improve documentation and migration

2004-12-23 20:17:34 +00:00 · 2004-12-23 20:17:34 +00:00 · 71d947cd2c
commit 71d947cd2c
parent 6cf645eca7
3 changed files with 203 additions and 623 deletions
--- a/dovecot-conf.patch
+++ b/dovecot-conf.patch
@ -1,17 +1,10 @@
 diff -r -u dovecot-0.99.11.orig/configure.in dovecot-0.99.11/configure.in
 --- dovecot-0.99.11.orig/configure.in	2004-09-04 05:20:19.000000000 -0400
-+++ dovecot-0.99.11/configure.in	2004-11-19 16:36:37.000000000 -0500
-@@ -21,6 +21,20 @@
+++ dovecot-0.99.11/configure.in	2004-12-14 16:26:18.000000000 -0500
+@@ -21,6 +21,13 @@
 # check posix headers
 AC_CHECK_HEADERS(sys/time.h)
 
-+AC_ARG_WITH(logindir,
-+[  --with-logindir=DIR       LOGIN directory (LOCALSTATEDIR/run/dovecot)],
-+	logindir="$withval",
-+	logindir=\${localstatedir}/run/dovecot/login
-+)
-+AC_SUBST(logindir)
-+
 +AC_ARG_WITH(docdir,
 +[  --with-docdir=DIR       directory for documentation (DATADIR/doc/dovecot)],
 +	docdir="$withval",
@ -22,607 +15,80 @@ diff -r -u dovecot-0.99.11.orig/configure.in dovecot-0.99.11/configure.in
 AC_ARG_ENABLE(ipv6,
 [  --enable-ipv6           Enable IPv6 support (default)],
 	if test x$enableval = xno; then
-@@ -180,6 +194,8 @@
- )
- AC_SUBST(ssldir)
- 
-+AM_CONDITIONAL(BUILD_SSL, test "$want_gnutls" = "yes" -o "$want_openssl" = "yes" )
-+
- AC_ARG_WITH(pop3d,
- [  --with-pop3d            Build POP3 server (default)],
- 	if test x$withval = xno; then
-@@ -1121,6 +1137,13 @@
- 	AC_MSG_RESULT($i_cv_type_in6_addr)
- fi
- 
-+if test $i_cv_type_in6_addr = yes; then
-+	listenaddr='[[::]]'
-+else
-+	listenaddr='*'
-+fi
-+AC_SUBST(listenaddr)
-+
- dnl **
- dnl ** storage classes
- dnl **
-@@ -1148,7 +1171,9 @@
- 
- AC_OUTPUT(
- Makefile
-+dovecot.conf
- doc/Makefile
-+doc/mkcert.sh
- src/Makefile
- src/lib/Makefile
- src/lib-charset/Makefile
-diff -r -u dovecot-0.99.11.orig/doc/Makefile.am dovecot-0.99.11/doc/Makefile.am
+diff -u -r dovecot-0.99.11.orig/doc/Makefile.am dovecot-0.99.11/doc/Makefile.am
 --- dovecot-0.99.11.orig/doc/Makefile.am	2004-05-25 14:21:10.000000000 -0400
-+++ dovecot-0.99.11/doc/Makefile.am	2004-11-19 12:21:31.000000000 -0500
-@@ -1,4 +1,4 @@
+++ dovecot-0.99.11/doc/Makefile.am	2004-12-22 14:49:43.000000000 -0500
+@@ -1,19 +1,26 @@
 -docdir = $(datadir)/doc/dovecot
 +exampledir=$(docdir)/examples
 
- doc_DATA = \
- 	auth.txt \
-@@ -10,10 +10,13 @@
- 	nfs.txt \
+-doc_DATA = \
+-	auth.txt \
+-	configuration.txt \
+-	design.txt \
+-	index.txt \
+-	mail-storages.txt \
+-	multiaccess.txt \
+-	nfs.txt \
+doc_DATA =			\
+	auth.txt		\
+	configuration.txt	\
+	design.txt		\
+	index.txt		\
+	mail-storages.txt	\
+	multiaccess.txt		\
+	nfs.txt			\
 	securecoding.txt
 
 -EXTRA_DIST = \
-+example_DATA = \
- 	mkcert.sh \
- 	dovecot-openssl.cnf \
- 	dovecot-ldap.conf \
- 	dovecot-mysql.conf \
+-	mkcert.sh \
+-	dovecot-openssl.cnf \
+-	dovecot-ldap.conf \
+-	dovecot-mysql.conf \
 -	dovecot-pgsql.conf \
+example_DATA =			\
+	../dovecot-example.conf	\
+	mkcert.sh		\
+	dovecot-ldap.conf	\
+	dovecot-mysql.conf	\
 +	dovecot-pgsql.conf
 +
-+EXTRA_DIST = \
-+	$(example_DATA) \
+ssl_DATA =			\
+	dovecot-openssl.cnf
+
+EXTRA_DIST =			\
+	$(example_DATA)		\
+	$(ssl_DATA)		\
 	$(doc_DATA)
-diff -r -u dovecot-0.99.11.orig/Makefile.am dovecot-0.99.11/Makefile.am
+diff -u -r dovecot-0.99.11.orig/Makefile.am dovecot-0.99.11/Makefile.am
 --- dovecot-0.99.11.orig/Makefile.am	2003-05-05 12:46:57.000000000 -0400
-+++ dovecot-0.99.11/Makefile.am	2004-11-22 16:08:01.000000000 -0500
-@@ -1,7 +1,18 @@
+++ dovecot-0.99.11/Makefile.am	2004-12-21 16:29:26.000000000 -0500
+@@ -1,11 +1,22 @@
 SUBDIRS = src doc
 
 confdir = $(sysconfdir)
 -conf_DATA = dovecot-example.conf
 +conf_DATA = dovecot.conf
+ 
+-EXTRA_DIST = \
+-	config.rpath \
+-	dovecot.spec \
+-	dovecot.spec.in \
+-	COPYING.LGPL \
 +
-+doc_DATA = 		\
-+	AUTHORS		\
-+	COPYING		\
-+	COPYING.LGPL	\
-+	ChangeLog	\
-+	INSTALL		\
-+	NEWS		\
-+	README		\
+doc_DATA =			\
+	AUTHORS			\
+	COPYING			\
+	COPYING.LGPL		\
+	ChangeLog		\
+	INSTALL			\
+	NEWS			\
+	README			\
 +	TODO
 +
- 
- EXTRA_DIST = \
- 	config.rpath \
-diff -N -u dovecot-0.99.11.orig/doc/mkcert.sh.in dovecot-0.99.11/doc/mkcert.sh.in
--- dovecot-0.99.11.orig/doc/mkcert.sh.in	1969-12-31 19:00:00.000000000 -0500
-+++ dovecot-0.99.11/doc/mkcert.sh.in	2004-11-19 13:47:38.000000000 -0500
-@@ -0,0 +1,34 @@
-+#!/bin/sh
-+
-+# Generates a self-signed certificate.
-+# Edit dovecot-openssl.cnf before running this.
-+
-+OPENSSL=${OPENSSL-openssl}
-+SSLDIR=${SSLDIR-@ssldir@}
-+OPENSSLCONFIG=${OPENSSLCONFIG-dovecot-openssl.cnf}
-+
-+CERTFILE=$SSLDIR/certs/@PACKAGE@.pem
-+KEYFILE=$SSLDIR/private/@PACKAGE@.pem
-+
-+if [ ! -d $SSLDIR/certs ]; then
-+  echo "$SSLDIR/certs directory doesn't exist"
-+fi
-+
-+if [ ! -d $SSLDIR/private ]; then
-+  echo "$SSLDIR/private directory doesn't exist"
-+fi
-+
-+if [ -f $CERTFILE ]; then
-+  echo "$CERTFILE already exists, won't overwrite"
-+  exit 1
-+fi
-+
-+if [ -f $KEYFILE ]; then
-+  echo "$KEYFILE already exists, won't overwrite"
-+  exit 1
-+fi
-+
-+$OPENSSL req -new -x509 -nodes -config $OPENSSLCONFIG -out $CERTFILE -keyout $KEYFILE -days 365 || exit 2
-+chmod 0600 $KEYFILE
-+echo 
-+$OPENSSL x509 -subject -fingerprint -noout -in $CERTFILE || exit 2
-diff -N -u dovecot-0.99.11.orig/dovecot.conf.in dovecot-0.99.11/dovecot.conf.in
--- dovecot-0.99.11.orig/dovecot.conf.in	1969-12-31 19:00:00.000000000 -0500
-+++ dovecot-0.99.11/dovecot.conf.in	2004-11-19 16:42:03.000000000 -0500
-@@ -0,0 +1,481 @@
-+## Dovecot 1.0 configuration file
-+
-+# Base directory where to store runtime data.
-+#base_dir = @localstatedir@/run/dovecot/
-+
-+# Protocols we want to be serving:
-+#  imap imaps pop3 pop3s
-+#protocols = imap imaps
-+
-+# IP or host address where to listen in for connections. It's not currently
-+# possible to specify multiple addresses. "*" listens in all IPv4 interfaces.
-+# "[::]" listens in all IPv6 interfaces, but may also listen in all IPv4
-+# interfaces depending on the operating system. You can specify ports with
-+# "host:port".
-+imap_listen = @listenaddr@
-+pop3_listen = @listenaddr@
-+
-+# IP or host address where to listen in for SSL connections. Defaults
-+# to above non-SSL equilevants if not specified.
-+#imaps_listen = @listenaddr@
-+#pop3s_listen = @listenaddr@
-+
-+# Disable SSL/TLS support.
-+@BUILD_SSL_TRUE@ssl_disable = no
-+
-+# PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
-+# dropping root privileges, so keep the key file unreadable by anyone but
-+# root. Included doc/mkcert.sh can be used to easily generate self-signed
-+# certificate, just make sure to update the domains in dovecot-openssl.cnf
-+@BUILD_SSL_TRUE@ssl_cert_file = @ssldir@/certs/@PACKAGE@.pem
-+@BUILD_SSL_TRUE@ssl_key_file = @ssldir@/private/@PACKAGE@.pem
-+
-+# SSL parameter file. Master process generates this file for login processes.
-+# It contains Diffie Hellman and RSA parameters.
-+@BUILD_SSL_TRUE@ssl_parameters_file = @localstatedir@/run/dovecot/ssl-parameters.dat
-+
-+# How often to regenerate the SSL parameters file. Generation is quite CPU
-+# intensive operation. The value is in hours, 0 disables regeneration
-+# entirely.
-+@BUILD_SSL_TRUE@ssl_parameters_regenerate = 24
-+
-+# Disable LOGIN command and all other plaintext authentications unless
-+# SSL/TLS is used (LOGINDISABLED capability). Note that 127.*.*.* and
-+# IPv6 ::1 addresses are considered secure, this setting has no effect if
-+# you connect from those addresses.
-+#disable_plaintext_auth = yes
-+
-+# Use this logfile instead of syslog(). /dev/stderr can be used if you want to
-+# use stderr for logging (ONLY /dev/stderr - otherwise it is closed).
-+#log_path = 
-+
-+# For informational messages, use this logfile instead of the default
-+#info_log_path = 
-+
-+# Prefix for each line written to log file. % codes are in strftime(3)
-+# format.
-+#log_timestamp = "%b %d %H:%M:%S "
-+
-+##
-+## Login processes
-+##
-+
-+# Directory where authentication process places authentication UNIX sockets
-+# which login needs to be able to connect to. The sockets are created when
-+# running as root, so you don't have to worry about permissions. Note that
-+# everything in this directory is deleted when Dovecot is started.
-+#login_dir = @logindir@
-+
-+# chroot login process to the login_dir. Only reason not to do this is if you
-+# wish to run the whole Dovecot without roots.
-+#login_chroot = yes
-+
-+
-+##
-+## IMAP login process
-+##
-+
-+login = imap
-+
-+# Executable location.
-+#login_executable = @libexecdir@/dovecot/imap-login
-+
-+# User to use for the login process. Create a completely new user for this,
-+# and don't use it anywhere else. The user must also belong to a group where
-+# only it has access, it's used to control access for authentication process.
-+#login_user = dovecot
-+
-+# Set max. process size in megabytes. If you don't use
-+# login_process_per_connection you might need to grow this.
-+#login_process_size = 32
-+
-+# Should each login be processed in it's own process (yes), or should one
-+# login process be allowed to process multiple connections (no)? Yes is more
-+# secure, espcially with SSL/TLS enabled. No is faster since there's no need
-+# to create processes all the time.
-+#login_process_per_connection = yes
-+
-+# Number of login processes to create. If login_process_per_user is
-+# yes, this is the number of extra processes waiting for users to log in.
-+#login_processes_count = 3
-+
-+# Maximum number of extra login processes to create. The extra process count
-+# usually stays at login_processes_count, but when multiple users start logging
-+# in at the same time more extra processes are created. To prevent fork-bombing
-+# we check only once in a second if new processes should be created - if all
-+# of them are used at the time, we double their amount until limit set by this
-+# setting is reached. This setting is used only if login_process_per_use is yes.
-+#login_max_processes_count = 128
-+
-+# Maximum number of connections allowed in login state. When this limit is
-+# reached, the oldest connections are dropped. If login_process_per_user
-+# is no, this is a per-process value, so the absolute maximum number of users
-+# logging in actually login_processes_count * max_logging_users.
-+#login_max_logging_users = 256
-+
-+##
-+## POP3 login process
-+##
-+
-+# Settings default to same as above, so you don't have to set anything
-+# unless you want to override them.
-+
-+login = pop3
-+
-+# Exception to above rule being the executable location.
-+#login_executable = @libexecdir@/dovecot/pop3-login
-+
-+##
-+## Mail processes
-+##
-+
-+# Maximum number of running mail processes. When this limit is reached,
-+# new users aren't allowed to log in.
-+#max_mail_processes = 1024
-+
-+# Show more verbose process titles (in ps). Currently shows user name and
-+# IP address. Useful for seeing who are actually using the IMAP processes
-+# (eg. shared mailboxes or if same uid is used for multiple accounts).
-+#verbose_proctitle = no
-+
-+# Show protocol level SSL errors.
-+@BUILD_SSL_TRUE@verbose_ssl = no
-+
-+# Valid UID range for users, defaults to 500 and above. This is mostly
-+# to make sure that users can't log in as daemons or other system users.
-+# Note that denying root logins is hardcoded to dovecot binary and can't
-+# be done even if first_valid_uid is set to 0.
-+#first_valid_uid = 500
-+#last_valid_uid = 0
-+
-+# Valid GID range for users, defaults to non-root/wheel. Users having
-+# non-valid GID as primary group ID aren't allowed to log in. If user
-+# belongs to supplementary groups with non-valid GIDs, those groups are
-+# not set.
-+#first_valid_gid = 1
-+#last_valid_gid = 0
-+
-+# Grant access to these extra groups for mail processes. Typical use would be
-+# to give "mail" group write access to /var/mail to be able to create dotlocks.
-+#mail_extra_groups =
-+
-+# ':' separated list of directories under which chrooting is allowed for mail
-+# processes (ie. /var/mail will allow chrooting to /var/mail/foo/bar too).
-+# This setting doesn't affect login_chroot or auth_chroot variables.
-+# WARNING: Never add directories here which local users can modify, that
-+# may lead to root exploit. Usually this should be done only if you don't
-+# allow shell access for users. See doc/configuration.txt for more information.
-+#valid_chroot_dirs = 
-+
-+# Default chroot directory for mail processes. This can be overridden by
-+# giving /./ in user's home directory (eg. /home/./user chroots into /home).
-+#mail_chroot = 
-+
-+# Default MAIL environment to use when it's not set. By leaving this empty
-+# dovecot tries to do some automatic detection as described in
-+# doc/mail-storages.txt. There's a few special variables you can use:
-+#
-+#   %u - username
-+#   %n - user part in user@domain, same as %u if there's no domain
-+#   %d - domain part in user@domain, empty if user there's no domain
-+#   %h - home directory
-+#
-+# You can also limit a width of string by giving the number of max. characters
-+# after the '%' character. For example %1u gives the first character of
-+# username. Some examples:
-+#
-+#   default_mail_env = maildir:/var/mail/%1u/%u/Maildir
-+#   default_mail_env = mbox:~/mail/:INBOX=/var/mail/%u
-+#   default_mail_env = mbox:/var/mail/%d/%n/:INDEX=/var/indexes/%d/%n
-+#
-+#default_mail_env = 
-+
-+# Space-separated list of fields to cache for all mails. Currently these
-+# fields are allowed followed by a list of commands they speed up:
-+#
-+#  Envelope      - FETCH ENVELOPE and SEARCH FROM, TO, CC, BCC, SUBJECT,
-+#                  SENTBEFORE, SENTON, SENTSINCE, HEADER MESSAGE-ID,
-+#                  HEADER IN-REPLY-TO
-+#  Body          - FETCH BODY
-+#  Bodystructure - FETCH BODY, BODYSTRUCTURE
-+#  MessagePart   - FETCH BODY[1.2.3] (ie. body parts), RFC822.SIZE,
-+#                  SEARCH SMALLER, LARGER, also speeds up BODY/BODYSTRUCTURE
-+#                  generation. This is always set with mbox mailboxes, and
-+#                  also default with Maildir.
-+#
-+# Different IMAP clients work in different ways, that's why Dovecot by default
-+# only caches MessagePart which speeds up most operations. Whenever client
-+# does something where caching could be used, the field is automatically marked
-+# to be cached later. For example after FETCH BODY the BODY will be cached
-+# for all new messages. Normally you should leave this alone, unless you know
-+# what most of your IMAP clients are. Caching more fields than needed makes
-+# the index files larger and generate useless I/O.
-+#
-+# With maildir there's one extra optimization - if nothing is cached, indexing
-+# the maildir becomes much faster since it's not opening any of the mail files.
-+# This could be useful if your IMAP clients access only new mails.
-+
-+#mail_cache_fields = MessagePart
-+
-+# Space-separated list of fields that Dovecot should never set to be cached.
-+# Useful if you want to save disk space at the cost of more I/O when the fields
-+# needed.
-+#mail_never_cache_fields = 
-+
-+# Workarounds for various client bugs:
-+#   oe6-fetch-no-newmail:
-+#     Never send EXISTS/RECENT when replying to FETCH command. Outlook Express
-+#     seems to think they are FETCH replies and gives user "Message no longer
-+#     in server" error. Note that OE6 still breaks even with this workaround
-+#     if synchronization is set to "Headers Only".
-+#   outlook-idle:
-+#     Outlook and Outlook Express never abort IDLE command, so if no mail
-+#     arrives in half a hour, Dovecot closes the connection. This is still
-+#     fine, except Outlook doesn't connect back so you don't see if new mail
-+#     arrives.
-+#   outlook-pop3-no-nuls:
-+#     Outlook and Outlook Express hang if mails contain NUL characters.
-+#     This setting replaces them with 0x80 character.
-+#client_workarounds = 
-+
-+# Dovecot can notify client of new mail in selected mailbox soon after it's
-+# received. This setting specifies the minimum interval in seconds between
-+# new mail notifications to client - internally they may be checked more or
-+# less often. Setting this to 0 disables the checking.
-+# NOTE: Evolution client breaks with this option when it's trying to APPEND.
-+#mailbox_check_interval = 0
-+
-+# Like mailbox_check_interval, but used for IDLE command.
-+#mailbox_idle_check_interval = 30
-+
-+# Allow full filesystem access to clients. There's no access checks other than
-+# what the operating system does for the active UID/GID. It works with both
-+# maildir and mboxes, allowing you to prefix mailboxes names with eg. /path/
-+# or ~user/.
-+#mail_full_filesystem_access = no
-+
-+# Maximum allowed length for custom flag name. It's only forced when trying
-+# to create new flags.
-+#mail_max_flag_length = 50
-+
-+# Save mails with CR+LF instead of plain LF. This makes sending those mails
-+# take less CPU, especially with sendfile() syscall with Linux and FreeBSD.
-+# But it also creates a bit more disk I/O which may just make it slower.
-+#mail_save_crlf = no
-+
-+# Use mmap() instead of read() to read mail files. read() seems to be a bit
-+# faster with my Linux/x86 and it's better with NFS, so that's the default.
-+#mail_read_mmaped = no
-+
-+# By default LIST command returns all entries in maildir beginning with dot.
-+# Enabling this option makes Dovecot return only entries which are directories.
-+# This is done by stat()ing each entry, so it causes more disk I/O.
-+# (For systems setting struct dirent->d_type, this check is free and it's
-+# done always regardless of this setting)
-+#maildir_stat_dirs = no
-+
-+# Copy mail to another folders using hard links. This is much faster than
-+# actually copying the file. This is problematic only if something modifies
-+# the mail in one folder but doesn't want it modified in the others. I don't
-+# know any MUA which would modify mail files directly. IMAP protocol also
-+# requires that the mails don't change, so it would be problematic in any case.
-+# If you care about performance, enable it.
-+#maildir_copy_with_hardlinks = no
-+
-+# Check if mails' content has been changed by external programs. This slows
-+# down things as extra stat() needs to be called for each file. If changes are
-+# noticed, the message is treated as a new message, since IMAP protocol
-+# specifies that existing messages are immutable.
-+#maildir_check_content_changes = no
-+
-+# Which locking methods to use for locking mbox. There's three available:
-+#  dotlock: Create <mailbox>.lock file. This is the oldest and most NFS-safe
-+#           solution. If you want to use /var/mail/ like directory, the users
-+#           will need write access to that directory.
-+#  fcntl  : Use this if possible. Works with NFS too if lockd is used.
-+#  flock  : May not exist in all systems. Doesn't work with NFS.
-+#
-+# You can use both fcntl and flock too; if you do the order they're declared
-+# with is important to avoid deadlocks if other MTAs/MUAs are using both fcntl
-+# and flock. Some operating systems don't allow using both of them
-+# simultaneously, eg. BSDs. If dotlock is used, it's always created first.
-+#mbox_locks = dotlock fcntl
-+
-+# Should we create dotlock file even when we want only a read-lock? Setting
-+# this to yes hurts the performance when the mailbox is accessed simultaneously
-+# by multiple processes, but it's needed for reliable reading if no other
-+# locking methods are available.
-+#mbox_read_dotlock = no
-+
-+# Maximum time in seconds to wait for lock (all of them) before aborting.
-+#mbox_lock_timeout = 300
-+
-+# If dotlock exists but the mailbox isn't modified in any way, override the
-+# lock file after this many seconds.
-+#mbox_dotlock_change_timeout = 30
-+
-+# umask to use for mail files and directories
-+#umask = 0077
-+
-+# Drop all privileges before exec()ing the mail process. This is mostly
-+# meant for debugging, otherwise you don't get core dumps. Note that setting
-+# this to yes means that log file is opened as the logged in user, which
-+# might not work. It could also be a small security risk if you use single UID
-+# for multiple users, as the users could ptrace() each others processes then.
-+#mail_drop_priv_before_exec = no
-+
-+##
-+## IMAP process
-+##
-+
-+# Executable location
-+#imap_executable = @libexecdir@/dovecot/imap
-+
-+# Set max. process size in megabytes. Most of the memory goes to mmap()ing
-+# files, so it shouldn't harm much even if this limit is set pretty high.
-+#imap_process_size = 256
-+
-+# Support for dynamically loadable modules.
-+#imap_use_modules = no
-+#imap_modules = @moduledir@/imap
-+
-+##
-+## POP3 process
-+##
-+
-+# Executable location
-+#pop3_executable = @libexecdir@/dovecot/pop3
-+
-+# Set max. process size in megabytes. Most of the memory goes to mmap()ing
-+# files, so it shouldn't harm much even if this limit is set pretty high.
-+#pop3_process_size = 256
-+
-+# Support for dynamically loadable modules.
-+#pop3_use_modules = no
-+#pop3_modules = @moduledir@/pop3
-+
-+##
-+## Authentication processes
-+##
-+
-+# An Authentication process is a child process used by Dovecot that
-+# handles the authentication steps. The steps cover an authentication
-+# mechanism (auth_mechanisms, how the client authenticates in the IMAP or
-+# POP3 protocol), which password database should be queried (auth_passdb),
-+# and which user database should be queried (auth_userdb, to obtain
-+# UID, GID, and location of the user's mailbox/home directory).
-+#
-+# You can have multiple processes, though a typical configuration will
-+# have only one. Each time "auth = xx" is seen, a new process
-+# definition is started. The point of multiple processes is to be able
-+# to set stricter permissions. (See auth_user below.)
-+#
-+# Just remember that only one Authentication process is asked for the
-+# password, so you can't have different passwords accessible through
-+# different process definitions (unless they have different
-+# auth_mechanisms, and you're ok with having different password for
-+# each mechanisms).
-+
-+# Authentication process name.
-+auth = default
-+
-+# Specifies how the client authenticates in the IMAP protocol.
-+# Space separated list of permitted authentication mechanisms:
-+#   anonymous plain digest-md5 cram-md5
-+#
-+# anonymous - No authentication required.
-+# plain - The password is sent as plain text. All IMAP/POP3 clients
-+#  support this, and the password can be encrypted by Dovecot to match
-+#  any of the encryption schemes used in password databases.
-+# digest-md5 and cram-md5 - both encrypt the password so it is more
-+#  secure in transit, but are not well supported by clients, and
-+#  require that the password database use a matching encryption
-+#  scheme (or be in plaintext).
-+#
-+# See auth.txt for more details.
-+#
-+# If you are using SSL there is less benefit to digest-md5 and
-+# cram-md5 as the communication is already encrypted.
-+auth_mechanisms = plain
-+
-+# Space separated list of realms for SASL authentication mechanisms that need
-+# them. You can leave it empty if you don't want to support multiple realms.
-+# Many clients simply use the first one listed here, so keep the default realm
-+# first.
-+#auth_realms =
-+
-+# Default realm/domain to use if none was specified. This is used for both
-+# SASL realms and appending @domain to username in plaintext logins.
-+#auth_default_realm = 
-+
-+# Where user database is kept:
-+#   passwd: /etc/passwd or similiar, using getpwnam()
-+#   passwd-file <path>: passwd-like file with specified location
-+#   static uid=<uid> gid=<gid> home=<dir template>: static settings
-+#   vpopmail: vpopmail library
-+#   ldap <config path>: LDAP, see doc/dovecot-ldap.conf
-+#   pgsql <config path>: a PostgreSQL database, see doc/dovecot-pgsql.conf
-+auth_userdb = passwd
-+
-+# Where password database is kept:
-+#   passwd: /etc/passwd or similiar, using getpwnam()
-+#   shadow: /etc/shadow or similiar, using getspnam()
-+#   pam [<service> | *]: PAM authentication
-+#   passwd-file <path>: passwd-like file with specified location
-+#   vpopmail: vpopmail authentication
-+#   ldap <config path>: LDAP, see doc/dovecot-ldap.conf
-+#   pgsql <config path>: a PostgreSQL database, see doc/dovecot-pgsql.conf
-+auth_passdb = pgsql @sysconfdir@/dovecot-pgsql.conf
-+
-+#auth_executable = @libexecdir@/dovecot/dovecot-auth
-+
-+# Set max. process size in megabytes.
-+#auth_process_size = 256
-+
-+# User to use for the process. This user needs access to only user and
-+# password databases, nothing else. Only shadow and pam authentication
-+# requires roots, so use something else if possible. Note that passwd
-+# authentication with BSDs internally accesses shadow files, which also
-+# requires roots.
-+auth_user = root
-+
-+# Directory where to chroot the process. Most authentication backends don't
-+# work if this is set, and there's no point chrooting if auth_user is root.
-+#auth_chroot = 
-+
-+# Number of authentication processes to create
-+#auth_count = 1
-+
-+# List of allowed characters in username. If the user-given username contains
-+# a character not listed in here, the login automatically fails. This is just
-+# an extra check to make sure user can't exploit any potential quote escaping
-+# vulnerabilities with SQL/LDAP databases. If you want to allow all characters,
-+# set this value to empty.
-+#auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
-+
-+# Username to use for users logging in with ANONYMOUS SASL mechanism
-+#auth_anonymous_username = anonymous
-+
-+# More verbose logging. Useful for figuring out why authentication isn't
-+# working.
-+#auth_verbose = no
-+
-+# Even more verbose logging for debugging purposes. Shows for example SQL
-+# queries.
-+#auth_debug = no
-+
-+# digest-md5 authentication process. It requires special MD5 passwords which
-+# /etc/shadow and PAM doesn't support, so we never need roots to handle it.
-+# Note that the passwd-file is opened before chrooting and dropping root
-+# privileges, so it may be 0600-root owned file.
-+
-+#auth = digest_md5
-+#auth_mechanisms = digest-md5
-+#auth_realms = 
-+#auth_userdb = passwd-file /etc/passwd.imap
-+#auth_passdb = passwd-file /etc/passwd.imap
-+#auth_user = imapauth
-+#auth_chroot = 
-+
-+# if you plan to use only passwd-file, you don't need the two auth processes,
-+# simply set "auth_methods = plain digest-md5"
+EXTRA_DIST =			\
+	config.rpath		\
+	dovecot.spec		\
+	dovecot.spec.in		\
+	COPYING.LGPL		\
+ 	$(conf_DATA)
--- a/dovecot-configfile.patch
+++ b/dovecot-configfile.patch
@ -0,0 +1,100 @@
+diff -u dovecot-0.99.11/dovecot-example.conf dovecot-0.99.11/dovecot.conf
+--- dovecot-0.99.11/dovecot-example.conf	2004-08-28 08:26:10.000000000 -0400
+++ dovecot-0.99.11/dovecot.conf	2004-12-21 17:18:01.000000000 -0500
+@@ -1,25 +1,19 @@
+ ## Dovecot 1.0 configuration file
+ 
+-# Default values are shown after each value, it's not required to uncomment
+-# any of the lines. Exception to this are paths, they're just examples
+-# with real defaults being based on configure options. The paths listed here
+-# are for configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
+-# --with-ssldir=/etc/ssl
+-
+ # Base directory where to store runtime data.
+ #base_dir = /var/run/dovecot/
+ 
+ # Protocols we want to be serving:
+ #  imap imaps pop3 pop3s
+-#protocols = imap imaps
+protocols = imap imaps pop3 pop3s
+ 
+ # IP or host address where to listen in for connections. It's not currently
+ # possible to specify multiple addresses. "*" listens in all IPv4 interfaces.
+ # "[::]" listens in all IPv6 interfaces, but may also listen in all IPv4
+ # interfaces depending on the operating system. You can specify ports with
+ # "host:port".
+-#imap_listen = *
+-#pop3_listen = *
+imap_listen = [::]
+pop3_listen = [::]
+ 
+ # IP or host address where to listen in for SSL connections. Defaults
+ # to above non-SSL equilevants if not specified.
+@@ -33,8 +27,8 @@
+ # dropping root privileges, so keep the key file unreadable by anyone but
+ # root. Included doc/mkcert.sh can be used to easily generate self-signed
+ # certificate, just make sure to update the domains in dovecot-openssl.cnf
+-#ssl_cert_file = /etc/ssl/certs/dovecot.pem
+-#ssl_key_file = /etc/ssl/private/dovecot.pem
+ssl_cert_file = /usr/share/ssl/certs/dovecot.pem
+ssl_key_file = /usr/share/ssl/private/dovecot.pem
+ 
+ # SSL parameter file. Master process generates this file for login processes.
+ # It contains Diffie Hellman and RSA parameters.
+@@ -70,7 +64,7 @@
+ # which login needs to be able to connect to. The sockets are created when
+ # running as root, so you don't have to worry about permissions. Note that
+ # everything in this directory is deleted when Dovecot is started.
+-#login_dir = /var/run/dovecot/login
+login_dir = /var/run/dovecot-login
+ 
+ # chroot login process to the login_dir. Only reason not to do this is if you
+ # wish to run the whole Dovecot without roots.
+@@ -305,7 +299,7 @@
+ # with is important to avoid deadlocks if other MTAs/MUAs are using both fcntl
+ # and flock. Some operating systems don't allow using both of them
+ # simultaneously, eg. BSDs. If dotlock is used, it's always created first.
+-#mbox_locks = dotlock fcntl
+#mbox_locks = fcntl
+ 
+ # Should we create dotlock file even when we want only a read-lock? Setting
+ # this to yes hurts the performance when the mailbox is accessed simultaneously
+@@ -431,8 +425,8 @@
+ #   vpopmail: vpopmail authentication
+ #   ldap <config path>: LDAP, see doc/dovecot-ldap.conf
+ #   pgsql <config path>: a PostgreSQL database, see doc/dovecot-pgsql.conf
+-auth_passdb = pgsql /usr/local/etc/dovecot-pgsql.conf
+#auth_passdb = pgsql /usr/local/etc/dovecot-pgsql.conf
+ 
+ #auth_executable = /usr/libexec/dovecot/dovecot-auth
+   
+
+diff -u -r dovecot-0.99.11.orig/doc/mkcert.sh dovecot-0.99.11/doc/mkcert.sh
+--- dovecot-0.99.11.orig/doc/mkcert.sh	2004-07-22 20:04:37.000000000 -0400
+++ dovecot-0.99.11/doc/mkcert.sh	2004-12-22 16:33:20.000000000 -0500
+@@ -4,11 +4,12 @@
+ # Edit dovecot-openssl.cnf before running this.
+ 
+ OPENSSL=${OPENSSL-openssl}
+-SSLDIR=${SSLDIR-/etc/ssl}
+-OPENSSLCONFIG=${OPENSSLCONFIG-dovecot-openssl.cnf}
+SSLDIR=${SSLDIR-/usr/share/ssl}
+OPENSSLCONFIG=${OPENSSLCONFIG-$SSLDIR/dovecot-openssl.cnf}
+CERTNAME=${CERTNAME-dovecot}
+ 
+-CERTFILE=$SSLDIR/certs/imapd.pem
+-KEYFILE=$SSLDIR/private/imapd.pem
+CERTFILE=$SSLDIR/certs/$CERTNAME.pem
+KEYFILE=$SSLDIR/private/$CERTNAME.pem
+ 
+ if [ ! -d $SSLDIR/certs ]; then
+   echo "$SSLDIR/certs directory doesn't exist"
+@@ -29,6 +30,7 @@
+ fi
+ 
+ $OPENSSL req -new -x509 -nodes -config $OPENSSLCONFIG -out $CERTFILE -keyout $KEYFILE -days 365 || exit 2
+-chmod 0600 $KEYFILE
+chown root:root $CERTFILE $KEYFILE
+chmod 0600 $CERTFILE $KEYFILE
+ echo 
+ $OPENSSL x509 -subject -fingerprint -noout -in $CERTFILE || exit 2
--- a/dovecot.spec
+++ b/dovecot.spec
@ -1,7 +1,7 @@
 Summary: Dovecot Secure imap server
 Name: dovecot
 Version: 0.99.11
-Release: 6.devel
+Release: 7.devel
 License: LGPL
 Group: System Environment/Daemons
 Source: %{name}-%{version}.tar.gz
@ -12,6 +12,7 @@ Source4: migrate-folders
 Source5: migrate-users
 Source6: perfect_maildir.pl
 Patch100: dovecot-conf.patch
+Patch101: dovecot-configfile.patch

 # Patches 500+ from upstream fixes
 URL: http://dovecot.procontrol.fi/
@ -23,11 +24,12 @@ BuildRequires: openldap-devel
 BuildRequires: pam-devel
 BuildRequires: pkgconfig
 BuildRequires: zlib-devel
-BuildRequires: gettext-devel
 Prereq: openssl, /sbin/chkconfig, /usr/sbin/useradd

 %define docdir %{_docdir}/%{name}-%{version}
 %define ssldir /usr/share/ssl
+%define dovecot-uid 97
+%define dovecot-gid 97

 %description
 Dovecot is an IMAP server for Linux/UNIX-like systems, written with security 
@ -39,28 +41,27 @@ in either of maildir or mbox formats.
 %setup -q -n %{name}-%{version}

 %patch100 -p1 -b .config
+cp $RPM_BUILD_DIR/${RPM_PACKAGE_NAME}-${RPM_PACKAGE_VERSION}/dovecot-example.conf $RPM_BUILD_DIR/${RPM_PACKAGE_NAME}-${RPM_PACKAGE_VERSION}/dovecot.conf
+%patch101 -p1 -b .configfile

 %build
 rm -f ./configure
 aclocal
-automake -a -f
-autoconf -f
-%configure                           		\
-	--with-docdir=%{docdir}			\
-	--with-logindir=/var/run/dovecot-login	\
-	--with-mbox-locks=fcntl			\
-	--with-pgsql                 		\
-	--with-mysql                 		\
-	--with-ssl=openssl           		\
-	--with-ssldir=%{ssldir} 		\
+automake -a
+autoconf
+%configure                           \
+	--with-docdir=%{docdir}	     \
+	--with-pgsql                 \
+	--with-mysql                 \
+	--with-ssl=openssl           \
+	--with-ssldir=%{ssldir}      \
 	--with-ldap

 make

 %install
 rm -rf $RPM_BUILD_ROOT
-make DESTDIR=$RPM_BUILD_ROOT install
-
+make install DESTDIR=$RPM_BUILD_ROOT
 rm -rf $RPM_BUILD_ROOT/%{_datadir}/%{name}
 mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/rc.d/init.d
 install -m 755 %{SOURCE1} $RPM_BUILD_ROOT/%{_sysconfdir}/rc.d/init.d/dovecot
@ -77,33 +78,40 @@ mkdir -p $RPM_BUILD_ROOT/var/run/dovecot
 chmod 700 $RPM_BUILD_ROOT/var/run/dovecot
 mkdir -p $RPM_BUILD_ROOT/var/run/dovecot-login

+# Install some of our own documentation
 install -m755 -d $RPM_BUILD_ROOT%{docdir}/UW-to-Dovecot-Migration
-for f in maildir-migration.txt migrate-folders migrate-users perfect_maildir.pl
+for f in maildir-migration.txt
 do
    install -m644 $RPM_SOURCE_DIR/$f $RPM_BUILD_ROOT%{docdir}/UW-to-Dovecot-Migration
 done

+for f in migrate-folders migrate-users perfect_maildir.pl
+do
+    install -m755 $RPM_SOURCE_DIR/$f $RPM_BUILD_ROOT%{docdir}/UW-to-Dovecot-Migration
+done
+
 %pre
-/usr/sbin/useradd -c "dovecot" -u 97 -s /sbin/nologin -r -d /usr/libexec/dovecot dovecot 2>/dev/null || :
+/usr/sbin/useradd -c "dovecot" -u %{dovecot-uid} -s /sbin/nologin -r -d /usr/libexec/dovecot dovecot 2>/dev/null || :

 %post
 /sbin/chkconfig --add dovecot
 # create a ssl cert
 if [ ! -f %{ssldir}/certs/dovecot.pem ]; then
-pushd %{ssldir} &>/dev/null
-umask 077
-cat << EOF | openssl req -new -x509 -days 365 -nodes -out certs/dovecot.pem -keyout private/dovecot.pem &>/dev/null
--
-SomeState
-SomeCity
-SomeOrganization
-SomeOrganizationalUnit
-localhost.localdomain
-root@localhost.localdomain
-EOF
-chown root:root private/dovecot.pem certs/dovecot.pem
-chmod 600 private/dovecot.pem certs/dovecot.pem
-popd &>/dev/null
+%{docdir}/examples/mkcert.sh &> /dev/null
+#pushd %{ssldir} &>/dev/null
+#umask 077
+#cat << EOF | openssl req -new -x509 -days 365 -nodes -out certs/dovecot.pem -keyout private/dovecot.pem &>/dev/null
+#--
+#SomeState
+#SomeCity
+#SomeOrganization
+#SomeOrganizationalUnit
+#localhost.localdomain
+#root@localhost.localdomain
+#EOF
+#chown root:root private/dovecot.pem certs/dovecot.pem
+#chmod 600 private/dovecot.pem certs/dovecot.pem
+#popd &>/dev/null
 fi
 exit 0

@ -125,6 +133,7 @@ rm -rf $RPM_BUILD_ROOT
 %config(noreplace) %{_sysconfdir}/dovecot.conf
 %config %{_sysconfdir}/rc.d/init.d/dovecot
 %config %{_sysconfdir}/pam.d/dovecot
+%config(noreplace) %{ssldir}/dovecot-openssl.cnf
 %attr(0600,root,root) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %{ssldir}/certs/dovecot.pem
 %attr(0600,root,root) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %{ssldir}/private/dovecot.pem
 %dir %{_libexecdir}/%{name}
@ -132,9 +141,14 @@ rm -rf $RPM_BUILD_ROOT
 %{_sbindir}/dovecot
 %dir /var/run/dovecot
 %attr(0750,root,dovecot) %dir /var/run/dovecot-login
+%attr(0750,root,dovecot) %{docdir}/examples/mkcert.sh


 %changelog
+* Thu Dec 23 2004 John Dennis <jdennis@redhat.com> 0.99.11-7.devel
+- add UW to Dovecot migration documentation and scripts, bug #139954
+  fix SSL documentation and scripts, add missing documentation, bug #139276
+
 * Thu Nov 15 2004 Warren Togami <wtogami@redhat.com> 0.99.11-2.FC4.1
 - rebuild against MySQL4