diff -Nru yiff-2.14.2-7/debian/changelog yiff-2.14.2/debian/changelog
--- yiff-2.14.2-7/debian/changelog	2005-10-19 01:10:21.000000000 +0200
+++ yiff-2.14.2/debian/changelog	2005-10-20 00:20:48.000000000 +0200
@@ -1,3 +1,19 @@
+yiff (2.14.2-8) unstable; urgency=low
+
+  * Create a user 'yiff' (group 'yiff') to run the yiff-server, it's home
+    directory is /var/lib/yiff (currently unused, but could be used to setup 
+    a chroot)
+    - new debian/yiff-server.preinst that creates the user and assigns it 
+      to the 'audio' group
+    - modified debian/yiff-server.postrm to remove the user and the new
+      files (/var/lib/yiff) as well as the new PID location (/var/run/yiff/)
+    - modified debian/yiff-server.init so that it runs as the 'yiff' user
+    - adjusted location of PIDFILE in yiff/main.c to point to
+     /var/run/yiff/yiff.pid
+  * Pre-Depends on adduser as we use it on preinst
+
+ -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Thu, 20 Oct 2005 00:04:57 +0200
+
 yiff (2.14.2-7) unstable; urgency=low
 
   * Added ` | debconf-2.0' to pre-depends  (closes: #332163).
diff -Nru yiff-2.14.2-7/debian/control yiff-2.14.2/debian/control
--- yiff-2.14.2-7/debian/control	2005-10-19 01:10:21.000000000 +0200
+++ yiff-2.14.2/debian/control	2005-10-19 23:59:13.000000000 +0200
@@ -7,7 +7,7 @@
 
 Package: yiff-server
 Architecture: any
-Pre-Depends: debconf (>> 0.5) | debconf-2.0
+Pre-Depends: debconf (>> 0.5) | debconf-2.0, adduser (>= 3.11)
 Depends: ${shlibs:Depends}
 Section: sound
 Conflicts: yiff-utils
diff -Nru yiff-2.14.2-7/debian/yiff-server.init yiff-2.14.2/debian/yiff-server.init
--- yiff-2.14.2-7/debian/yiff-server.init	2005-10-19 01:10:21.000000000 +0200
+++ yiff-2.14.2/debian/yiff-server.init	2005-10-20 00:52:28.000000000 +0200
@@ -15,9 +15,21 @@
 NAME=yiff
 DESC="Y Sound Server"
 DAEMON_PARAM=/etc/yiff/yiffrc
+PIDFILE=/var/run/yiff/yiff.pid
+DAEMON_USER=yiff
+DAEMON_GROUP=yiff
 
 test -f $DAEMON || exit 0
 
+# Creat the location for the pidfile and let the user we will run
+# as create a file there
+piddir=`dirname $PIDFILE`
+if [ ! -d "$piddir" ] ; then
+	mkdir -p $piddir
+	chmod 754 $piddir
+	chown $DAEMON_USER:$DAEMON_GROUP $piddir
+fi
+
 set -e
 
 case "$1" in
@@ -30,15 +42,19 @@
 		echo ">>  Please install your sound drivers before you start $DESC."
 		echo ">>"
 	else
-		start-stop-daemon --background --start --quiet --exec $DAEMON -- $DAEMON_PARAM 
+	# TODO: Chroot the server into a given location
+		start-stop-daemon --background --start --quiet --chuid $DAEMON_USER:$DAEMON_GROUP --exec $DAEMON -- $DAEMON_PARAM 
 		echo "$NAME."
 	fi
 	;;
   stop)
         echo -n "Stopping $DESC:"
-        for pidfile in $(find /var/run -maxdepth 1 -name "$NAME*.pid"); do
-           start-stop-daemon --stop --quiet --pidfile $pidfile --oknodo
-        done
+	if ls $piddir/yiff*.pid 2>/dev/null >&2 ; then
+		for pid in $piddir/yiff*.pid
+		do
+       			start-stop-daemon --user $DAEMON_USER --stop --quiet --pidfile $PIDFILE --oknodo
+		done
+	fi
         echo "$NAME."
         ;;
   #reload)
diff -Nru yiff-2.14.2-7/debian/yiff-server.postrm yiff-2.14.2/debian/yiff-server.postrm
--- yiff-2.14.2-7/debian/yiff-server.postrm	2005-10-19 01:10:21.000000000 +0200
+++ yiff-2.14.2/debian/yiff-server.postrm	2005-10-20 01:12:38.000000000 +0200
@@ -9,6 +9,23 @@
 	if [ -e /etc/yiff ]; then
                 rmdir --ignore-fail-on-non-empty /etc/yiff
         fi;
+
+	if [ -d /var/run/yiff ] ; then
+		rm -rf /var/run/yiff
+	fi
+
+	if [ -d /var/lib/yiff ] ; then
+		rm -rf /var/lib/yiff
+	fi
+
+	# Remove user/group
+	if getent passwd | grep -q "^yiff:"; then
+		userdel yiff 2>/dev/null || true
+	fi
+	if getent group | grep -q "^yiff:" ; then
+		delgroup --only-if-empty yiff 2>/dev/null || true
+	fi
+
 fi;
 
 
diff -Nru yiff-2.14.2-7/debian/yiff-server.preinst yiff-2.14.2/debian/yiff-server.preinst
--- yiff-2.14.2-7/debian/yiff-server.preinst	1970-01-01 01:00:00.000000000 +0100
+++ yiff-2.14.2/debian/yiff-server.preinst	2005-10-20 00:48:33.000000000 +0200
@@ -0,0 +1,80 @@
+#!/bin/sh
+
+set -e
+
+# summary of how this script can be called:
+#        * <new-preinst> `install'
+#        * <new-preinst> `install' <old-version>
+#        * <new-preinst> `upgrade' <old-version>
+#        * <old-preinst> `abort-upgrade' <new-version>
+
+
+case "$1" in
+    install|upgrade)
+
+	# If we have a default file we could source it and check if the
+	# admin has set a different user
+
+	# Sane defaults:
+
+	[ -z "$SERVER_HOME" ] && SERVER_HOME=/var/lib/yiff
+	[ -z "$SERVER_USER" ] && SERVER_USER=yiff
+	[ -z "$SERVER_NAME" ] && SERVER_NAME="Yiff audio server"
+	[ -z "$SERVER_GROUP" ] && SERVER_GROUP=yiff
+
+	ADDGROUP="audio"
+
+
+	# create user to avoid running server as root
+	# 1. create group if not existing
+	if ! getent group | grep -q "^$SERVER_GROUP:" ; then
+		addgroup --quiet --system $SERVER_GROUP 2>/dev/null || true
+	fi
+	# 2. create homedir if not existing
+	test -d $SERVER_HOME || mkdir $SERVER_HOME
+	# 3. create user if not existing
+	if ! getent passwd | grep -q "^$SERVER_USER:"; then
+	adduser --quiet \
+	        --system \
+		--ingroup $SERVER_GROUP \
+		--no-create-home \
+		--disabled-password \
+		$SERVER_USER 2>/dev/null || true
+	fi
+	# 4. adjust passwd entry
+	usermod -c "$SERVER_NAME" \
+		-d $SERVER_HOME \
+		-g $SERVER_GROUP \
+		$SERVER_USER
+	# 5. adjust file and directory permissions
+	if ! dpkg-statoverride --list $SERVER_HOME >/dev/null
+	then
+		chown -R $SERVER_USER:adm $SERVER_HOME
+		chmod u=rwx,g=rxs,o= $SERVER_HOME
+	fi
+
+	# 6. Add the user to the ADDGROUP group
+	if test -n $ADDGROUP
+	then
+		if ! groups $SERVER_USER | grep -q $ADDGROUP; then
+			adduser $SERVER_USER $ADDGROUP
+		fi
+	fi
+		
+    ;;
+    configure)
+    ;;
+    abort-upgrade)
+    ;;
+    *)
+        echo "preinst called with unknown argument \`$1'" >&2
+        exit 0
+    ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
diff -Nru yiff-2.14.2-7/yiff/main.c yiff-2.14.2/yiff/main.c
--- yiff-2.14.2-7/yiff/main.c	2005-10-19 01:10:21.000000000 +0200
+++ yiff-2.14.2/yiff/main.c	2005-10-20 00:50:37.000000000 +0200
@@ -462,7 +462,7 @@
 
 	/* Raphael Bossek <bossekr@debian.org> */
 	{
-#define PIDFILE "/var/run/yiff.pid"
+#define PIDFILE "/var/run/yiff/yiff.pid"
 		FILE* fp = fopen( PIDFILE, "w+" );
 		if( fp == NULL )
 		{
@@ -475,7 +475,7 @@
 
 	/* Raphael Bossek <bossekr@debian.org> */
 	{
-#define PIDFILE "/var/run/yiff.pid"
+#define PIDFILE "/var/run/yiff/yiff.pid"
 		FILE* fp = fopen( PIDFILE, "w+" );
 		if( fp == NULL )
 		{
@@ -883,7 +883,7 @@
 		char PidFile[64];
 		FILE *fp;
 		
-		snprintf(PidFile, 63, "/var/run/yiff-%d.pid", option.port);
+		snprintf(PidFile, 63, "/var/run/yiff/yiff-%d.pid", option.port);
 		
                 fp = fopen ( PidFile, "w+" );
                 if( fp == NULL )
@@ -2080,7 +2080,7 @@
 	/* Let's kill the PID that was opened before */
 	{
                 char PidFile[64];
-                snprintf(PidFile, 63, "/var/run/yiff-%d.pid", option.port);
+                snprintf(PidFile, 63, "/var/run/yiff/yiff-%d.pid", option.port);
 		unlink(PidFile);
         }