diff -urNp stunnel-5.15/tools/stunnel.conf-sample.in stunnel-5.15-patched/tools/stunnel.conf-sample.in
--- stunnel-5.15/tools/stunnel.conf-sample.in	2015-04-16 08:22:14.000000000 -0400
+++ stunnel-5.15-patched/tools/stunnel.conf-sample.in	2015-04-27 11:23:41.958154436 -0400
@@ -12,7 +12,7 @@
 ;setgid = @DEFAULT_GROUP@
 
 ; PID file is created inside the chroot jail (if enabled)
-;pid = @prefix@/var/run/stunnel.pid
+;pid = @localstatedir@/run/stunnel.pid
 
 ; Debugging stuff (may be useful for troubleshooting)
 ;foreground = yes
@@ -68,34 +68,34 @@ checkHost = smtp.gmail.com
 ;[pop3s]
 ;accept  = 995
 ;connect = 110
-;cert = @prefix@/etc/stunnel/stunnel.pem
+;cert = @sysconfdir@/stunnel/stunnel.pem
 
 ;[imaps]
 ;accept  = 993
 ;connect = 143
-;cert = @prefix@/etc/stunnel/stunnel.pem
+;cert = @sysconfdir@/stunnel/stunnel.pem
 
 ;[ssmtp]
 ;accept  = 465
 ;connect = 25
-;cert = @prefix@/etc/stunnel/stunnel.pem
+;cert = @sysconfdir@/stunnel/stunnel.pem
 
 ; TLS front-end to a web server
 ;[https]
 ;accept  = 443
 ;connect = 80
-;cert = @prefix@/etc/stunnel/stunnel.pem
+;cert = @sysconfdir@/stunnel/stunnel.pem
 ; "TIMEOUTclose = 0" is a workaround for a design flaw in Microsoft SChannel
 ; Microsoft implementations do not use TLS close-notify alert and thus they
 ; are vulnerable to truncation attacks
 ;TIMEOUTclose = 0
 
 ; Remote shell protected with PSK-authenticated TLS
-; Create "@prefix@/etc/stunnel/secrets.txt" containing IDENTITY:KEY pairs
+; Create "@sysconfdir@/stunnel/secrets.txt" containing IDENTITY:KEY pairs
 ;[shell]
 ;accept = 1337
 ;exec = /bin/sh
 ;execArgs = sh -i
-;PSKsecrets = @prefix@/etc/stunnel/secrets.txt
+;PSKsecrets = @sysconfdir@/stunnel/secrets.txt
 
 ; vim:ft=dosini