- change the compiled-in defaults and adjust the default's configfile
commented-out example settings to match compiled-in defaults, instead of changing the defaults only in the configfile, as per #179432 - fix #179574 by providing a default uidl_format for pop3 - half-fix #179620 by having plaintext auth enabled by default... this needs more thinking (which one we really want) and documentation either way
This commit is contained in:
parent
43cfb74a3f
commit
fccc5ac14c
109
dovecot-1.0.beta2-default-settings.patch
Normal file
109
dovecot-1.0.beta2-default-settings.patch
Normal file
@ -0,0 +1,109 @@
|
|||||||
|
--- ./dovecot-1.0.beta2/src/master/master-settings.c.default-settings 2006-02-02 12:28:54.000000000 +0100
|
||||||
|
+++ ./dovecot-1.0.beta2/src/master/master-settings.c 2006-02-02 12:33:06.000000000 +0100
|
||||||
|
@@ -254,8 +254,8 @@
|
||||||
|
MEMBER(syslog_facility) "mail",
|
||||||
|
|
||||||
|
/* general */
|
||||||
|
- MEMBER(protocols) "imap imaps",
|
||||||
|
- MEMBER(listen) "*",
|
||||||
|
+ MEMBER(protocols) "imap imaps pop3 pop3s",
|
||||||
|
+ MEMBER(listen) "[::]",
|
||||||
|
MEMBER(ssl_listen) NULL,
|
||||||
|
|
||||||
|
MEMBER(ssl_disable) FALSE,
|
||||||
|
@@ -266,7 +266,7 @@
|
||||||
|
MEMBER(ssl_parameters_regenerate) 168,
|
||||||
|
MEMBER(ssl_cipher_list) NULL,
|
||||||
|
MEMBER(ssl_verify_client_cert) FALSE,
|
||||||
|
- MEMBER(disable_plaintext_auth) TRUE,
|
||||||
|
+ MEMBER(disable_plaintext_auth) FALSE,
|
||||||
|
MEMBER(verbose_ssl) FALSE,
|
||||||
|
|
||||||
|
/* login */
|
||||||
|
@@ -318,7 +318,7 @@
|
||||||
|
MEMBER(maildir_stat_dirs) FALSE,
|
||||||
|
MEMBER(maildir_copy_with_hardlinks) FALSE,
|
||||||
|
MEMBER(mbox_read_locks) "fcntl",
|
||||||
|
- MEMBER(mbox_write_locks) "dotlock fcntl",
|
||||||
|
+ MEMBER(mbox_write_locks) "fcntl",
|
||||||
|
MEMBER(mbox_lock_timeout) 300,
|
||||||
|
MEMBER(mbox_dotlock_change_timeout) 30,
|
||||||
|
MEMBER(mbox_min_index_size) 0,
|
||||||
|
@@ -346,7 +346,7 @@
|
||||||
|
MEMBER(pop3_no_flag_updates) FALSE,
|
||||||
|
MEMBER(pop3_enable_last) FALSE,
|
||||||
|
MEMBER(pop3_reuse_xuidl) FALSE,
|
||||||
|
- MEMBER(pop3_uidl_format) NULL,
|
||||||
|
+ MEMBER(pop3_uidl_format) "%08Xu%08Xv",
|
||||||
|
MEMBER(pop3_client_workarounds) NULL,
|
||||||
|
MEMBER(pop3_logout_format) "top=%t/%T, retr=%r/%R, del=%d/%m, size=%s",
|
||||||
|
|
||||||
|
--- ./dovecot-1.0.beta2/dovecot-example.conf.default-settings 2006-02-02 12:31:10.000000000 +0100
|
||||||
|
+++ ./dovecot-1.0.beta2/dovecot-example.conf 2006-02-02 12:32:50.000000000 +0100
|
||||||
|
@@ -5,17 +5,14 @@
|
||||||
|
# value inside quotes, eg.: key = "# char and trailing whitespace "
|
||||||
|
|
||||||
|
# Default values are shown after each value, it's not required to uncomment
|
||||||
|
-# any of the lines. Exception to this are paths, they're just examples
|
||||||
|
-# with real defaults being based on configure options. The paths listed here
|
||||||
|
-# are for configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
|
||||||
|
-# --with-ssldir=/etc/ssl
|
||||||
|
+# any of the lines.
|
||||||
|
|
||||||
|
# Base directory where to store runtime data.
|
||||||
|
#base_dir = /var/run/dovecot/
|
||||||
|
|
||||||
|
# Protocols we want to be serving:
|
||||||
|
# imap imaps pop3 pop3s
|
||||||
|
-#protocols = imap imaps
|
||||||
|
+#protocols = imap imaps pop3 pop3s
|
||||||
|
|
||||||
|
# IP or host address where to listen in for connections. It's not currently
|
||||||
|
# possible to specify multiple addresses. "*" listens in all IPv4 interfaces.
|
||||||
|
@@ -24,7 +21,7 @@
|
||||||
|
# for each service, you will need to configure these settings inside the
|
||||||
|
# protocol imap/pop3 { ... } section, so you can specify different ports
|
||||||
|
# for IMAP/POP3.
|
||||||
|
-#listen = *
|
||||||
|
+#listen = [::]
|
||||||
|
|
||||||
|
# IP or host address where to listen in for SSL connections. Defaults
|
||||||
|
# to above if not specified.
|
||||||
|
@@ -37,8 +34,8 @@
|
||||||
|
# dropping root privileges, so keep the key file unreadable by anyone but
|
||||||
|
# root. Included doc/mkcert.sh can be used to easily generate self-signed
|
||||||
|
# certificate, just make sure to update the domains in dovecot-openssl.cnf
|
||||||
|
-#ssl_cert_file = /etc/ssl/certs/dovecot.pem
|
||||||
|
-#ssl_key_file = /etc/ssl/private/dovecot.pem
|
||||||
|
+#ssl_cert_file = /etc/pki/dovecot/certs/dovecot.pem
|
||||||
|
+#ssl_key_file = /etc/pki/dovecot/private/dovecot.pem
|
||||||
|
|
||||||
|
# If key file is password protected, give the password here. Alternatively
|
||||||
|
# give it when starting dovecot with -p parameter.
|
||||||
|
@@ -62,7 +59,7 @@
|
||||||
|
# SSL/TLS is used (LOGINDISABLED capability). Note that 127.*.*.* and
|
||||||
|
# IPv6 ::1 addresses are considered secure, this setting has no effect if
|
||||||
|
# you connect from those addresses.
|
||||||
|
-#disable_plaintext_auth = yes
|
||||||
|
+#disable_plaintext_auth = no
|
||||||
|
|
||||||
|
# Use this logfile instead of syslog(). /dev/stderr can be used if you want to
|
||||||
|
# use stderr for logging (ONLY /dev/stderr - otherwise it is closed).
|
||||||
|
@@ -352,7 +349,7 @@
|
||||||
|
# locking methods as well. Some operating systems don't allow using some of
|
||||||
|
# them simultaneously.
|
||||||
|
#mbox_read_locks = fcntl
|
||||||
|
-#mbox_write_locks = dotlock fcntl
|
||||||
|
+#mbox_write_locks = fcntl
|
||||||
|
|
||||||
|
# Maximum time in seconds to wait for lock (all of them) before aborting.
|
||||||
|
#mbox_lock_timeout = 300
|
||||||
|
@@ -521,7 +518,7 @@
|
||||||
|
# installations. %08Xu%08Xv will be the new default, so use it for new
|
||||||
|
# installations.
|
||||||
|
#
|
||||||
|
- #pop3_uidl_format =
|
||||||
|
+ #pop3_uidl_format = %08Xu%08Xv
|
||||||
|
|
||||||
|
# POP3 logout format string:
|
||||||
|
# %t - number of TOP commands
|
11
dovecot-1.0.beta2-mkcert-permissions.patch
Normal file
11
dovecot-1.0.beta2-mkcert-permissions.patch
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
--- dovecot-1.0.beta2/doc/mkcert.sh.configfile 2006-01-16 21:14:54.000000000 +0100
|
||||||
|
+++ dovecot-1.0.beta2/doc/mkcert.sh 2006-01-26 14:28:38.000000000 +0100
|
||||||
|
@@ -29,6 +29,7 @@
|
||||||
|
fi
|
||||||
|
|
||||||
|
$OPENSSL req -new -x509 -nodes -config $OPENSSLCONFIG -out $CERTFILE -keyout $KEYFILE -days 365 || exit 2
|
||||||
|
-chmod 0600 $KEYFILE
|
||||||
|
+chown root:root $CERTFILE $KEYFILE
|
||||||
|
+chmod 0600 $CERTFILE $KEYFILE
|
||||||
|
echo
|
||||||
|
$OPENSSL x509 -subject -fingerprint -noout -in $CERTFILE || exit 2
|
30
dovecot.spec
30
dovecot.spec
@ -1,7 +1,7 @@
|
|||||||
Summary: Dovecot Secure imap server
|
Summary: Dovecot Secure imap server
|
||||||
Name: dovecot
|
Name: dovecot
|
||||||
Version: 1.0
|
Version: 1.0
|
||||||
Release: 0.beta2.2
|
Release: 0.beta2.3
|
||||||
License: LGPL
|
License: LGPL
|
||||||
Group: System Environment/Daemons
|
Group: System Environment/Daemons
|
||||||
|
|
||||||
@ -17,11 +17,10 @@ Source4: migrate-folders
|
|||||||
Source5: migrate-users
|
Source5: migrate-users
|
||||||
Source6: perfect_maildir.pl
|
Source6: perfect_maildir.pl
|
||||||
Source7: dovecot-REDHAT-FAQ.txt
|
Source7: dovecot-REDHAT-FAQ.txt
|
||||||
Patch100: dovecot-conf.patch
|
Patch100: dovecot-1.0.beta2-default-settings.patch
|
||||||
Patch101: dovecot-configfile.patch
|
Patch101: dovecot-1.0.beta2-pam-tty.patch
|
||||||
Patch102: dovecot-0.99-no-literal-plus-capability.patch
|
Patch102: dovecot-1.0.beta2-pam-setcred.patch
|
||||||
Patch103: dovecot-1.0.beta2-pam-tty.patch
|
Patch103: dovecot-1.0.beta2-mkcert-permissions.patch
|
||||||
Patch104: dovecot-1.0.beta2-pam-setcred.patch
|
|
||||||
|
|
||||||
# XXX this patch needs review and forward porting
|
# XXX this patch needs review and forward porting
|
||||||
#Patch105: dovecot-auth-log.patch
|
#Patch105: dovecot-auth-log.patch
|
||||||
@ -62,12 +61,10 @@ in either of maildir or mbox formats.
|
|||||||
|
|
||||||
%setup -q -n %{name}-%{upstream}
|
%setup -q -n %{name}-%{upstream}
|
||||||
|
|
||||||
#%patch100 -p1 -b .config
|
%patch100 -p2 -b .default-settings
|
||||||
#cp $RPM_BUILD_DIR/dovecot-%{upstream}/dovecot-example.conf $RPM_BUILD_DIR/${RPM_PACKAGE_NAME}-%{upstream}/dovecot.conf
|
%patch101 -p2 -b .pam-tty
|
||||||
%patch101 -p1 -b .configfile
|
%patch102 -p2 -b .pam-setcred
|
||||||
#%patch102 -p1 -b .no-literal-plus-capability
|
%patch103 -p1 -b .mkcert-permissions
|
||||||
%patch103 -p2 -b .pam-tty
|
|
||||||
%patch104 -p2 -b .pam-setcred
|
|
||||||
#%patch105 -p1 -b .auth-log
|
#%patch105 -p1 -b .auth-log
|
||||||
|
|
||||||
%build
|
%build
|
||||||
@ -205,6 +202,15 @@ rm -rf $RPM_BUILD_ROOT
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Feb 02 2006 Petr Rockai <prockai@redhat.com> - 1.0-0.beta2.3
|
||||||
|
- change the compiled-in defaults and adjust the default's configfile
|
||||||
|
commented-out example settings to match compiled-in defaults,
|
||||||
|
instead of changing the defaults only in the configfile, as per #179432
|
||||||
|
- fix #179574 by providing a default uidl_format for pop3
|
||||||
|
- half-fix #179620 by having plaintext auth enabled by default... this
|
||||||
|
needs more thinking (which one we really want) and documentation
|
||||||
|
either way
|
||||||
|
|
||||||
* Tue Jan 31 2006 Petr Rockai <prockai@redhat.com> - 1.0-0.beta2.2
|
* Tue Jan 31 2006 Petr Rockai <prockai@redhat.com> - 1.0-0.beta2.2
|
||||||
- update URL in description
|
- update URL in description
|
||||||
- call dovecot --build-ssl-parameters in postinst as per #179430
|
- call dovecot --build-ssl-parameters in postinst as per #179430
|
||||||
|
Loading…
Reference in New Issue
Block a user