- added

Changed files:
    courier-imap-authdaemon.init -> 1.1
    courier-imap-authdaemon.sysconfig -> 1.1
    courier-imap-pop3.pamd -> 1.1
    courier-imap-pop3.sysconfig -> 1.1

diff --git a/courier-imap-authdaemon.init b/courier-imap-authdaemon.init
new file mode 100644 (file)
index 0000000..bc889fc
--- /dev/null
+++ b/courier-imap-authdaemon.init
@@ -0,0 +1,61 @@
+#!/bin/sh
+# IMAP Auth Daemon
+#
+# chkconfig:   345 80 20
+# description: IMAP Auth Daemon
+
+# Source function library
+. /etc/rc.d/init.d/functions
+
+# Get network config
+. /etc/sysconfig/network
+
+METHOD="plain"
+
+[ -f /etc/sysconfig/authdaemon ] && . /etc/sysconfig/authdaemon
+
+# Check that networking is up.
+if is_no "${NETWORKING}" ; then
+       msg_Network_Down "Courier IMAP - Authdaemon"
+       exit 1
+fi
+
+# See how we were called.
+case "$1" in
+  start)
+       # Check if the service is already running?
+       if [ ! -f /var/lock/subsys/authdaemon ]; then
+               msg_starting "Courier IMAP - Authdaemon"
+               daemon /usr/lib/courier-imap/authlib/authdaemond.$METHOD start
+                RETVAL=$?
+                [ $RETVAL -eq 0 ] && touch /var/lock/subsys/authdaemon
+       else
+               msg_Already_Running "Courier IMAP - Authdaemon"
+               exit 1
+       fi
+       ;;
+  stop)
+       if [ -f /var/lock/subsys/authdaemon ]; then
+               msg_stopping "Courier IMAP - Authdaemon"
+               daemon /usr/lib/courier-imap/authlib/authdaemond.$METHOD stop
+               RETVAL=$?
+               rm -f /var/lock/subsys/authdaemon
+       else
+               msg_not_running "Courier IMAP - Authdaemon"
+               exit 1
+       fi
+       ;;
+  restart|reload)
+       $0 stop
+       $0 start
+       ;;
+  status)
+       status authdaemond.$METHOD
+       ;;
+  *)
+       msg_Usage "$0 {start|stop|restart|reload|status}"
+       exit 1
+esac
+
+exit $RETVAL
+

diff --git a/courier-imap-authdaemon.sysconfig b/courier-imap-authdaemon.sysconfig
new file mode 100644 (file)
index 0000000..9349b05
--- /dev/null
+++ b/courier-imap-authdaemon.sysconfig
@@ -0,0 +1,4 @@
+# Authentication Method (plain, mysql, ldap)
+# 
+METHOD=plain
+

diff --git a/courier-imap-pop3.pamd b/courier-imap-pop3.pamd
new file mode 100644 (file)
index 0000000..be11dfc
--- /dev/null
+++ b/courier-imap-pop3.pamd
@@ -0,0 +1,9 @@
+#%PAM-1.0
+auth           required        /lib/security/pam_listfile.so item=user sense=deny file=/etc/security/blacklist onerr=succeed
+auth           required        /lib/security/pam_listfile.so item=user sense=deny file=/etc/security/blacklist.pop3 onerr=succeed
+auth           required        /lib/security/pam_unix.so
+auth           required        /lib/security/pam_tally.so file=/var/log/faillog onerr=succeed no_magic_root
+auth           required        /lib/security/pam_nologin.so
+account                required        /lib/security/pam_tally.so deny=0 file=/var/log/faillog onerr=succeed no_magic_root
+account                required        /lib/security/pam_unix.so
+session                required        /lib/security/pam_unix.so

diff --git a/courier-imap-pop3.sysconfig b/courier-imap-pop3.sysconfig
new file mode 100644 (file)
index 0000000..e843ddc
--- /dev/null
+++ b/courier-imap-pop3.sysconfig
@@ -0,0 +1,90 @@
+# Maximum number of POP3 servers started
+#
+MAXDAEMONS=40
+
+# Maximum number of connections to accept from the same IP address
+#
+MAXPERIP=4
+
+# Where mail is stored (relative to $HOME)
+#
+MAILDIR="Maildir"
+
+# To advertise the SASL capability, per RFC 2449, uncomment the POP3AUTH
+# variable:
+#
+#POP3AUTH="LOGIN"
+
+# To also advertise SASL PLAIN if SSL is enabled, uncomment the
+# POP3AUTH_TLS environment variable:
+#
+#POP3AUTH_TLS="LOGIN PLAIN"
+
+# IP address to listen on.  0 means all IP addresses.
+#
+ADDRESS=0.0.0.0
+
+# Other couriertcpd(1) options.  The following defaults should be fine.
+#
+#TCPDOPTS="-nodnslookup -noidentlookup"
+
+POP3DSSLSTART=yes
+
+# TLS_PROTOCOL sets the protocol version.  The possible versions are:
+#
+# SSL2 - SSLv2
+# SSL3 - SSLv3
+# TLS1 - TLS1
+#
+TLS_PROTOCOL=SSL3
+
+# TLS_CIPHER_LIST optionally sets the list of ciphers to be used by the
+# OpenSSL library.  In most situations you can leave TLS_CIPHER_LIST
+# undefined
+#
+#TLS_CIPHER_LIST="ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH"
+
+# TLS_DHCERTFILE - PEM file that stores our Diffie-Hellman cipher pair.
+# When OpenSSL is compiled to use Diffie-Hellman ciphers instead of RSA
+# you must generate a DH pair that will be used.  In most situations the
+# DH pair is to be treated as confidential, and the file specified by
+# TLS_DHCERTFILE must not be world-readable.
+#
+#TLS_DHCERTFILE=
+
+# TLS_CERTFILE - certificate to use.  TLS_CERTFILE is required for SSL/TLS
+# servers, and is optional for SSL/TLS clients.  TLS_CERTFILE is usually
+# treated as confidential, and must not be world-readable.
+#
+TLS_CERTFILE=/var/lib/openssl/certs/pop3d.pem
+
+# TLS_PEERCERTDIR, TLS_OURCACERT - when it is required that all peer
+# certificates are signed by a specific certificate authority, set
+# TLS_OURCACERT to the name of the file containing the certificate authority
+# root key, and set TLS_PEERCERTDIR to the name of the directory containing
+# the allowed certificates.
+#
+#TLS_PEERCERTDIR=
+#TLS_OURCACERT=
+
+# TLS_VERIFYPEER - how to verify peer certificates.  The possible values of
+# this setting are:
+#
+# NONE - do not verify anything
+#
+# PEER - verify the peer certificate, if one's presented
+#
+# REQUIREPEER - require a peer certificate, fail if one's not presented
+#
+# SSL/TLS servers will usually set TLS_VERIFYPEER to NONE.  SSL/TLS clients
+# will usually set TLS_VERIFYPEER to REQUIREPEER.
+#
+TLS_VERIFYPEER=NONE
+
+# TLS_ALLOWSELFSIGNEDCERT - this is an alternative to clients using
+# TLS_VERIFYPEER=NONE.  TLS_ALLOWSELFSIGNEDCERT ignores server certificates
+# that are not signed by a recognized certificate authority.  This allows
+# clients to simply verify that a server certificate is available.
+#
+#TLS_ALLOWSELFSIGNEDCERT=1
+