/[packages]/cauldron/opendkim/current/SPECS/opendkim.spec
ViewVC logotype

Annotation of /cauldron/opendkim/current/SPECS/opendkim.spec

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1999982 - (hide annotations) (download)
Sat Oct 21 16:31:36 2023 UTC (7 months, 1 week ago) by rapsys
File size: 10341 byte(s)
Separate external and internal hosts config files
1 rapsys 1999970 %define major 11
2 guillomovitch 910227 %define libname %mklibname opendkim %{major}
3     %define develname %mklibname opendkim -d
4 rapsys 1963124 %define bigname OpenDKIM
5 rapsys 1999970 %define bigversion 2.11.0-Beta2
6 rapsys 1963120 %define postfixdir %{_var}/spool/postfix
7 guillomovitch 910227
8     Name: opendkim
9 rapsys 1999970 Version: 2.11.0
10 rapsys 1999982 Release: %mkrel 0.beta2.2
11 guillomovitch 910227 Summary: DomainKeys Identified Mail (DKIM) milter to sign and/or verify mail
12 guillomovitch 910229 Group: System/Servers
13 guillomovitch 910227 License: BSD and Sendmail
14 rapsys 1963120 URL: http://www.opendkim.org
15 rapsys 1999970 Source0: https://github.com/trusteddomainproject/OpenDKIM/archive/refs/tags/%{bigversion}.tar.gz
16     Patch0: opendkim-2.10.3-fix-pidfile-path.patch
17     Patch1: opendkim-2.10.3-change-default-crypto-settings.patch
18 guillomovitch 910227 BuildRequires: sendmail-devel
19     BuildRequires: db-devel
20     BuildRequires: pkgconfig(openssl)
21     BuildRequires: pkgconfig(libbsd)
22     BuildRequires: pkgconfig(libmemcached)
23     BuildRequires: pkgconfig(opendbx)
24    
25     %description
26 guillomovitch 1661243 OpenDKIM allows signing and/or verification of email through an open source
27 guillomovitch 910227 library that implements the DKIM service, plus a milter-based filter
28     application that can plug in to any milter-aware MTA, including sendmail,
29     Postfix, or any other MTA that supports the milter protocol.
30    
31     %package -n %{libname}
32     Summary: An open source DKIM library
33 guillomovitch 910231 Group: System/Servers
34 guillomovitch 910227
35     %description -n %{libname}
36     This package contains the library files required for running services built
37     using libopendkim.
38    
39     %package -n %{develname}
40     Summary: Development files for lib%{name}
41 guillomovitch 910231 Group: Development/Other
42 guillomovitch 910227
43     %description -n %{develname}
44     This package contains the static libraries, headers, and other support files
45     required for developing applications against libopendkim.
46    
47     %prep
48 rapsys 1999970 %setup -q -D -n %{bigname}-%{bigversion}
49     %autopatch -p1
50 guillomovitch 910227
51     %build
52     autoreconf -f -i
53 guillomovitch 1661219 # Always use system libtool instead of pacakge-provided one to
54 guillomovitch 910227 # properly handle 32 versus 64 bit detection and settings
55 guillomovitch 1661219 #define LIBTOOL LIBTOOL=`which libtool`
56 guillomovitch 910227
57 guillomovitch 1661245 %configure --with-libmemcached --with-db --with-odbx --enable-query_cache
58 guillomovitch 910227
59     # Remove rpath
60     %{__sed} -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
61     %{__sed} -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
62 ovitters 1579222 %make_build
63 guillomovitch 910227
64     %install
65 wally 1471389 %make_install
66 guillomovitch 910227 install -d %{buildroot}%{_sysconfdir}
67     install -m 0755 contrib/init/redhat/%{name}-default-keygen %{buildroot}%{_sbindir}/%{name}-default-keygen
68    
69     install -d -m 0755 %{buildroot}%{_unitdir}
70     install -m 0644 contrib/systemd/%{name}.service %{buildroot}%{_unitdir}/%{name}.service
71 rapsys 1963120 perl -pi -e 's|^(ExecReload=)|ExecStartPost=+%{_bindir}/systemd-tmpfiles --create %{_tmpfilesdir}/%{name}.conf\n$1|' %{buildroot}%{_unitdir}/%{name}.service
72 guillomovitch 910227
73 rapsys 1999970 install -m 0644 opendkim/%{name}.conf.sample %{buildroot}%{_sysconfdir}/%{name}.conf
74     perl -pi -e 's|^# (Canonicalization)(\t+)simple/simple|$1$2relaxed/relaxed|;
75     s|^# (PidFile\t+)filename|$1%{_rundir}/%{name}/%{name}.pid|;
76     s|^(KeyFile)(\t+)/var/db/dkim/example.private|$1$2%{_sysconfdir}/%{name}/keys/default.private|;
77     s|^(Selector)(\t+)my-selector-name|$1$2default|;
78     s|^(Socket)(\t+)inet:port\@localhost|# $1$2inet:8891\@localhost\n$1$2local:%{postfixdir}%{_rundir}/%{name}/%{name}.sock|;
79     s|^# (OverSignHeaders\t+)(header1,header2,...)|# $1$2\n$1\tFrom|;
80     s|^(# KeyTable\t+)dataset|$1%{_sysconfdir}/%{name}/key_table.conf|;
81     s|^(# SigningTable\t+)filename|$1refile:%{_sysconfdir}/%{name}/signing_table.conf|;
82 rapsys 1999981 s|^(# ExternalIgnoreList\t+)filename|$1refile:%{_sysconfdir}/%{name}/external_hosts.conf|;
83     s|^# (InternalHosts\t+)dataset|$1refile:%{_sysconfdir}/%{name}/internal_hosts.conf|;
84 rapsys 1999970 s|^(Syslog\t+Yes)|# $1|;
85     ' %{buildroot}%{_sysconfdir}/%{name}.conf
86 guillomovitch 910227
87 rapsys 1999970 install -d %{buildroot}%{_sysconfdir}/%{name}
88 guillomovitch 910227
89 rapsys 1999981 %{__cat} > %{buildroot}%{_sysconfdir}/%{name}/external_hosts.conf << 'EOF'
90     # %{bigname} EXTERNAL HOSTS
91     # To use this file, uncomment the #ExternalIgnoreList option in
92     # %{_sysconfdir}/%{name}.conf then restart opendkim. Additional hosts
93 rapsys 1999970 # may be added on separate lines (IP addresses, hostnames, or CIDR ranges).
94 rapsys 1999981 #host.example.com
95     #192.168.1.0/24
96     EOF
97    
98     %{__cat} > %{buildroot}%{_sysconfdir}/%{name}/internal_hosts.conf << 'EOF'
99     # %{bigname} INTERNAL HOSTS
100     # To use this file, uncomment the #InternalHosts option in
101     # %{_sysconfdir}/%{name}.conf then restart opendkim. Additional hosts
102     # may be added on separate lines (IP addresses, hostnames, or CIDR ranges).
103 rapsys 1999970 # The localhost IP (127.0.0.1) should always be the first entry in this file.
104     127.0.0.1
105     ::1
106     EOF
107 guillomovitch 910227
108 rapsys 1999970 %{__cat} > %{buildroot}%{_sysconfdir}/%{name}/key_table.conf << 'EOF'
109     # %{bigname} KEY TABLE
110     # To use this file, uncomment the #KeyTable option in %{_sysconfdir}/%{name}.conf,
111     # then uncomment the following line and replace example.com with your domain
112     # name, then restart opendkim. Additional keys may be added on separate lines.
113 guillomovitch 910227
114 rapsys 1999970 #default._domainkey.example.com example.com:default:%{_sysconfdir}/%{name}/keys/default.private
115 guillomovitch 910227 EOF
116    
117 rapsys 1999970 %{__cat} > %{buildroot}%{_sysconfdir}/%{name}/signing_table.conf << 'EOF'
118 rapsys 1963124 # %{bigname} SIGNING TABLE
119 guillomovitch 910227 # This table controls how to apply one or more signatures to outgoing messages based
120     # on the address found in the From: header field. In simple terms, this tells
121     # opendkim "how" to apply your keys.
122    
123     # To use this file, uncomment the SigningTable option in %{_sysconfdir}/%{name}.conf,
124     # then uncomment one of the usage examples below and replace example.com with your
125     # domain name, then restart opendkim.
126    
127     # WILDCARD EXAMPLE
128     # Enables signing for any address on the listed domain(s), but will work only if
129     # "refile:%{_sysconfdir}/%{name}/SigningTable" is included in %{_sysconfdir}/%{name}.conf.
130     # Create additional lines for additional domains.
131    
132     #*@example.com default._domainkey.example.com
133    
134     # NON-WILDCARD EXAMPLE
135     # If "file:" (instead of "refile:") is specified in %{_sysconfdir}/%{name}.conf, then
136     # wildcards will not work. Instead, full user@host is checked first, then simply host,
137     # then user@.domain (with all superdomains checked in sequence, so "foo.example.com"
138     # would first check "user@foo.example.com", then "user@.example.com", then "user@.com"),
139     # then .domain, then user@*, and finally *. See the %{name}.conf(5) man page under
140     # "SigningTable" for more details.
141    
142     #example.com default._domainkey.example.com
143     EOF
144    
145 rapsys 1999970 cat << 'EOF' | perl -pe 'chomp if eof' > README.urpmi
146 rapsys 1963124 %{bigname} is now installed.
147 guillomovitch 910227
148 rapsys 1963124 Configuration keys in %{_sysconfdir}/%{name}.conf:
149     #Change default operating mode set to sign and verify if required
150 rapsys 1999970 Mode sv
151 rapsys 1963124 #KeyTable used to declare domain and key matching pairs
152 rapsys 1999970 KeyTable %{_sysconfdir}/%{name}/key_table.conf
153 rapsys 1963124 #SigningTable used to declare address and domain matching pairs
154 rapsys 1999970 SigningTable refile:%{_sysconfdir}/%{name}/signing_table.conf
155 rapsys 1963124 #Change socket type if required
156 rapsys 1999970 # Socket inet:8891@localhost
157     Socket local:%{postfixdir}%{_rundir}/%{name}/%{name}.sock
158 guillomovitch 910227
159 rapsys 1963124 Configure message filter in %{_sysconfdir}/postfix/main.cf:
160     # smtpd_milters = inet:localhost:8891
161     smtpd_milters = unix:%{_rundir}/%{name}/%{name}.sock
162 rapsys 1963810 non_smtpd_milters = $smtpd_milters
163 rapsys 1963124 milter_default_action = accept
164     milter_protocol = 6
165 guillomovitch 910227
166 rapsys 1963124 Enable the service with:
167     # systemctl enable %{name}.service
168 guillomovitch 910227
169 rapsys 1963124 Start the service with:
170     # systemctl restart %{name}.service
171 guillomovitch 910227
172 rapsys 1963124 Generating keys manually:
173 rapsys 1963810 # mkdir -m 0755 %{_sysconfdir}/%{name}/keys/example.com
174 rapsys 1963124 # %{_sbindir}/%{name}-genkey -D %{_sysconfdir}/%{name}/keys/example.com/ -d example.com -s default
175 rapsys 1963810 # chown -R root:%{name} %{_sysconfdir}/%{name}/keys/example.com/default.{private,txt}
176 rapsys 1963124 # chmod 0640 %{_sysconfdir}/%{name}/keys/example.com/default.private
177     # chmod 0644 %{_sysconfdir}/%{name}/keys/example.com/default.txt
178 guillomovitch 910227
179 rapsys 1963124 Using opendkim with SQL Datasets:
180     # urpmi opendbx-(firebird|mssql|mysql|postgresql|sqlite|sqlite2|sybase)
181     It will require to configure to start after the database service in %{_unitdir}/%{name}.service:
182     After=network.target nss-lookup.target syslog.target (mysqld|postgresql).service
183 guillomovitch 1661219
184 rapsys 1963124 Additional configuration help:
185     https://www.stevejenkins.com/blog/2011/08/installing-opendkim-rpm-via-yum-with-postfix-or-sendmail-for-rhel-centos-fedora/
186 guillomovitch 910227 http://wp.me/p1iGgP-ou
187 rapsys 1963124 http://opendkim.org
188     http://lists.opendkim.org
189 guillomovitch 910227 EOF
190    
191 guillomovitch 910231 install -p -d %{buildroot}%{_tmpfilesdir}
192 guillomovitch 1661219 cat > %{buildroot}%{_tmpfilesdir}/%{name}.conf <<'EOF'
193 rapsys 1963810 d %{_rundir}/%{name} 0755 %{name} %{name} -
194     d %{postfixdir}%{_rundir}/%{name} 0755 %{name} %{name} -
195 rapsys 1963120 z %{postfixdir}%{_rundir}/%{name}/%{name}.sock 0664 %{name} postfix -
196 guillomovitch 910227 EOF
197    
198     rm -rf %{buildroot}%{_prefix}/share/doc/%{name}
199     rm -f %{buildroot}%{_libdir}/*.a
200     rm -f %{buildroot}%{_libdir}/*.la
201    
202     install -d %{buildroot}%{_localstatedir}/spool/%{name}
203 guillomovitch 1418617 install -d %{buildroot}/run/%{name}
204 guillomovitch 910227 install -d %{buildroot}%{_sysconfdir}/%{name}
205 rapsys 1963810 install -d -m 755 %{buildroot}%{_sysconfdir}/%{name}/keys
206 guillomovitch 910227
207     install -m 755 stats/%{name}-reportstats %{buildroot}%{_prefix}/sbin/%{name}-reportstats
208 guillomovitch 910230 sed -i \
209     -e 's|^OPENDKIMSTATSDIR="/var/db/%{name}"|OPENDKIMSTATSDIR="%{_localstatedir}/spool/%{name}"|g' \
210     -e 's|^OPENDKIMDATOWNER="mailnull:mailnull"|OPENDKIMDATOWNER="%{name}:%{name}"|g' \
211 guillomovitch 910227 %{buildroot}%{_prefix}/sbin/%{name}-reportstats
212    
213 guillomovitch 910230 chmod 0644 contrib/convert/convert_keylist.sh
214 guillomovitch 910227
215     %pre
216 guillomovitch 1661233 %_pre_useradd opendkim /run/opendkim /bin/false
217 guillomovitch 910227
218     %post
219 guillomovitch 1661232 %_post_service %{name}
220 guillomovitch 910227 %_tmpfilescreate %{name}
221    
222 guillomovitch 1661297 # Generate default key on install
223     if [ "$1" -eq "1" ]; then
224     %{_sbindir}/opendkim-default-keygen > /dev/null 2>&1 || /bin/true
225     fi
226    
227 guillomovitch 910227 %preun
228 guillomovitch 1661232 %_preun_service %{name}
229 guillomovitch 910227
230     %files
231     %doc LICENSE LICENSE.Sendmail
232     %doc FEATURES KNOWNBUGS RELEASE_NOTES RELEASE_NOTES.Sendmail INSTALL
233     %doc contrib/convert/convert_keylist.sh %{name}/*.sample
234     %doc %{name}/%{name}.conf.simple-verify %{name}/%{name}.conf.simple
235     %doc %{name}/README contrib/lua/*.lua
236     %doc README.urpmi
237     %config(noreplace) %{_sysconfdir}/%{name}.conf
238 guillomovitch 910233 %config(noreplace) %{_tmpfilesdir}/%{name}.conf
239 guillomovitch 1661237 %dir %{_sysconfdir}/%{name}
240 rapsys 1963810 %dir %{_sysconfdir}/%{name}/keys
241 rapsys 1999981 %config(noreplace) %attr(0640,root,opendkim) %{_sysconfdir}/%{name}/external_hosts.conf
242     %config(noreplace) %attr(0640,root,opendkim) %{_sysconfdir}/%{name}/internal_hosts.conf
243 rapsys 1999970 %config(noreplace) %attr(0640,root,opendkim) %{_sysconfdir}/%{name}/key_table.conf
244     %config(noreplace) %attr(0640,root,opendkim) %{_sysconfdir}/%{name}/signing_table.conf
245 guillomovitch 910227 %{_sbindir}/*
246     %{_mandir}/*/*
247     %dir %attr(-,opendkim,opendkim) %{_localstatedir}/spool/%{name}
248     %{_unitdir}/%{name}.service
249    
250     %files -n %{libname}
251     %doc LICENSE LICENSE.Sendmail
252     %doc README
253     %{_libdir}/lib%{name}.so.*
254    
255     %files -n %{develname}
256     %doc LICENSE LICENSE.Sendmail
257     %doc lib%{name}/docs/*.html
258     %{_includedir}/%{name}
259     %{_libdir}/*.so
260     %{_libdir}/pkgconfig/*.pc

  ViewVC Help
Powered by ViewVC 1.1.30