/doc/dovecot/mail-storages.txt +%%PORTDOCS%%share/doc/dovecot/dovecot-ldap.conf +%%PORTDOCS%%share/doc/dovecot/dovecot-pgsql.conf +%%PORTDOCS%%share/doc/dovecot/dovecot-openssl.cnf +%%PORTDOCS%%share/doc/dovecot/mkcert.sh +%%PORTDOCS%%share/doc/dovecot/README.FreeBSD %%PORTDOCS%%@dirrm share/doc/dovecot -@dirrm lib/dovecot +@dirrm libexec/dovecot Thanks, -- Dominic <dom at cus.org.uk> <d.marks at student.umist.ac.uk>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030503180224.GA12431>