Blob Blame History Raw
# Use systemd from F-15 / EL-7, else sysvinit
%if 0%{?fedora} > 14 || 0%{?rhel} > 6
%global use_systemd 1
%global rundir /run
%else
%global use_systemd 0
%global rundir %{_localstatedir}/run
%endif

# rundir (/var/run or /run) is on tmpfs from F-15 / EL-7
%if 0%{?fedora} > 14 || 0%{?rhel} > 6
%global rundir_tmpfs 1
%endif

# EL-5 needs to use libbind apparently
%if "%{?rhel}" == "5"
%global use_libbind 1
%endif

Summary:		Milter for greylisting, the next step in the spam control war
Name:			milter-greylist
Version:		4.5.3
Release:		1%{?dist}
License:		BSD with advertising
Group:			System Environment/Daemons
URL:			http://hcpnet.free.fr/milter-greylist/
Source0:		ftp://ftp.espci.fr/pub/milter-greylist/milter-greylist-%{version}.tgz
Source1:		README.fedora
Source20:		milter-greylist.systemd.service
Patch0:			milter-greylist-4.5.2-config.patch
Patch1:			milter-greylist-4.4.2-utf8.patch
Patch4:			ai_addrconfig.patch
Patch7:			milter-greylist-dkim-reentrant.patch
BuildRoot:		%{_tmppath}/%{name}-%{version}-%{release}-root-%(id -nu)
BuildRequires:		bison
BuildRequires:		flex
BuildRequires:		m4
BuildRequires:		curl-devel
BuildRequires:		GeoIP-devel
BuildRequires:		sendmail-devel
%if 0%{?use_libbind}
BuildRequires:		%{_libdir}/libbind.so
%endif
Requires(pre):		shadow-utils
%if %{use_systemd}
Requires(post):		/bin/systemctl
Requires(preun):	/bin/systemctl
Requires(postun):	/bin/systemctl
Obsoletes:		milter-greylist-systemd < %{version}-%{release}
Provides:		milter-greylist-systemd = %{version}-%{release}
%else
Requires(post):		/sbin/chkconfig
Requires(preun):	/sbin/chkconfig
Requires(preun):	initscripts
Requires(postun):	initscripts
Obsoletes:		milter-greylist-sysv < %{version}-%{release}
Provides:		milter-greylist-sysv = %{version}-%{release}
%endif

%description
Greylisting is a new method of blocking significant amounts of spam at
the mailserver level, but without resorting to heavyweight statistical
analysis or other heuristical (and error-prone) approaches. Consequently,
implementations are fairly lightweight, and may even decrease network
traffic and processor load on your mailserver.

This package provides a greylist filter for sendmail's milter API.

%prep
%setup -q -n milter-greylist-%{version}

# Customize config for Fedora / EPEL
# * Specify pidfile in initscript rather than config file
# * Specify socket in config file rather than initscript
# * Specify grmilter as the user to run the dæmon as
# * Specify the GeoIP database location
%patch0

# Rec-code docs as UTF8
%patch1

# Work around issues with ISC libbind and AI_ADDRCONFIG
# http://tech.groups.yahoo.com/group/milter-greylist/message/5048
%patch4 -p1

# Lock DKIM calls
%patch7 -p1

# README.fedora
install -p -m 644 %{SOURCE1} .

# Don't let the configure script find libresolv
sed -i -e 's!/libresolv.a!/../../../no-such-lib.a!g' configure

# Set socket/db/pidfile to be in FHS-compliant places
for i in `find -type f`; do
    sed -e 's|/var/milter-greylist/milter-greylist.sock|%{rundir}/milter-greylist/milter-greylist.sock|g;
	    s|/var/milter-greylist/greylist.db|%{_localstatedir}/lib/milter-greylist/db/greylist.db|g;
	    s|/var/milter-greylist/milter-greylist.pid|%{rundir}/milter-greylist.pid|g;
	   ' "$i" >"$i.tmp"
    cmp -s "$i" "$i.tmp" || cat "$i.tmp" >"$i"
    rm -f "$i".tmp
done


%build
greylist_comps="%{?use_libbind:libbind} libcurl"
export CPPFLAGS="-DUSE_CURL -DUSE_GEOIP -D_GNU_SOURCE -D_REENTRANT $(pkg-config --cflags-only-I $greylist_comps)"
export LDLIBS="$(pkg-config --libs $greylist_comps) -lGeoIP"
# Harden the build if supported
%if 0%{?fedora} > 15 || 0%{?rhel} > 6
%global _hardened_build 1
export CFLAGS="%{__global_cflags} -fno-strict-aliasing"
export LDFLAGS="-Wl,-z,now -Wl,-z,relro %{__global_ldflags} -Wl,--as-needed $LDLIBS"
%else
export CFLAGS="%{optflags} -fno-strict-aliasing"
export LDFLAGS="-Wl,--as-needed $LDLIBS"
%endif
%configure \
	--disable-drac				\
	--disable-rpath				\
	--with-user=grmilter			\
	--enable-dnsrbl				\
	--enable-spamassassin			\
	--enable-p0f				\
	--with-drac-db=%{_localstatedir}/lib/milter-greylist/drac/drac.db

## is now SMP safe :)
make %{_smp_mflags} BINDIR=%{_sbindir}

%install
rm -rf %{buildroot}
install -d -m 755 %{buildroot}{%{rundir}/milter-greylist,%{_localstatedir}/lib/milter-greylist/db}
make install \
	DESTDIR=%{buildroot} \
	BINDIR=%{_sbindir} \
	TEST=false \
	USER="$(id -u)"

# Create a dummy socket so we can %%ghost it and remove it on uninstall
touch %{buildroot}%{rundir}/milter-greylist/milter-greylist.sock

# Initscript
%if %{use_systemd}
install -D -p -m 0644 %{SOURCE20} %{buildroot}%{_unitdir}/milter-greylist.service
%else
install -D -p -m 755 rc-redhat.sh %{buildroot}%{_initrddir}/milter-greylist
touch %{buildroot}%{rundir}/milter-greylist.pid
%endif

# Make sure /run/milter-greylist is re-created at boot time if /run is on tmpfs
%if 0%{?rundir_tmpfs}
install -d -m 755 %{buildroot}%{_prefix}/lib/tmpfiles.d
cat << EOF > %{buildroot}%{_prefix}/lib/tmpfiles.d/milter-greylist.conf
d %{rundir}/milter-greylist 0710 grmilter mail
EOF
%endif

%clean
rm -rf %{buildroot}

%pre
# Create account for milter-greylist to run as
getent group grmilter >/dev/null || groupadd -r grmilter
getent passwd grmilter >/dev/null || \
	useradd -r -g grmilter -d %{_localstatedir}/lib/milter-greylist -s /sbin/nologin \
	 -c "Greylist-milter user" grmilter
exit 0

%post
%if %{use_systemd}
/bin/systemctl daemon-reload >/dev/null || 2>&1 :
%endif
if [ $1 -eq 1 ]; then
	# Initial installation
%if ! %{use_systemd}
	/sbin/chkconfig --add milter-greylist || :
%endif
%if 0%{?fedora} >= 18
	/bin/systemctl preset milter-greylist.service >/dev/null 2>&1 || :
%endif
fi

%preun
if [ $1 -eq 0 ]; then
	# Package removal, not upgrade
%if %{use_systemd}
	/bin/systemctl --no-reload disable milter-greylist.service >/dev/null 2>&1 || :
	/bin/systemctl stop milter-greylist.service >/dev/null 2>&1 || :
%else
	%{_initrddir}/milter-greylist stop >/dev/null || :
	/sbin/chkconfig --del milter-greylist || :
%endif
fi

%postun
%if %{use_systemd}
/bin/systemctl daemon-reload >/dev/null || 2>&1 :
%endif
if [ $1 -ge 1 ]; then
	# Package upgrade, not uninstall
%if %{use_systemd}
	/bin/systemctl try-restart milter-greylist.service >/dev/null || :
%else
	%{_initrddir}/milter-greylist condrestart >/dev/null || :
%endif
fi

%files
%doc ChangeLog README README.fedora
%{_sbindir}/milter-greylist
%attr(0640,root,grmilter) %verify(not mtime) %config(noreplace) %{_sysconfdir}/mail/greylist.conf
%dir %attr(0751,grmilter,grmilter) %{_localstatedir}/lib/milter-greylist/
%dir %attr(0770,root,grmilter) %{_localstatedir}/lib/milter-greylist/db/
%dir %attr(0710,grmilter,mail) %{rundir}/milter-greylist/
%{_mandir}/man5/greylist.conf.5*
%{_mandir}/man8/milter-greylist.8*
%ghost %{rundir}/milter-greylist/milter-greylist.sock

%if 0%{?rundir_tmpfs}
%{_prefix}/lib/tmpfiles.d/milter-greylist.conf
%endif

%if %{use_systemd}
%{_unitdir}/milter-greylist.service
%else
%{_initrddir}/milter-greylist
%ghost %{rundir}/milter-greylist.pid
%endif

%changelog
* Mon Aug 19 2013 Paul Howarth <paul@city-fan.org> - 4.5.3-1
- Update to 4.5.3
  - Format string expansions now honor %%r everywhere possible
  - Add unbracket option to resolve MTA-passed bracketed unresolved IP
  - set ACL clause to set/increment/decrement properties
  - log ACL clause to send formatted string to syslog

* Wed Aug 14 2013 Paul Howarth <paul@city-fan.org> - 4.5.2-1
- Update to 4.5.2
  - Fix crash when chown socket without group
  - Fix memory leak in nsupdate config reload
  - Fix nsupdate servers option
  - Build fixes
  - Fix ACL bypass for second recipient when sender passed auth/tls/spf
  - Parallel build
  - Configurable package information
  - More verbosity in SPF logs
  - Use localaddr for p0f and %%V format string
  - Search current directory first for includes
  - Make unknown AF family non fatal in p0f, report errors once
- Enable parallel build

* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 4.5.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild

* Mon May 20 2013 Paul Howarth <paul@city-fan.org> - 4.5.1-1
- Update to 4.5.1
  - More Solaris build fixes
  - Fix swapped %%f and %%r for stat example in default greylist.conf
  - Support p0f v3.06 and up with --with-p0f-src or --enable-p0f306
  - DNS update support
  - "make clean" clears milter-greylist.spec
  - Add IPv6 support for MX sync

* Thu Apr 11 2013 Paul Howarth <paul@city-fan.org> - 4.4.2-1902
- Drop unused upstart support
- Drop unused libspf support
- Drop %%defattr, redundant since rpm 4.4
- Merge sysv/system packages back into main package, configuring appropriate
  initscrit for target distribution
- Move tmpfiles configuration from /etc to /usr/lib
- Re-do scriptlets

* Wed Apr 10 2013 Jon Ciesla <limburgher@gmail.com> - 4.4.2-1901
- Migrate from fedora-usermgmt to guideline scriptlets

* Sun Jan 27 2013 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 4.4.2-1900
- updated to 4.4.2
- rediffed patches and removed obsolete ones
- enabled hardened build
- enabled PrivateTmp for systemd

* Sun Aug 19 2012 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 4.2.7-1900
- disabled upstart
- removed old sysv related cruft

* Fri Jul 20 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 4.2.7-1701
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild

* Wed Jan  4 2012 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 4.2.7-1700
- fixed various systemd and tmpfile related issues (698961, comments 5 + 6)

* Sat Apr 23 2011 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 4.2.7-1600
- updated to 4.2.7
- fixed tmpfiles syntax

* Tue Mar  1 2011 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 4.2.6-1600
- fixed byte order of src port in p0f check

* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 4.2.6-1501
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild

* Fri Dec 10 2010 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 4.2.6-1401
- added systemd initscripts and obsolete the old sysvinit ones

* Wed Jul 14 2010 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 4.2.6-1400
- updated to 4.2.6

* Fri Jul  9 2010 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 4.2.5-1401
- added spamd-null patch

* Wed Jun  9 2010 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 4.2.5-1400
- updated to 4.2.5
- added cloexec patch
- rediffed patches

* Sun Apr 18 2010 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 4.2.4-1400
- updated to 4.2.4
- removed patches which have been applied upstream

* Sat Feb 20 2010 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 4.2.3-1400
- added patches to fix races in dkim, geoip and p0f modules
- conditionalized -upstart subpackage
- added conditional to build it with libbind (required for RHEL5)

* Sun Dec  6 2009 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 4.2.3-1300
- updated -upstart to upstart 0.6.3

* Wed Aug 19 2009 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 4.2.3-2
- moved pre-2007 %%changelog entries into ChangeLog.rpm
- do not link against libbind anymore; recent glibc seems to have
  fixed its resolver API so that -lresolv can be used by dnsrbl. Old
  -lbind conflicts with this library in a subtly way causing segfaults
  (#518274).

* Wed Aug 19 2009 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 4.2.3-1
- updated to 4.2.3
- use conditionalized %%noarch macro to mark noarch subpackages
- simplified upstart initscript because #501155 is solved

* Sat Jul 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 4.2.2-1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

* Sat Apr 11 2009 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 4.2.2-0.
- updated to 4.2.2
- removed patches which where applied upstream

* Mon Mar 09 2009 Adam Tkac <atkac redhat com> - 4.2-0.5.b1
- libbind has been moved to separate package, rebuild

* Sat Mar  7 2009 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 4.2-0.4.b1
- added -upstart subpackage
- renamed -sysv to -sysvinit to let -upstart win the default depresolving

* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 4.2-0.3.b1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

* Sat Feb 14 2009 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 4.2-0.1.b1
- updated to 4.2b1
- enabled spamassassin + p0f support
- set path to GeoIP database in sample configuration (#439087)
- changed /var/run/milter-greylist to be owned by the mail group and
  made it group-accessibly; this should allow usage with postfix when
  setting a 0666 socket mode (#210765)
- added README.fedora

* Fri Aug  8 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 4.1.1-2
- fix license tag

* Sat Jun 21 2008 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 4.1.1-1
- updated to 4.1.1

* Mon Feb 18 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 4.0-2
- Autorebuild for GCC 4.3

* Sat Nov 10 2007 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 4.0-1
- updated to final 4.0
- fixed conflicts between libbind and libresolv by linking them manually

* Mon Oct 29 2007 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 4.0-0.3.rc2
- updated to 4.0rc2

* Sun Oct 14 2007 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 4.0-0.2.rc1
- updated to 4.0rc1
- built with curl and GeoIP support

* Wed Apr 25 2007 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 3.0-2
- fixed user name in config file (bz #237737)
- commented out pidfile entry; it is to be set by the init methods

* Tue Apr 17 2007 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 3.0-1
- updated to 3.0
- enabled dnsrbl
- removed -initng subpackage

* Tue Jan 30 2007 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 2.1.12-3
- removed -minit subpackage