|
stevejenkins |
9d03b40 |
%global systemd (0%{?fedora} >= 18) || (0%{?rhel} >= 7)
|
|
stevejenkins |
b30456a |
%global upname OpenDKIM
|
|
stevejenkins |
b30456a |
%global bigname OPENDKIM
|
|
Steve Jenkins |
6811787 |
|
|
Steve Jenkins |
80f78ad |
Summary: A DomainKeys Identified Mail (DKIM) milter to sign and/or verify mail
|
|
Steve Jenkins |
6811787 |
Name: opendkim
|
|
stevejenkins |
0599b11 |
Version: 2.11.0
|
|
|
b38e763 |
Release: 0.3%{?dist}
|
|
stevejenkins |
2e96080 |
Group: System Environment/Daemons
|
|
Steve Jenkins |
6811787 |
License: BSD and Sendmail
|
|
stevejenkins |
b30456a |
URL: http://%{name}.org/
|
|
stevejenkins |
0599b11 |
Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.Alpha0.tar.gz
|
|
stevejenkins |
2e96080 |
|
|
stevejenkins |
0599b11 |
# https://sourceforge.net/p/opendkim/patches/35/
|
|
stevejenkins |
0599b11 |
# https://sourceforge.net/p/opendkim/patches/37/
|
|
stevejenkins |
0599b11 |
# Patches rediffed and combined (both modify configure)
|
|
stevejenkins |
0599b11 |
Patch0: %{name}.ticket35+37.patch
|
|
stevejenkins |
9d03b40 |
|
|
stevejenkins |
2e96080 |
# Required for all versions
|
|
stevejenkins |
2e96080 |
Requires: lib%{name}%{?_isa} = %{version}-%{release}
|
|
stevejenkins |
352df3f |
BuildRequires: openssl-devel, libtool, pkgconfig, libbsd, libbsd-devel, opendbx-devel
|
|
stevejenkins |
d3cd573 |
Requires(pre): shadow-utils
|
|
stevejenkins |
b30456a |
|
|
stevejenkins |
cb53118 |
%if %systemd
|
|
stevejenkins |
f10bbf4 |
# Required for systemd
|
|
stevejenkins |
9d03b40 |
%{?systemd_requires}
|
|
stevejenkins |
9d03b40 |
BuildRequires: systemd
|
|
stevejenkins |
ed47c99 |
BuildRequires: libdb-devel, libmemcached-devel
|
|
stevejenkins |
ef75b73 |
%else
|
|
stevejenkins |
dcc6fb8 |
# Required for SysV
|
|
stevejenkins |
d3cd573 |
Requires(post): chkconfig
|
|
stevejenkins |
d3cd573 |
Requires(preun): chkconfig, initscripts
|
|
stevejenkins |
d3cd573 |
Requires(postun): initscripts
|
|
stevejenkins |
ef75b73 |
BuildRequires: db4-devel
|
|
stevejenkins |
ef75b73 |
%endif
|
|
stevejenkins |
4ba2800 |
|
|
stevejenkins |
f9d6a6a |
# sendmail-devel renamed for F26+
|
|
stevejenkins |
f9d6a6a |
%if 0%{?fedora} > 25
|
|
stevejenkins |
352df3f |
BuildRequires: sendmail-milter-devel
|
|
stevejenkins |
352df3f |
%else
|
|
stevejenkins |
352df3f |
BuildRequires: sendmail-devel
|
|
stevejenkins |
352df3f |
%endif
|
|
stevejenkins |
352df3f |
|
|
stevejenkins |
9d03b40 |
%if 0%{?rhel} == 5
|
|
stevejenkins |
9d03b40 |
Requires(post): policycoreutils
|
|
stevejenkins |
9d03b40 |
%else
|
|
stevejenkins |
9d03b40 |
BuildRequires: openldap-devel
|
|
stevejenkins |
9d03b40 |
%endif
|
|
stevejenkins |
79471cf |
|
|
Steve Jenkins |
6811787 |
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
|
Steve Jenkins |
6811787 |
|
|
Steve Jenkins |
6811787 |
%description
|
|
stevejenkins |
b30456a |
%{upname} allows signing and/or verification of email through an open source
|
|
Steve Jenkins |
80f78ad |
library that implements the DKIM service, plus a milter-based filter
|
|
Steve Jenkins |
80f78ad |
application that can plug in to any milter-aware MTA, including sendmail,
|
|
Steve Jenkins |
80f78ad |
Postfix, or any other MTA that supports the milter protocol.
|
|
Steve Jenkins |
6811787 |
|
|
stevejenkins |
d592eb0 |
%package -n lib%{name}
|
|
Steve Jenkins |
6811787 |
Summary: An open source DKIM library
|
|
Steve Jenkins |
6811787 |
Group: System Environment/Libraries
|
|
stevejenkins |
d592eb0 |
Obsoletes: %{name}-sysvinit < 2.10.1-5
|
|
Steve Jenkins |
6811787 |
|
|
stevejenkins |
d592eb0 |
%description -n lib%{name}
|
|
Steve Jenkins |
6811787 |
This package contains the library files required for running services built
|
|
Steve Jenkins |
6811787 |
using libopendkim.
|
|
Steve Jenkins |
6811787 |
|
|
stevejenkins |
d592eb0 |
%package -n lib%{name}-devel
|
|
stevejenkins |
b30456a |
Summary: Development files for lib%{name}
|
|
Steve Jenkins |
6811787 |
Group: Development/Libraries
|
|
stevejenkins |
2e96080 |
Requires: lib%{name}%{?_isa} = %{version}-%{release}
|
|
Steve Jenkins |
6811787 |
|
|
stevejenkins |
d592eb0 |
%description -n lib%{name}-devel
|
|
Steve Jenkins |
6811787 |
This package contains the static libraries, headers, and other support files
|
|
Steve Jenkins |
6811787 |
required for developing applications against libopendkim.
|
|
Steve Jenkins |
6811787 |
|
|
Steve Jenkins |
6811787 |
%prep
|
|
stevejenkins |
0599b11 |
%autosetup -p1
|
|
Steve Jenkins |
6811787 |
|
|
Steve Jenkins |
6811787 |
%build
|
|
stevejenkins |
b30456a |
# Always use system libtool instead of pacakge-provided one to
|
|
stevejenkins |
fa36bbc |
# properly handle 32 versus 64 bit detection and settings
|
|
stevejenkins |
fa36bbc |
%define LIBTOOL LIBTOOL=`which libtool`
|
|
stevejenkins |
fa36bbc |
|
|
stevejenkins |
ed47c99 |
%if %systemd
|
|
stevejenkins |
ed47c99 |
# Configure with options available to systemd
|
|
stevejenkins |
73aba18 |
%configure --with-odbx --with-db --with-libmemcached --with-openldap --enable-query_cache
|
|
stevejenkins |
b30456a |
%else
|
|
stevejenkins |
ed47c99 |
# Configure with options available to SysV
|
|
stevejenkins |
73aba18 |
%configure --with-odbx --with-db --with-openldap --enable-query_cache
|
|
stevejenkins |
ef75b73 |
%endif
|
|
stevejenkins |
fa36bbc |
|
|
stevejenkins |
fa36bbc |
# Remove rpath
|
|
stevejenkins |
9d03b40 |
sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
|
|
stevejenkins |
9d03b40 |
sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
|
|
Steve Jenkins |
6811787 |
|
|
Steve Jenkins |
6811787 |
%install
|
|
stevejenkins |
9d03b40 |
make DESTDIR=%{buildroot} install %{?_smp_mflags}
|
|
stevejenkins |
9d03b40 |
install -d %{buildroot}%{_sysconfdir}
|
|
stevejenkins |
9d03b40 |
install -d %{buildroot}%{_sysconfdir}/sysconfig
|
|
stevejenkins |
9d03b40 |
install -m 0755 contrib/init/redhat/%{name}-default-keygen %{buildroot}%{_sbindir}/%{name}-default-keygen
|
|
stevejenkins |
ef75b73 |
|
|
stevejenkins |
cb53118 |
%if %systemd
|
|
stevejenkins |
9d03b40 |
install -d -m 0755 %{buildroot}%{_unitdir}
|
|
stevejenkins |
9d03b40 |
install -m 0644 contrib/systemd/%{name}.service %{buildroot}%{_unitdir}/%{name}.service
|
|
stevejenkins |
ef75b73 |
%else
|
|
stevejenkins |
9d03b40 |
install -d %{buildroot}%{_initrddir}
|
|
stevejenkins |
9d03b40 |
install -m 0755 contrib/init/redhat/%{name} %{buildroot}%{_initrddir}/%{name}
|
|
|
50bd122 |
%endif
|
|
stevejenkins |
9f91f67 |
|
|
stevejenkins |
9d03b40 |
cat > %{buildroot}%{_sysconfdir}/%{name}.conf << 'EOF'
|
|
stevejenkins |
b30456a |
## BASIC %{bigname} CONFIGURATION FILE
|
|
stevejenkins |
dcc6fb8 |
## See %{name}.conf(5) or %{_defaultdocdir}/%{name}/%{name}.conf.sample for more
|
|
Steve Jenkins |
6811787 |
|
|
stevejenkins |
b30456a |
## BEFORE running %{upname} you must:
|
|
Steve Jenkins |
6811787 |
|
|
stevejenkins |
b30456a |
## - make your MTA (Postfix, Sendmail, etc.) aware of %{upname}
|
|
Steve Jenkins |
6811787 |
## - generate keys for your domain (if signing)
|
|
Steve Jenkins |
6811787 |
## - edit your DNS records to publish your public keys (if signing)
|
|
Steve Jenkins |
6811787 |
|
|
stevejenkins |
dcc6fb8 |
## See %{_defaultdocdir}/%{name}/INSTALL for detailed instructions.
|
|
Steve Jenkins |
6811787 |
|
|
Steve Jenkins |
c320cbb |
## DEPRECATED CONFIGURATION OPTIONS
|
|
Steve Jenkins |
c320cbb |
##
|
|
Steve Jenkins |
c320cbb |
## The following configuration options are no longer valid. They should be
|
|
Steve Jenkins |
c320cbb |
## removed from your existing configuration file to prevent potential issues.
|
|
Steve Jenkins |
c320cbb |
## Failure to do so may result in %{name} being unable to start.
|
|
Steve Jenkins |
c320cbb |
##
|
|
Steve Jenkins |
c320cbb |
## Removed in 2.10.0:
|
|
Steve Jenkins |
c320cbb |
## AddAllSignatureResults
|
|
Steve Jenkins |
c320cbb |
## ADSPAction
|
|
Steve Jenkins |
c320cbb |
## ADSPNoSuchDomain
|
|
Steve Jenkins |
c320cbb |
## BogusPolicy
|
|
Steve Jenkins |
c320cbb |
## DisableADSP
|
|
Steve Jenkins |
c320cbb |
## LDAPSoftStart
|
|
Steve Jenkins |
c320cbb |
## LocalADSP
|
|
Steve Jenkins |
c320cbb |
## NoDiscardableMailTo
|
|
Steve Jenkins |
c320cbb |
## On-PolicyError
|
|
Steve Jenkins |
c320cbb |
## SendADSPReports
|
|
Steve Jenkins |
c320cbb |
## UnprotectedPolicy
|
|
Steve Jenkins |
c320cbb |
|
|
Steve Jenkins |
6811787 |
## CONFIGURATION OPTIONS
|
|
Steve Jenkins |
6811787 |
|
|
Steve Jenkins |
c320cbb |
## Specifies the path to the process ID file.
|
|
Steve Jenkins |
6811787 |
PidFile %{_localstatedir}/run/%{name}/%{name}.pid
|
|
Steve Jenkins |
6811787 |
|
|
Steve Jenkins |
c320cbb |
## Selects operating modes. Valid modes are s (sign) and v (verify). Default is v.
|
|
Steve Jenkins |
c320cbb |
## Must be changed to s (sign only) or sv (sign and verify) in order to sign outgoing
|
|
Steve Jenkins |
c320cbb |
## messages.
|
|
Steve Jenkins |
6811787 |
Mode v
|
|
Steve Jenkins |
6811787 |
|
|
Steve Jenkins |
c320cbb |
## Log activity to the system log.
|
|
Steve Jenkins |
6811787 |
Syslog yes
|
|
Steve Jenkins |
6811787 |
|
|
Steve Jenkins |
c320cbb |
## Log additional entries indicating successful signing or verification of messages.
|
|
Steve Jenkins |
80f78ad |
SyslogSuccess yes
|
|
Steve Jenkins |
6811787 |
|
|
Steve Jenkins |
c320cbb |
## If logging is enabled, include detailed logging about why or why not a message was
|
|
Steve Jenkins |
c320cbb |
## signed or verified. This causes an increase in the amount of log data generated
|
|
Steve Jenkins |
c320cbb |
## for each message, so set this to No (or comment it out) if it gets too noisy.
|
|
Steve Jenkins |
80f78ad |
LogWhy yes
|
|
Steve Jenkins |
6811787 |
|
|
Steve Jenkins |
c320cbb |
## Attempt to become the specified user before starting operations.
|
|
Steve Jenkins |
6811787 |
UserID %{name}:%{name}
|
|
Steve Jenkins |
6811787 |
|
|
Steve Jenkins |
c320cbb |
## Create a socket through which your MTA can communicate.
|
|
Steve Jenkins |
6811787 |
Socket inet:8891@localhost
|
|
Steve Jenkins |
6811787 |
|
|
Steve Jenkins |
c320cbb |
## Required to use local socket with MTAs that access the socket as a non-
|
|
Steve Jenkins |
c320cbb |
## privileged user (e.g. Postfix)
|
|
Steve Jenkins |
6811787 |
Umask 002
|
|
Steve Jenkins |
6811787 |
|
|
Steve Jenkins |
c320cbb |
## This specifies a text file in which to store DKIM transaction statistics.
|
|
Steve Jenkins |
c320cbb |
## %{upname} must be manually compiled with --enable-stats to enable this feature.
|
|
Steve Jenkins |
c320cbb |
# Statistics %{_localstatedir}/spool/%{name}/stats.dat
|
|
Steve Jenkins |
c320cbb |
|
|
Steve Jenkins |
c320cbb |
## Specifies whether or not the filter should generate report mail back
|
|
Steve Jenkins |
c320cbb |
## to senders when verification fails and an address for such a purpose
|
|
Steve Jenkins |
c320cbb |
## is provided. See opendkim.conf(5) for details.
|
|
Steve Jenkins |
c320cbb |
SendReports yes
|
|
Steve Jenkins |
c320cbb |
|
|
Steve Jenkins |
c320cbb |
## Specifies the sending address to be used on From: headers of outgoing
|
|
Steve Jenkins |
c320cbb |
## failure reports. By default, the e-mail address of the user executing
|
|
Steve Jenkins |
c320cbb |
## the filter is used (executing_user@hostname).
|
|
Steve Jenkins |
c320cbb |
# ReportAddress "Example.com Postmaster" <postmaster@example.com>
|
|
Steve Jenkins |
c320cbb |
|
|
Steve Jenkins |
c320cbb |
## Add a DKIM-Filter header field to messages passing through this filter
|
|
Steve Jenkins |
c320cbb |
## to identify messages it has processed.
|
|
Steve Jenkins |
c320cbb |
SoftwareHeader yes
|
|
Steve Jenkins |
6811787 |
|
|
Steve Jenkins |
6811787 |
## SIGNING OPTIONS
|
|
Steve Jenkins |
6811787 |
|
|
Steve Jenkins |
c320cbb |
## Selects the canonicalization method(s) to be used when signing messages.
|
|
stevejenkins |
9f91f67 |
Canonicalization relaxed/relaxed
|
|
Steve Jenkins |
6811787 |
|
|
Steve Jenkins |
c320cbb |
## Domain(s) whose mail should be signed by this filter. Mail from other domains will
|
|
Steve Jenkins |
c320cbb |
## be verified rather than being signed. Uncomment and use your domain name.
|
|
Steve Jenkins |
c320cbb |
## This parameter is not required if a SigningTable is in use.
|
|
Steve Jenkins |
c320cbb |
# Domain example.com
|
|
Steve Jenkins |
6811787 |
|
|
Steve Jenkins |
c320cbb |
## Defines the name of the selector to be used when signing messages.
|
|
Steve Jenkins |
6811787 |
Selector default
|
|
Steve Jenkins |
6811787 |
|
|
Steve Jenkins |
c320cbb |
## Specifies the minimum number of key bits for acceptable keys and signatures.
|
|
Steve Jenkins |
c320cbb |
MinimumKeyBits 1024
|
|
stevejenkins |
4ba2800 |
|
|
Steve Jenkins |
c320cbb |
## Gives the location of a private key to be used for signing ALL messages. This
|
|
Steve Jenkins |
c320cbb |
## directive is ignored if KeyTable is enabled.
|
|
Steve Jenkins |
6811787 |
KeyFile %{_sysconfdir}/%{name}/keys/default.private
|
|
Steve Jenkins |
6811787 |
|
|
Steve Jenkins |
c320cbb |
## Gives the location of a file mapping key names to signing keys. In simple terms,
|
|
Steve Jenkins |
c320cbb |
## this tells %{upname} where to find your keys. If present, overrides any KeyFile
|
|
Steve Jenkins |
c320cbb |
## directive in the configuration file. Requires SigningTable be enabled.
|
|
Steve Jenkins |
c320cbb |
# KeyTable %{_sysconfdir}/%{name}/KeyTable
|
|
Steve Jenkins |
c320cbb |
|
|
Steve Jenkins |
c320cbb |
## Defines a table used to select one or more signatures to apply to a message based
|
|
Steve Jenkins |
c320cbb |
## on the address found in the From: header field. In simple terms, this tells
|
|
Steve Jenkins |
c320cbb |
## %{upname} how to use your keys. Requires KeyTable be enabled.
|
|
Steve Jenkins |
c320cbb |
# SigningTable refile:%{_sysconfdir}/%{name}/SigningTable
|
|
Steve Jenkins |
c320cbb |
|
|
Steve Jenkins |
c320cbb |
## Identifies a set of "external" hosts that may send mail through the server as one
|
|
Steve Jenkins |
c320cbb |
## of the signing domains without credentials as such.
|
|
Steve Jenkins |
c320cbb |
# ExternalIgnoreList refile:%{_sysconfdir}/%{name}/TrustedHosts
|
|
Steve Jenkins |
c320cbb |
|
|
Steve Jenkins |
c320cbb |
## Identifies a set "internal" hosts whose mail should be signed rather than verified.
|
|
Steve Jenkins |
c320cbb |
# InternalHosts refile:%{_sysconfdir}/%{name}/TrustedHosts
|
|
Steve Jenkins |
c320cbb |
|
|
Steve Jenkins |
c320cbb |
## Contains a list of IP addresses, CIDR blocks, hostnames or domain names
|
|
Steve Jenkins |
c320cbb |
## whose mail should be neither signed nor verified by this filter. See man
|
|
Steve Jenkins |
c320cbb |
## page for file format.
|
|
Steve Jenkins |
c320cbb |
# PeerList X.X.X.X
|
|
Steve Jenkins |
c320cbb |
|
|
Steve Jenkins |
c320cbb |
## Always oversign From (sign using actual From and a null From to prevent
|
|
Steve Jenkins |
c320cbb |
## malicious signatures header fields (From and/or others) between the signer
|
|
Steve Jenkins |
c320cbb |
## and the verifier. From is oversigned by default in the Fedora package
|
|
Steve Jenkins |
c320cbb |
## because it is often the identity key used by reputation systems and thus
|
|
Steve Jenkins |
c320cbb |
## somewhat security sensitive.
|
|
Steve Jenkins |
c320cbb |
OversignHeaders From
|
|
stevejenkins |
73aba18 |
|
|
stevejenkins |
73aba18 |
## Instructs the DKIM library to maintain its own local cache of keys and
|
|
stevejenkins |
73aba18 |
## policies retrieved from DNS, rather than relying on the nameserver for
|
|
stevejenkins |
73aba18 |
## caching service. Useful if the nameserver being used by the filter is
|
|
stevejenkins |
73aba18 |
## not local.
|
|
stevejenkins |
73aba18 |
# QueryCache yes
|
|
Steve Jenkins |
6811787 |
EOF
|
|
Steve Jenkins |
6811787 |
|
|
stevejenkins |
d592eb0 |
%{__cat} > %{buildroot}%{_sysconfdir}/sysconfig/%{name} << 'EOF'
|
|
stevejenkins |
9f91f67 |
# Set the necessary startup options
|
|
stevejenkins |
9f91f67 |
OPTIONS="-x %{_sysconfdir}/%{name}.conf -P %{_localstatedir}/run/%{name}/%{name}.pid"
|
|
stevejenkins |
9f91f67 |
|
|
stevejenkins |
9f91f67 |
# Set the default DKIM selector
|
|
stevejenkins |
9f91f67 |
DKIM_SELECTOR=default
|
|
stevejenkins |
9f91f67 |
|
|
stevejenkins |
9f91f67 |
# Set the default DKIM key location
|
|
stevejenkins |
9f91f67 |
DKIM_KEYDIR=%{_sysconfdir}/%{name}/keys
|
|
Steve Jenkins |
80f78ad |
EOF
|
|
Steve Jenkins |
80f78ad |
|
|
stevejenkins |
9d03b40 |
mkdir -p %{buildroot}%{_sysconfdir}/%{name}
|
|
stevejenkins |
9d03b40 |
cat > %{buildroot}%{_sysconfdir}/%{name}/SigningTable << 'EOF'
|
|
stevejenkins |
b30456a |
# %{bigname} SIGNING TABLE
|
|
stevejenkins |
9f91f67 |
# This table controls how to apply one or more signatures to outgoing messages based
|
|
stevejenkins |
9f91f67 |
# on the address found in the From: header field. In simple terms, this tells
|
|
stevejenkins |
b30456a |
# %{upname} "how" to apply your keys.
|
|
stevejenkins |
9f91f67 |
|
|
stevejenkins |
9f91f67 |
# To use this file, uncomment the SigningTable option in %{_sysconfdir}/%{name}.conf,
|
|
stevejenkins |
9f91f67 |
# then uncomment one of the usage examples below and replace example.com with your
|
|
stevejenkins |
b30456a |
# domain name, then restart %{upname}.
|
|
stevejenkins |
9f91f67 |
|
|
stevejenkins |
9f91f67 |
# WILDCARD EXAMPLE
|
|
stevejenkins |
9f91f67 |
# Enables signing for any address on the listed domain(s), but will work only if
|
|
stevejenkins |
9f91f67 |
# "refile:%{_sysconfdir}/%{name}/SigningTable" is included in %{_sysconfdir}/%{name}.conf.
|
|
stevejenkins |
9f91f67 |
# Create additional lines for additional domains.
|
|
Steve Jenkins |
80f78ad |
|
|
Steve Jenkins |
80f78ad |
#*@example.com default._domainkey.example.com
|
|
Steve Jenkins |
80f78ad |
|
|
stevejenkins |
9f91f67 |
# NON-WILDCARD EXAMPLE
|
|
stevejenkins |
9f91f67 |
# If "file:" (instead of "refile:") is specified in %{_sysconfdir}/%{name}.conf, then
|
|
stevejenkins |
9f91f67 |
# wildcards will not work. Instead, full user@host is checked first, then simply host,
|
|
stevejenkins |
9f91f67 |
# then user@.domain (with all superdomains checked in sequence, so "foo.example.com"
|
|
stevejenkins |
9f91f67 |
# would first check "user@foo.example.com", then "user@.example.com", then "user@.com"),
|
|
stevejenkins |
9f91f67 |
# then .domain, then user@*, and finally *. See the %{name}.conf(5) man page under
|
|
stevejenkins |
9f91f67 |
# "SigningTable" for more details.
|
|
Steve Jenkins |
80f78ad |
|
|
Steve Jenkins |
80f78ad |
#example.com default._domainkey.example.com
|
|
Steve Jenkins |
80f78ad |
EOF
|
|
Steve Jenkins |
80f78ad |
|
|
stevejenkins |
9d03b40 |
cat > %{buildroot}%{_sysconfdir}/%{name}/KeyTable << 'EOF'
|
|
stevejenkins |
b30456a |
# %{bigname} KEY TABLE
|
|
Steve Jenkins |
6950dbe |
# To use this file, uncomment the #KeyTable option in %{_sysconfdir}/%{name}.conf,
|
|
Steve Jenkins |
6950dbe |
# then uncomment the following line and replace example.com with your domain
|
|
stevejenkins |
b30456a |
# name, then restart %{upname}. Additional keys may be added on separate lines.
|
|
Steve Jenkins |
6950dbe |
|
|
Steve Jenkins |
6950dbe |
#default._domainkey.example.com example.com:default:%{_sysconfdir}/%{name}/keys/default.private
|
|
Steve Jenkins |
6950dbe |
EOF
|
|
Steve Jenkins |
6950dbe |
|
|
stevejenkins |
9d03b40 |
cat > %{buildroot}%{_sysconfdir}/%{name}/TrustedHosts << 'EOF'
|
|
stevejenkins |
b30456a |
# %{bigname} TRUSTED HOSTS
|
|
Steve Jenkins |
6950dbe |
# To use this file, uncomment the #ExternalIgnoreList and/or the #InternalHosts
|
|
stevejenkins |
b30456a |
# option in %{_sysconfdir}/%{name}.conf then restart %{upname}. Additional hosts
|
|
Steve Jenkins |
6950dbe |
# may be added on separate lines (IP addresses, hostnames, or CIDR ranges).
|
|
stevejenkins |
9f91f67 |
# The localhost IP (127.0.0.1) should always be the first entry in this file.
|
|
Steve Jenkins |
6950dbe |
127.0.0.1
|
|
stevejenkins |
8dbc469 |
::1
|
|
stevejenkins |
9f91f67 |
#host.example.com
|
|
stevejenkins |
9f91f67 |
#192.168.1.0/24
|
|
Steve Jenkins |
6950dbe |
EOF
|
|
Steve Jenkins |
6950dbe |
|
|
stevejenkins |
9d03b40 |
cat > README.fedora << 'EOF'
|
|
stevejenkins |
d66c980 |
#####################################
|
|
stevejenkins |
b30456a |
#FEDORA-SPECIFIC README FOR %{bigname}#
|
|
stevejenkins |
d66c980 |
#####################################
|
|
Steve Jenkins |
c320cbb |
Last updated: Apr 30, 2015 by Steve Jenkins (steve@stevejenkins.com)
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
b30456a |
Generating keys for %{upname}
|
|
stevejenkins |
d66c980 |
============================
|
|
stevejenkins |
b78ea64 |
After installing the %{name} package, you MUST generate a pair of keys (public and private) before
|
|
stevejenkins |
b78ea64 |
attempting to start the %{name} service.
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
b78ea64 |
A valid private key must exist in the location expected by %{_sysconfdir}/%{name}.conf before the service will start.
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
d66c980 |
A matching public key must be included in your domain's DNS records before remote systems can validate
|
|
stevejenkins |
d66c980 |
your outgoing mail's DKIM signature.
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
d66c980 |
Generating Keys Automatically
|
|
stevejenkins |
d66c980 |
=============================
|
|
stevejenkins |
d66c980 |
To automatically create a pair of default keys for the local domain, do:
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
b78ea64 |
% sudo %{_sbindir}/%{name}-default-keygen
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
d66c980 |
The default keygen script will attempt to fetch the local domain name, generate a private and public key for
|
|
stevejenkins |
b78ea64 |
the domain, then save them in %{_sysconfdir}/%{name}/keys as default.private and default.txt with the proper
|
|
stevejenkins |
d66c980 |
ownership and permissions.
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
d66c980 |
NOTE: The default key generation script MUST be run by a privileged user (or root). Otherwise, the resulting
|
|
stevejenkins |
d66c980 |
private key ownership and permissions will not be correct.
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
d66c980 |
Generating Keys Manually
|
|
stevejenkins |
d66c980 |
========================
|
|
stevejenkins |
d66c980 |
A privileged user (or root) can manually generate a set of keys by doing the following:
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
d66c980 |
1) Create a directory to store the new keys:
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
b78ea64 |
% sudo mkdir %{_sysconfdir}/%{name}/keys/example.com
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
d66c980 |
2) Generate keys in that directory for a specific domain name and selector:
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
b78ea64 |
% sudo %{_sbindir}/%{name}-genkey -D %{_sysconfdir}/%{name}/keys/example.com/ -d example.com -s default
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
d66c980 |
3) Set the proper ownership for the directory and private key:
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
b78ea64 |
% sudo chown -R root:%{name} %{_sysconfdir}/%{name}/keys/example.com
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
d66c980 |
4) Set secure permissions for the private key:
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
b78ea64 |
% sudo chmod 640 %{_sysconfdir}/%{name}/keys/example.com/default.private
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
d66c980 |
5) Set standard permissions for the public key:
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
b78ea64 |
% sudo chmod 644 %{_sysconfdir}/%{name}/keys/example.com/default.txt
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
d66c980 |
Updating Key Location(s) in Configuration Files
|
|
stevejenkins |
d66c980 |
===============================================
|
|
stevejenkins |
b78ea64 |
If you run the %{name}-default-keygen script, the default keys will be saved in %{_sysconfdir}/%{name}/keys as
|
|
stevejenkins |
b78ea64 |
default.private and default.txt, which is the location expected by the default %{_sysconfdir}/%{name}.conf file.
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
b78ea64 |
If you manually generate your own keys, you must update the key location and name in %{_sysconfdir}/%{name}.conf
|
|
stevejenkins |
b78ea64 |
before attempting to start the %{name} service.
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
d3cd573 |
Using %upname with SQL Datasets
|
|
stevejenkins |
d3cd573 |
================================
|
|
Steve Jenkins |
c320cbb |
%upname on RedHat-based systems relies on OpenDBX for database access. Depending on which database you use,
|
|
Steve Jenkins |
c320cbb |
you may have to manually install one of the following OpenDBX subpackages (all of which are available via yum):
|
|
Steve Jenkins |
c320cbb |
|
|
Steve Jenkins |
c320cbb |
- opendbx-firebird
|
|
Steve Jenkins |
c320cbb |
- opendbx-mssql
|
|
Steve Jenkins |
c320cbb |
- opendbx-mysql
|
|
Steve Jenkins |
c320cbb |
- opendbx-postgresql
|
|
Steve Jenkins |
c320cbb |
- opendbx-sqlite
|
|
Steve Jenkins |
c320cbb |
- opendbx-sqlite2
|
|
Steve Jenkins |
c320cbb |
- opendbx-sybase
|
|
Steve Jenkins |
c320cbb |
|
|
Steve Jenkins |
c320cbb |
If you have %upname configured to use SQL datasets on a systemd-based server, it might also be necessary to start
|
|
Steve Jenkins |
c320cbb |
the %name service after the database servers by referencing your database unit file(s) in the "After" section of
|
|
Steve Jenkins |
c320cbb |
the %upname unit file.
|
|
stevejenkins |
d3cd573 |
|
|
stevejenkins |
d592eb0 |
For example, if using both MariaDB and PostgreSQL, in %{_unitdir}/%{name}.service change:
|
|
stevejenkins |
d3cd573 |
|
|
stevejenkins |
d3cd573 |
After=network.target nss-lookup.target syslog.target
|
|
stevejenkins |
d3cd573 |
|
|
stevejenkins |
d3cd573 |
to:
|
|
stevejenkins |
d3cd573 |
|
|
stevejenkins |
d3cd573 |
After=network.target nss-lookup.target syslog.target mariadb.service postgresql.service
|
|
stevejenkins |
d3cd573 |
|
|
stevejenkins |
d3cd573 |
|
|
stevejenkins |
d66c980 |
Additional Configuration Help
|
|
stevejenkins |
d66c980 |
=============================
|
|
stevejenkins |
b30456a |
For help configuring your MTA (Postfix, Sendmail, etc.) with %{upname}, setting up DNS records with your
|
|
stevejenkins |
b30456a |
public DKIM key, as well as instructions on configuring %{upname} to sign outgoing mail for multiple
|
|
stevejenkins |
d66c980 |
domains, follow the how-to at:
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
d66c980 |
http://wp.me/p1iGgP-ou
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
b30456a |
Official documentation for %{upname} is available at http://%{name}.org/
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
b30456a |
%{upname} mailing lists are available at http://lists.%{name}.org/
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
d66c980 |
###
|
|
stevejenkins |
d66c980 |
EOF
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
9d03b40 |
install -p -d %{buildroot}%{_sysconfdir}/tmpfiles.d
|
|
stevejenkins |
9d03b40 |
cat > %{buildroot}%{_sysconfdir}/tmpfiles.d/%{name}.conf <<'EOF'
|
|
Steve Jenkins |
6811787 |
D %{_localstatedir}/run/%{name} 0700 %{name} %{name} -
|
|
Steve Jenkins |
6811787 |
EOF
|
|
Steve Jenkins |
6811787 |
|
|
stevejenkins |
9d03b40 |
rm -r %{buildroot}%{_prefix}/share/doc/%{name}
|
|
stevejenkins |
9d03b40 |
rm %{buildroot}%{_libdir}/*.a
|
|
stevejenkins |
9d03b40 |
rm %{buildroot}%{_libdir}/*.la
|
|
Steve Jenkins |
6811787 |
|
|
stevejenkins |
9d03b40 |
mkdir -p %{buildroot}%{_localstatedir}/spool/%{name}
|
|
stevejenkins |
9d03b40 |
mkdir -p %{buildroot}%{_localstatedir}/run/%{name}
|
|
stevejenkins |
9d03b40 |
mkdir -p %{buildroot}%{_sysconfdir}/%{name}
|
|
stevejenkins |
9d03b40 |
mkdir %{buildroot}%{_sysconfdir}/%{name}/keys
|
|
Steve Jenkins |
6811787 |
|
|
stevejenkins |
9d03b40 |
install -m 0755 stats/%{name}-reportstats %{buildroot}%{_prefix}/sbin/%{name}-reportstats
|
|
stevejenkins |
9d03b40 |
sed -i 's|^%{bigname}STATSDIR="/var/db/%{name}"|%{bigname}STATSDIR="%{_localstatedir}/spool/%{name}"|g' %{buildroot}%{_prefix}/sbin/%{name}-reportstats
|
|
stevejenkins |
9d03b40 |
sed -i 's|^%{bigname}DATOWNER="mailnull:mailnull"|%{bigname}DATOWNER="%{name}:%{name}"|g' %{buildroot}%{_prefix}/sbin/%{name}-reportstats
|
|
Steve Jenkins |
80f78ad |
|
|
stevejenkins |
9d03b40 |
chmod 0644 contrib/convert/convert_keylist.sh
|
|
Steve Jenkins |
6811787 |
|
|
Steve Jenkins |
6811787 |
%pre
|
|
Steve Jenkins |
6811787 |
getent group %{name} >/dev/null || groupadd -r %{name}
|
|
Steve Jenkins |
6811787 |
getent passwd %{name} >/dev/null || \
|
|
Steve Jenkins |
6811787 |
useradd -r -g %{name} -G mail -d %{_localstatedir}/run/%{name} -s /sbin/nologin \
|
|
stevejenkins |
b30456a |
-c "%{upname} Milter" %{name}
|
|
Steve Jenkins |
6811787 |
exit 0
|
|
Steve Jenkins |
6811787 |
|
|
Steve Jenkins |
6811787 |
%post
|
|
stevejenkins |
cb53118 |
%if %systemd
|
|
Steve Jenkins |
c320cbb |
%systemd_post %{name}.service
|
|
stevejenkins |
ef75b73 |
%else
|
|
stevejenkins |
ef75b73 |
/sbin/chkconfig --add %{name} || :
|
|
stevejenkins |
ef75b73 |
%endif
|
|
stevejenkins |
ef75b73 |
|
|
Steve Jenkins |
6811787 |
%preun
|
|
stevejenkins |
cb53118 |
%if %systemd
|
|
Steve Jenkins |
c320cbb |
%systemd_preun %{name}.service
|
|
stevejenkins |
ef75b73 |
%else
|
|
stevejenkins |
ef75b73 |
if [ $1 -eq 0 ]; then
|
|
stevejenkins |
ef75b73 |
service %{name} stop >/dev/null || :
|
|
stevejenkins |
ef75b73 |
/sbin/chkconfig --del %{name} || :
|
|
stevejenkins |
ef75b73 |
fi
|
|
stevejenkins |
ef75b73 |
exit 0
|
|
stevejenkins |
ef75b73 |
%endif
|
|
stevejenkins |
ef75b73 |
|
|
Steve Jenkins |
6811787 |
%postun
|
|
stevejenkins |
cb53118 |
%if %systemd
|
|
Steve Jenkins |
c320cbb |
%systemd_postun_with_restart %{name}.service
|
|
stevejenkins |
ef75b73 |
%else
|
|
Steve Jenkins |
6811787 |
if [ "$1" -ge "1" ] ; then
|
|
Steve Jenkins |
6811787 |
/sbin/service %{name} condrestart >/dev/null 2>&1 || :
|
|
Steve Jenkins |
6811787 |
fi
|
|
Steve Jenkins |
6811787 |
exit 0
|
|
stevejenkins |
ef75b73 |
%endif
|
|
Steve Jenkins |
6811787 |
|
|
stevejenkins |
cb53118 |
%if %systemd
|
|
Steve Jenkins |
c320cbb |
# For the switchover from initscript to service file
|
|
stevejenkins |
ef75b73 |
%triggerun -- %{name} < 2.8.0-1
|
|
Steve Jenkins |
c320cbb |
%systemd_post %{name}.service
|
|
stevejenkins |
ef75b73 |
/sbin/chkconfig --del %{name} >/dev/null 2>&1 || :
|
|
Steve Jenkins |
c320cbb |
%systemd_postun_with_restart %{name}.service
|
|
|
50bd122 |
%endif
|
|
stevejenkins |
9f91f67 |
|
|
stevejenkins |
9f91f67 |
%post -n libopendkim -p /sbin/ldconfig
|
|
stevejenkins |
9f91f67 |
|
|
Steve Jenkins |
6811787 |
%postun -n libopendkim -p /sbin/ldconfig
|
|
Steve Jenkins |
6811787 |
|
|
Steve Jenkins |
6811787 |
%clean
|
|
stevejenkins |
9d03b40 |
rm -rf %{buildroot}
|
|
Steve Jenkins |
6811787 |
|
|
Steve Jenkins |
6811787 |
%files
|
|
stevejenkins |
b78ea64 |
%license LICENSE LICENSE.Sendmail
|
|
stevejenkins |
b78ea64 |
%doc FEATURES KNOWNBUGS RELEASE_NOTES RELEASE_NOTES.Sendmail INSTALL
|
|
Steve Jenkins |
6811787 |
%doc contrib/convert/convert_keylist.sh %{name}/*.sample
|
|
Steve Jenkins |
6811787 |
%doc %{name}/%{name}.conf.simple-verify %{name}/%{name}.conf.simple
|
|
Steve Jenkins |
6811787 |
%doc %{name}/README contrib/lua/*.lua
|
|
stevejenkins |
d66c980 |
%doc README.fedora
|
|
Steve Jenkins |
6811787 |
%config(noreplace) %{_sysconfdir}/%{name}.conf
|
|
Steve Jenkins |
6811787 |
%config(noreplace) %{_sysconfdir}/tmpfiles.d/%{name}.conf
|
|
stevejenkins |
dcc6fb8 |
%config(noreplace) %attr(0640,%{name},%{name}) %{_sysconfdir}/%{name}/SigningTable
|
|
stevejenkins |
dcc6fb8 |
%config(noreplace) %attr(0640,%{name},%{name}) %{_sysconfdir}/%{name}/KeyTable
|
|
stevejenkins |
dcc6fb8 |
%config(noreplace) %attr(0640,%{name},%{name}) %{_sysconfdir}/%{name}/TrustedHosts
|
|
Steve Jenkins |
6950dbe |
%config(noreplace) %{_sysconfdir}/sysconfig/%{name}
|
|
Steve Jenkins |
6811787 |
%{_sbindir}/*
|
|
Steve Jenkins |
6811787 |
%{_mandir}/*/*
|
|
Steve Jenkins |
6811787 |
%dir %attr(-,%{name},%{name}) %{_localstatedir}/spool/%{name}
|
|
stevejenkins |
dcc6fb8 |
%dir %attr(0775,%{name},%{name}) %{_localstatedir}/run/%{name}
|
|
Steve Jenkins |
6950dbe |
%dir %attr(-,root,%{name}) %{_sysconfdir}/%{name}
|
|
stevejenkins |
dcc6fb8 |
%dir %attr(0750,%name,%{name}) %{_sysconfdir}/%{name}/keys
|
|
stevejenkins |
9f91f67 |
%attr(0755,root,root) %{_sbindir}/%{name}-default-keygen
|
|
stevejenkins |
9f91f67 |
|
|
stevejenkins |
cb53118 |
%if %systemd
|
|
stevejenkins |
ef75b73 |
%attr(0644,root,root) %{_unitdir}/%{name}.service
|
|
stevejenkins |
ef75b73 |
%else
|
|
stevejenkins |
9f91f67 |
%attr(0755,root,root) %{_initrddir}/%{name}
|
|
|
50bd122 |
%endif
|
|
Steve Jenkins |
6811787 |
|
|
Steve Jenkins |
6811787 |
%files -n libopendkim
|
|
stevejenkins |
b30456a |
%if 0%{?_licensedir:1}
|
|
stevejenkins |
b30456a |
%license LICENSE LICENSE.Sendmail
|
|
stevejenkins |
b30456a |
%else
|
|
stevejenkins |
b30456a |
%doc LICENSE LICENSE.Sendmail
|
|
stevejenkins |
b30456a |
%endif
|
|
stevejenkins |
b30456a |
%doc README
|
|
stevejenkins |
b30456a |
%{_libdir}/lib%{name}.so.*
|
|
stevejenkins |
b78400d |
|
|
Steve Jenkins |
6811787 |
%files -n libopendkim-devel
|
|
stevejenkins |
b30456a |
%if 0%{?_licensedir:1}
|
|
stevejenkins |
b30456a |
%license LICENSE LICENSE.Sendmail
|
|
stevejenkins |
b30456a |
%else
|
|
Steve Jenkins |
6811787 |
%doc LICENSE LICENSE.Sendmail
|
|
stevejenkins |
b30456a |
%endif
|
|
stevejenkins |
b30456a |
%doc lib%{name}/docs/*.html
|
|
Steve Jenkins |
6811787 |
%{_includedir}/%{name}
|
|
Steve Jenkins |
6811787 |
%{_libdir}/*.so
|
|
Steve Jenkins |
6811787 |
%{_libdir}/pkgconfig/*.pc
|
|
Steve Jenkins |
6811787 |
|
|
Steve Jenkins |
6811787 |
%changelog
|
|
|
b38e763 |
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.11.0-0.3
|
|
|
b38e763 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
|
|
|
b38e763 |
|
|
|
901c242 |
* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.11.0-0.2
|
|
|
901c242 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
|
|
|
901c242 |
|
|
stevejenkins |
0599b11 |
* Tue Dec 20 2016 Steve Jenkins <steve@stevejenkins.com> - 2.11.0-0.1
|
|
stevejenkins |
0599b11 |
- Updated to 2.11.0.Alpha0 upstream source
|
|
stevejenkins |
0599b11 |
- Rediffed, combined, and applied patch for SF #35 + #37
|
|
stevejenkins |
0599b11 |
- Modernized spec slightly (thanks to EPEL 5 getting a bit more modern)
|
|
stevejenkins |
0599b11 |
|
|
stevejenkins |
f9d6a6a |
* Mon Aug 01 2016 Steve Jenkins <steve@stevejenkins.com> - 2.10.3-9
|
|
stevejenkins |
f9d6a6a |
- Changed sendmail-milter-devel BuildRequires to > F25
|
|
stevejenkins |
f9d6a6a |
|
|
stevejenkins |
352df3f |
* Mon Aug 01 2016 Steve Jenkins <steve@stevejenkins.com> - 2.10.3-8
|
|
stevejenkins |
352df3f |
- Updated BuildRequires to sendmail-milter-devel for F25+ (RH Bugzilla #891288)
|
|
stevejenkins |
352df3f |
|
|
stevejenkins |
73aba18 |
* Mon Aug 01 2016 Steve Jenkins <steve@stevejenkins.com> - 2.10.3-7
|
|
stevejenkins |
73aba18 |
- Added compile-time support for QUERY_CACHE (RH Bugzilla #1361038)
|
|
stevejenkins |
73aba18 |
|
|
stevejenkins |
1a39121 |
* Fri Jul 22 2016 Steve Jenkins <steve@stevejenkins.com> - 2.10.3-6
|
|
stevejenkins |
1a39121 |
- Patched for From: field wrapping issue (SF Ticket #226)
|
|
stevejenkins |
1a39121 |
|
|
stevejenkins |
9d03b40 |
* Wed Jul 20 2016 Steve Jenkins <steve@stevejenkins.com> - 2.10.3-5
|
|
stevejenkins |
9d03b40 |
- Fixed OpenLDAP support for all targets except EL5 (required version not available)
|
|
stevejenkins |
9d03b40 |
- Updated spec file to more modern conventions
|
|
stevejenkins |
9d03b40 |
|
|
|
99374dd |
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 2.10.3-4
|
|
|
99374dd |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
|
|
|
99374dd |
|
|
stevejenkins |
ed47c99 |
* Fri Dec 25 2015 Steve Jenkins <steve@stevejenkins.com> - 2.10.3-3
|
|
stevejenkins |
ed47c99 |
- Added OpenLDAP support for systemd branches in response to RH Bugzilla #1293279
|
|
stevejenkins |
ed47c99 |
|
|
|
8263e66 |
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.10.3-2
|
|
|
8263e66 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
|
|
|
8263e66 |
|
|
Steve Jenkins |
bc23f38 |
* Tue May 12 2015 Steve Jenkins <steve@stevejenkins.com> - 2.10.3-1
|
|
Steve Jenkins |
bc23f38 |
- Updated to use newer upstream 2.10.3 source code
|
|
Steve Jenkins |
bc23f38 |
|
|
Steve Jenkins |
c320cbb |
* Mon May 11 2015 Steve Jenkins <steve@stevejenkins.com> - 2.10.2-1
|
|
Steve Jenkins |
c320cbb |
- Updated to use newer upstream 2.10.2 source code
|
|
Steve Jenkins |
c320cbb |
- Removed patches for bugs fixed in upstream source
|
|
Steve Jenkins |
c320cbb |
- Included support for systemd macros
|
|
Steve Jenkins |
c320cbb |
- Added deprecated options notice to default configuration file
|
|
Steve Jenkins |
c320cbb |
- Added new options to default configuration file
|
|
Steve Jenkins |
c320cbb |
- Updated README.fedora with additional SQL useage info
|
|
Steve Jenkins |
c320cbb |
|
|
stevejenkins |
d592eb0 |
* Mon Apr 13 2015 Steve Jenkins <steve@stevejenkins.com> - 2.10.1-13
|
|
stevejenkins |
d592eb0 |
- Obsoleted sysvinit subpackage via libopendkim subpackage
|
|
stevejenkins |
d592eb0 |
- Added more macros
|
|
stevejenkins |
d592eb0 |
- Updated README.fedora
|
|
stevejenkins |
d592eb0 |
|
|
stevejenkins |
99729a6 |
* Mon Apr 06 2015 Steve Jenkins <steve@stevejenkins.com> - 2.10.1-12
|
|
stevejenkins |
99729a6 |
- BuildRequires opendbx-devel instead of opendbx
|
|
stevejenkins |
99729a6 |
- Fixed typo in configure flag
|
|
stevejenkins |
99729a6 |
|
|
stevejenkins |
d3cd573 |
* Mon Apr 06 2015 Steve Jenkins <steve@stevejenkins.com> - 2.10.1-11
|
|
stevejenkins |
5ebcc72 |
- All branches now require opendbx
|
|
stevejenkins |
5ebcc72 |
- All branches now configure with --with-obdx flag
|
|
stevejenkins |
d3cd573 |
- Added comments to README.Fedora to address Bug #1209009
|
|
stevejenkins |
5ebcc72 |
- Cleaned up some spacing
|
|
stevejenkins |
d3cd573 |
|
|
stevejenkins |
0f425dd |
* Fri Apr 03 2015 Steve Jenkins <steve@stevejenkins.com> - 2.10.1-10
|
|
stevejenkins |
0f425dd |
- policycoreutils now only required for EL5
|
|
stevejenkins |
0f425dd |
|
|
stevejenkins |
b30456a |
* Thu Apr 02 2015 Steve Jenkins <steve@stevejenkins.com> - 2.10.1-9
|
|
stevejenkins |
b30456a |
- policycoreutils* now only required for Fedora and EL6+
|
|
stevejenkins |
b30456a |
- Added --with-obdx configure support for Fedora builds
|
|
stevejenkins |
b30456a |
- Changed a few macros
|
|
stevejenkins |
b30456a |
- Added additional %license support
|
|
stevejenkins |
b30456a |
|
|
stevejenkins |
b78ea64 |
* Sun Mar 29 2015 Steve Jenkins <steve@stevejenkins.com> - 2.10.1-8
|
|
stevejenkins |
b78ea64 |
- removed unecessary Requires packages
|
|
stevejenkins |
b78ea64 |
- moved libbsd back to BuildRequires
|
|
stevejenkins |
b78ea64 |
- removed unecessary %defattr
|
|
stevejenkins |
b78ea64 |
- added support for %license in place of %doc
|
|
stevejenkins |
b78ea64 |
- Changed some %{name} macro usages
|
|
stevejenkins |
b78ea64 |
|
|
stevejenkins |
2e96080 |
* Sat Mar 28 2015 Steve Jenkins <steve@stevejenkins.com> - 2.10.1-7
|
|
stevejenkins |
2e96080 |
- added %{?_isa} to Requires where necessary
|
|
stevejenkins |
2e96080 |
- added sendmail-milter to Requires
|
|
stevejenkins |
2e96080 |
- added libtool to BuildRequires
|
|
stevejenkins |
2e96080 |
- moved libbsd from BuildRequires to Requires
|
|
stevejenkins |
d3cd573 |
- added policycoreutils and policycoreutils-python to Requires(post)
|
|
stevejenkins |
2e96080 |
|
|
stevejenkins |
dcc6fb8 |
* Sat Mar 28 2015 Steve Jenkins <steve@stevejenkins.com> - 2.10.1-6
|
|
stevejenkins |
dcc6fb8 |
- Remove global _pkgdocdir variable
|
|
stevejenkins |
dcc6fb8 |
- Use defaultdocdir variable in default config file
|
|
stevejenkins |
dcc6fb8 |
- Setting permissions special mode bit explicitly in all cases for consistency
|
|
stevejenkins |
dcc6fb8 |
- Change /var/run/opendkim permissions to group writable for Bug #1120080
|
|
stevejenkins |
dcc6fb8 |
|
|
stevejenkins |
ef75b73 |
* Wed Mar 25 2015 Steve Jenkins <steve@stevejenkins.com> - 2.10.1-5
|
|
stevejenkins |
ef75b73 |
- Combined systemd and SysV spec files using conditionals
|
|
stevejenkins |
ef75b73 |
- Drop sysvinit subpackage completely
|
|
stevejenkins |
ef75b73 |
|
|
stevejenkins |
ef75b73 |
* Tue Mar 24 2015 Steve Jenkins <steve@stevejenkins.com> - 2.10.1-4
|
|
stevejenkins |
fa36bbc |
- Fixed typo in Group name
|
|
stevejenkins |
fa36bbc |
- Added updated libtool definition
|
|
stevejenkins |
fa36bbc |
- Additional comments in spec file
|
|
stevejenkins |
fa36bbc |
- Patch SysV initscript to stop default key generation on startup
|
|
stevejenkins |
fa36bbc |
|
|
|
50bd122 |
* Thu Mar 05 2015 Adam Jackson <ajax@redhat.com> 2.10.1-3
|
|
|
50bd122 |
- Drop sysvinit subpackage from F23+
|
|
|
50bd122 |
|
|
stevejenkins |
8dbc469 |
* Tue Mar 03 2015 Steve Jenkins <steve@stevejenkins.com> - 2.10.1-2
|
|
stevejenkins |
8dbc469 |
- Added IPv6 ::1 support to TrustedHosts (RH Bugzilla #1049204)
|
|
stevejenkins |
8dbc469 |
|
|
stevejenkins |
d66c980 |
* Tue Mar 03 2015 Steve Jenkins <steve@stevejenkins.com> - 2.10.1-1
|
|
stevejenkins |
d66c980 |
- Updated to use newer upstream 2.10.1 source code
|
|
stevejenkins |
d66c980 |
|
|
stevejenkins |
d66c980 |
* Tue Dec 09 2014 Steve Jenkins <steve@stevejenkins.com> - 2.10.0-1
|
|
stevejenkins |
d66c980 |
- Updated to use newer upstream 2.10.0 source code
|
|
stevejenkins |
d66c980 |
- Removed unbound compile option due to orphaned upstream dependency
|
|
stevejenkins |
d66c980 |
- Removed AUTOCREATE_DKIM_KEYS option
|
|
stevejenkins |
d66c980 |
- Added README.fedora with basic key generation and config instructions
|
|
stevejenkins |
d66c980 |
|
|
|
c3cbd1d |
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.9.2-3
|
|
|
c3cbd1d |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
|
|
|
c3cbd1d |
|
|
stevejenkins |
d66c980 |
* Mon Aug 04 2014 Steve Jenkins <steve@stevejenkins.com> - 2.9.2-2
|
|
stevejenkins |
6c2c1ea |
- Change file ownerships/permissions to fix https://bugzilla.redhat.com/show_bug.cgi?id=891292
|
|
stevejenkins |
6c2c1ea |
- Default keys no longer created on startup. Privileged user must run opendkim-default-keygen or create manually (after install)
|
|
stevejenkins |
6c2c1ea |
|
|
stevejenkins |
ef0e472 |
* Wed Jul 30 2014 Steve Jenkins <steve@stevejenkins.com> - 2.9.2-1
|
|
stevejenkins |
ef0e472 |
- Updated to use newer upstream 2.9.2 source code
|
|
stevejenkins |
ef0e472 |
- Fixed invalid date in changelog
|
|
stevejenkins |
ef0e472 |
|
|
|
0f97277 |
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.9.0-3
|
|
|
0f97277 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
|
|
|
0f97277 |
|
|
stevejenkins |
bed926f |
* Wed Dec 18 2013 Steve Jenkins <steve stevejenkins com> - 2.9.0-2
|
|
stevejenkins |
bed926f |
- Patch adds user and group to systemd service file (Thx jcosta@redhat.com)
|
|
stevejenkins |
bed926f |
- Changed default ownership of /etc/opendkim/keys directory to opendkim user
|
|
stevejenkins |
bed926f |
|
|
stevejenkins |
f885847 |
* Wed Dec 18 2013 Steve Jenkins <steve stevejenkins com> - 2.9.0-1
|
|
stevejenkins |
bed926f |
- Updated to use newer upstream 2.9.0 source code
|
|
stevejenkins |
bed926f |
- Added libbsd-devel to Build Requires
|
|
stevejenkins |
f885847 |
- Removed listrl references from libopendkim files section (handled by libbsd-devel)
|
|
stevejenkins |
f885847 |
|
|
stevejenkins |
f885847 |
* Sun Nov 3 2013 Steve Jenkins <steve stevejenkins com> - 2.8.4-4
|
|
stevejenkins |
d08bc75 |
- Rebuild of all release packages to sync version numbers
|
|
stevejenkins |
d08bc75 |
|
|
stevejenkins |
f885847 |
* Sun Nov 3 2013 Ville Skytta ville.skytta@iki.fi> - 2.8.4-3
|
|
|
91fd8f6 |
- Fix path to docs in sample config when doc dir is unversioned (#993997).
|
|
|
91fd8f6 |
|
|
|
f3383dd |
* Sat Aug 03 2013 Petr Pisar <ppisar@redhat.com> - 2.8.4-2
|
|
|
f3383dd |
- Perl 5.18 rebuild
|
|
|
f3383dd |
|
|
stevejenkins |
d08bc75 |
* Tue Jul 23 2013 Steve Jenkins <steve stevejenkins com> 2.8.4-1
|
|
stevejenkins |
f9bc0ab |
- Updated to use newer upstream 2.8.4 source code
|
|
stevejenkins |
f9bc0ab |
- Added libbsd build requirement
|
|
stevejenkins |
f9bc0ab |
|
|
|
b8d5c7f |
* Thu Jul 18 2013 Petr Pisar <ppisar@redhat.com> - 2.8.3-3
|
|
|
b8d5c7f |
- Perl 5.18 rebuild
|
|
|
b8d5c7f |
|
|
stevejenkins |
3ae95bc |
* Fri May 17 2013 Steve Jenkins <steve stevejenkins com> 2.8.3-2
|
|
stevejenkins |
3ae95bc |
- Removed libmemcached support from SysV version (requires > v0.36)
|
|
stevejenkins |
3ae95bc |
|
|
stevejenkins |
b9cca24 |
* Sun May 12 2013 Steve Jenkins <steve stevejenkins com> 2.8.3-1
|
|
stevejenkins |
b9cca24 |
- Updated to use newer upstream 2.8.3 source code
|
|
stevejenkins |
3ae95bc |
- Added unbound, libmcached, and db support on configure
|
|
stevejenkins |
b9cca24 |
|
|
stevejenkins |
ef0e472 |
* Mon Apr 29 2013 Steve Jenkins <steve stevejenkins com> 2.8.2-1
|
|
stevejenkins |
424055a |
- Updated to use newer upstream 2.8.2 source code
|
|
stevejenkins |
424055a |
|
|
stevejenkins |
09e63fc |
* Tue Mar 19 2013 Steve Jenkins <steve stevejenkins com> 2.8.1-1
|
|
stevejenkins |
09e63fc |
- Updated to use newer upstream 2.8.1 source code
|
|
stevejenkins |
09e63fc |
- Removed patches for bugs fixed in upstream source
|
|
stevejenkins |
09e63fc |
|
|
stevejenkins |
79471cf |
* Wed Feb 27 2013 Steve Jenkins <steve stevejenkins com> 2.8.0-4
|
|
stevejenkins |
79471cf |
- Added patch from upstream to fix libdb compatibility issues
|
|
stevejenkins |
79471cf |
|
|
stevejenkins |
d321614 |
* Tue Feb 26 2013 Steve Jenkins <steve stevejenkins com> 2.8.0-3
|
|
stevejenkins |
d321614 |
- Split into two spec files: systemd (F17+) and SysV (EL5-6)
|
|
stevejenkins |
d321614 |
- Removed leading / from unitdir variables
|
|
stevejenkins |
d321614 |
- Removed commented source lines
|
|
stevejenkins |
d321614 |
- Created comment sections for easy switching between systemd and SysV
|
|
stevejenkins |
d321614 |
|
|
stevejenkins |
d321614 |
* Mon Feb 25 2013 Steve Jenkins <steve stevejenkins com> 2.8.0-2
|
|
stevejenkins |
f414407 |
- Added / in front of unitdir variables
|
|
stevejenkins |
f414407 |
|
|
stevejenkins |
9f91f67 |
* Thu Feb 21 2013 Steve Jenkins <steve stevejenkins com> 2.8.0-1
|
|
stevejenkins |
9f91f67 |
- Happy Birthday to me! :)
|
|
stevejenkins |
9f91f67 |
- Updated to use newer upstream 2.8.0 source code
|
|
stevejenkins |
9f91f67 |
- Migration from SysV initscript to systemd unit file
|
|
stevejenkins |
9f91f67 |
- Added systemd build requirement
|
|
stevejenkins |
9f91f67 |
- Edited comments in default configuration files
|
|
stevejenkins |
9f91f67 |
- Changed default Canonicalization to relaxed/relaxed in config file
|
|
stevejenkins |
9f91f67 |
- Changed default values in EnvironmentFile
|
|
stevejenkins |
9f91f67 |
- Moved program startup options into EnvironmentFile
|
|
stevejenkins |
9f91f67 |
- Moved default key check and generation on startup to external script
|
|
stevejenkins |
9f91f67 |
- Removed AutoRestart directives from default config (systemd will handle)
|
|
stevejenkins |
9f91f67 |
- Incorporated additional variable names throughout spec file
|
|
stevejenkins |
9f91f67 |
- Added support for new opendkim-sysvinit package for legacy SysV systems
|
|
|
248decd |
|
|
stevejenkins |
e2f583e |
* Tue Jan 08 2013 Steve Jenkins <steve stevejenkins com> 2.7.4-1
|
|
stevejenkins |
e2f583e |
- Updated to use newer upstream 2.7.4 source code
|
|
stevejenkins |
e2f583e |
- Added AutoRestart and AutoRestartRate directives to default configuration
|
|
stevejenkins |
e2f583e |
- Changed default SigningTable directive to include refile: for wildcard support
|
|
stevejenkins |
e2f583e |
|
|
stevejenkins |
b78400d |
* Tue Dec 04 2012 Steve Jenkins <steve stevejenkins com> 2.7.3-2
|
|
stevejenkins |
b78400d |
- Set /etc/opendkim/keys default permissions to 750 (Thanks patrick at puzzled.xs4al.nl)
|
|
stevejenkins |
b78400d |
|
|
stevejenkins |
c17c729 |
* Thu Nov 29 2012 Steve Jenkins <steve stevejenkins com> 2.7.3-1
|
|
stevejenkins |
c17c729 |
- Updated to use newer upstream 2.7.3 source code
|
|
stevejenkins |
c17c729 |
|
|
stevejenkins |
32dfd10 |
* Mon Nov 19 2012 Steve Jenkins <steve stevejenkins com> 2.7.2-1
|
|
stevejenkins |
32dfd10 |
- Updated to use newer upstream 2.7.2 source code
|
|
stevejenkins |
32dfd10 |
|
|
stevejenkins |
4ba2800 |
* Tue Oct 30 2012 Steve Jenkins <steve stevejenkins com> 2.7.1-1
|
|
stevejenkins |
4ba2800 |
- Updated to use newer upstream 2.7.1 source code
|
|
stevejenkins |
4ba2800 |
- Updated to reflect source code move of files from /usr/bin to /usr/sbin
|
|
stevejenkins |
4ba2800 |
- Removed --enable-stats configure option to avoid additional dependencies
|
|
stevejenkins |
4ba2800 |
- Added support for strlcat() and strlcopy() previously in libopendkim
|
|
stevejenkins |
4ba2800 |
- Added new MinimumKeyBits configuration option with default of 1024
|
|
stevejenkins |
4ba2800 |
|
|
stevejenkins |
b6da0db |
* Wed Aug 22 2012 Steve Jenkins <steve stevejenkins com> 2.6.7-1
|
|
stevejenkins |
b6da0db |
- Updated to use newer upstream 2.6.7 source code
|
|
stevejenkins |
b6da0db |
- Removed patches from 2.4.2 which were incorporated upstream
|
|
stevejenkins |
b6da0db |
- Updated install directory of opendkim-reportstats
|
|
stevejenkins |
b6da0db |
|
|
|
9eac7b5 |
* Fri Jul 20 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.2-7
|
|
|
9eac7b5 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
|
|
|
9eac7b5 |
|
|
|
f1f1675 |
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.2-6
|
|
|
f1f1675 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
|
|
|
f1f1675 |
|
|
Steve Jenkins |
6950dbe |
* Thu Sep 22 2011 Steve Jenkins <steve stevejenkins com> 2.4.2-5
|
|
Steve Jenkins |
6950dbe |
- Changed ownernship of directories to comply with selinux-policy
|
|
Steve Jenkins |
6950dbe |
- Added default KeyTable and TrustedHosts files
|
|
Steve Jenkins |
6950dbe |
- Added config(noreplace) to sysconfig file
|
|
Steve Jenkins |
6950dbe |
|
|
Steve Jenkins |
80f78ad |
* Mon Sep 19 2011 Steve Jenkins <steve stevejenkins com> 2.4.2-4
|
|
Steve Jenkins |
80f78ad |
- Use Fedora standard method to fix pkg supplied libtool (Todd Lyons)
|
|
Steve Jenkins |
80f78ad |
- Updated Summary and Description
|
|
Steve Jenkins |
80f78ad |
- Fixed default stats file location in sample config file
|
|
Steve Jenkins |
80f78ad |
- Install opendkim-reportstats and README.opendkim-reportstats
|
|
Steve Jenkins |
80f78ad |
- Changed default stop priority in init script
|
|
Steve Jenkins |
80f78ad |
- Added example SigningTable
|
|
Steve Jenkins |
80f78ad |
- Added sysconfig support for AUTOCREATE_DKIM_KEYS, DKIM_SELECTOR, DKIM_KEYDIR
|
|
Steve Jenkins |
80f78ad |
- Enabled SysLogSuccess and LogWhy by default
|
|
Steve Jenkins |
80f78ad |
|
|
Steve Jenkins |
6811787 |
* Mon Aug 22 2011 Steve Jenkins <steve stevejenkins com> 2.4.2-3
|
|
Steve Jenkins |
6811787 |
- Mad props to Matt Domsch for sponsoring and providing feedback
|
|
Steve Jenkins |
6811787 |
- Removed {?OSshort} variable in Release: header
|
|
Steve Jenkins |
6811787 |
- Removed explicit Requires: in header
|
|
Steve Jenkins |
6811787 |
- Added support for tmpfiles.d
|
|
Steve Jenkins |
6811787 |
- Replaced opendkim with {name} variable throughout
|
|
Steve Jenkins |
6811787 |
- Replaced RPM_BUILD_ROOT with {buildroot}
|
|
Steve Jenkins |
6811787 |
- Moved changelog to bottom of file
|
|
Steve Jenkins |
6811787 |
- Removed "All Rights Reserved" from top of spec file
|
|
Steve Jenkins |
6811787 |
- Removed Prefix: line in header
|
|
Steve Jenkins |
6811787 |
- Pointed Source*: to the upstream tarballs
|
|
Steve Jenkins |
6811787 |
- Changed BuildRoot: format
|
|
Steve Jenkins |
6811787 |
- Changed makeinstall to make install
|
|
Steve Jenkins |
6811787 |
- Moved creation of working dirs to install
|
|
Steve Jenkins |
6811787 |
- Moved ownership of working dirs to files
|
|
Steve Jenkins |
6811787 |
- Moved user and group creation to pre
|
|
Steve Jenkins |
6811787 |
- Moved permissions setting to files with attr
|
|
Steve Jenkins |
6811787 |
- Created directory for user keys
|
|
Steve Jenkins |
6811787 |
- Removed testing for working directories; mkdir -p will suffice
|
|
Steve Jenkins |
6811787 |
- Revised Summary
|
|
Steve Jenkins |
6811787 |
- Removed static libraries from -devel package
|
|
Steve Jenkins |
6811787 |
- Removed extra spaces
|
|
Steve Jenkins |
6811787 |
- Removed usermod command to add opendkim to mail group
|
|
Steve Jenkins |
6811787 |
- Removed echo in post
|
|
Steve Jenkins |
6811787 |
- General tidying up
|
|
Steve Jenkins |
6811787 |
- Moved INSTALL readme information into patch
|
|
Steve Jenkins |
6811787 |
- Removed CPPFLAGS from configure
|
|
Steve Jenkins |
6811787 |
- Added _smp_mflags to make
|
|
Steve Jenkins |
6811787 |
- Changed which README from source is written to doc directory
|
|
Steve Jenkins |
6811787 |
- Added licenses to all subpackages
|
|
Steve Jenkins |
6811787 |
- Changed default runlevel in init script
|
|
Steve Jenkins |
6811787 |
|
|
Steve Jenkins |
6811787 |
* Tue Aug 16 2011 Steve Jenkins <steve stevejenkins com> 2.4.2-2
|
|
Steve Jenkins |
6811787 |
- Added -q to setup -a 1
|
|
Steve Jenkins |
6811787 |
- Added x86_64 libtool support (Mad props to Todd Lyons)
|
|
Steve Jenkins |
6811787 |
- Added {?dist} variable support in Release: header
|
|
Steve Jenkins |
6811787 |
- Changed Statistics storage location
|
|
Steve Jenkins |
6811787 |
- Statistics option now commented in opendkim.conf by default
|
|
Steve Jenkins |
6811787 |
- Check for existing private key before attempting to build keys
|
|
Steve Jenkins |
6811787 |
- Check for domain name before attempting to build keys
|
|
Steve Jenkins |
6811787 |
|
|
Steve Jenkins |
6811787 |
* Mon Aug 15 2011 Steve Jenkins <steve stevejenkins com> 2.4.2-1
|
|
Steve Jenkins |
6811787 |
- Initial Packaging of opendkim
|