postfix/postfix.spec@0ba300bdf30a
postfix/postfix.spec
Mon, 20 Apr 2009 19:22:00 +0200
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Mon, 20 Apr 2009 19:22:00 +0200
- changeset 178
- 0ba300bdf30a
- parent 147
- 13509f36148e
- child 495
- 01294b31a79e
- permissions
- -rw-r--r--
Change unfortunate but partly useful overreaching security tradeoff.
The principle of allocating each running process an individual system
user and group can have security benefits, however maintining a plethora
of users, groups, processes, file modes, file permissions, and even
nonportable file ACLs on a host serving from a hundred processes has
some security disadvantages. This tradeoff is even worse for systems
like OpenPKG which benefit from administration transparency through the
use of minimal system intrusion and only three usage privilege levels.
1 ##
2 ## postfix.spec -- OpenPKG RPM Package Specification
3 ## Copyright (c) 2000-2009 OpenPKG Foundation e.V. <http://openpkg.net/>
4 ##
5 ## Permission to use, copy, modify, and distribute this software for
6 ## any purpose with or without fee is hereby granted, provided that
7 ## the above copyright notice and this permission notice appear in all
8 ## copies.
9 ##
10 ## THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
11 ## WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
12 ## MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
13 ## IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
14 ## CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
15 ## SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
16 ## LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
17 ## USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
18 ## ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
19 ## OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
20 ## OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
21 ## SUCH DAMAGE.
22 ##
24 # package versions
25 %define V_postfix 2.5.6
26 %define V_pflogsumm 1.1.2
27 %define V_whoson 2.4.0
29 # package information
30 Name: postfix
31 Summary: Mail Transfer Agent (MTA)
32 URL: http://www.postfix.org/
33 Vendor: Wietse Venema
34 Packager: OpenPKG Foundation e.V.
35 Distribution: OpenPKG Community
36 Class: BASE
37 Group: Mail
38 License: IPL
39 Version: %{V_postfix}
40 Release: 20090418
42 # package options
43 %option with_fsl yes
44 %option with_ssl no
45 %option with_sasl no
46 %option with_mysql no
47 %option with_pgsql no
48 %option with_ldap no
49 %option with_whoson no
50 %option with_fdsetsize no
52 # list of sources
53 Source0: ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-%{V_postfix}.tar.gz
54 Source1: http://jimsun.linxnet.com/downloads/pflogsumm-%{V_pflogsumm}.tar.gz
55 Source2: postfix.txt
56 Source3: fsl.postfix
57 Source4: rc.postfix
58 Patch0: postfix.patch
59 Patch1: postfix.patch.pfls
60 Patch2: ftp://ftp.openpkg.org/sources/CPY/postfix/postfix-%{V_whoson}-whoson.patch
62 # build information
63 Prefix: %{l_prefix}
64 BuildRoot: %{l_buildroot}
65 BuildPreReq: OpenPKG, openpkg >= 20060823, perl, gcc
66 PreReq: OpenPKG, openpkg >= 20060823, perl, procmail, perl-time
67 BuildPreReq: make, pcre, db
68 PreReq: make, pcre, db
69 %if "%{with_fsl}" == "yes"
70 BuildPreReq: fsl
71 PreReq: fsl
72 %endif
73 %if "%{with_ssl}" == "yes"
74 BuildPreReq: openssl
75 PreReq: openssl
76 %endif
77 %if "%{with_sasl}" == "yes"
78 BuildPreReq: sasl
79 PreReq: sasl
80 %endif
81 %if "%{with_mysql}" == "yes"
82 BuildPreReq: mysql
83 PreReq: mysql
84 %endif
85 %if "%{with_pgsql}" == "yes"
86 BuildPreReq: postgresql, openssl
87 PreReq: postgresql, openssl
88 %endif
89 %if "%{with_ldap}" == "yes"
90 BuildPreReq: openldap, openssl
91 PreReq: openldap, openssl
92 %endif
93 %if "%{with_whoson}" == "yes"
94 BuildPreReq: whoson
95 PreReq: whoson
96 %endif
97 AutoReq: no
98 AutoReqProv: no
99 Provides: MTA
100 Conflicts: exim, sendmail, ssmtp
102 %description
103 Postfix is a new-generation Mail Transfer Agent (MTA) able to fully
104 replace the Sendmail MTA. It is fully standards compliant and
105 supports SMTP, ESMTP, LMTP over IPv4/IPv6 with optional TLS/SASL.
107 Local specifics in this OpenPKG version:
108 o Postfix delivers locally via Procmail
109 o Postfix logs directly to the filesystem via OSSP fsl
110 o Berkeley-DB dictionary support
111 o PCRE matching support
112 o Optional STARTTLS encryption support (see package options)
113 o Optional SASL2 authentication support (see package options)
114 o Optional MySQL dictionary support (see package options)
115 o Optional PostgreSQL dictionary support (see package options)
116 o Optional OpenLDAP dictionary support (see package options)
117 o Optional WHOSON dictionary support (see package options)
119 %track
120 prog postfix = {
121 version = %{V_postfix}
122 url = ftp://ftp.porcupine.org/mirrors/postfix-release/official/
123 regex = postfix-(\d+\.\d+\.\d+)\.tar\.gz
124 }
125 prog postfix:pflogsumm = {
126 version = %{V_pflogsumm}
127 url = http://jimsun.linxnet.com/postfix_contrib.html
128 regex = pflogsumm-(__VER__)\.tar\.gz
129 }
130 prog postfix:whoson = {
131 version = %{V_whoson}
132 url = ftp://ftp.openpkg.org/sources/CPY/postfix/
133 regex = postfix-(__VER__)-whoson.patch
134 }
136 %prep
137 # unpack distribution files
138 %setup -q
139 %setup -q -T -D -a 1
141 # apply OpenPKG patches
142 %patch -p0
143 ( cd pflogsumm-%{V_pflogsumm} && %{l_patch} -p0 -b <%{PATCH1} ) || exit $?
145 # remove OpenPKG privelege model incompatible exit conditions
146 %{l_shtool} subst \
147 -e 's;msg_fatal\(.*attribute specifies mail system\);msg_info\1;g' \
148 src/pipe/pipe.c
150 # apply vendor WHOSON patch
151 %if "%{with_whoson}" == "yes"
152 %patch -p0 -P 2
153 %endif
155 %build
156 # configure Postfix (hard-core part I)
157 %{l_shtool} subst \
158 -e 's/var_config_dir, /var_command_dir, /' \
159 src/postfix/postfix.c
160 %{l_shtool} subst \
161 -e 's;config_directory/postfix-script;command_directory/postfix-script;' \
162 -e 's;config_directory/post-install;command_directory/postfix-install;' \
163 conf/postfix-script
164 %{l_shtool} subst \
165 -e 's;/usr/include;%{l_prefix}/include;g' \
166 makedefs
168 # configure Postfix (regular part)
169 unset LD_LIBRARY_PATH || true
170 CCARGS=""
171 CCARGS="$CCARGS %{l_cflags -O}"
172 CCARGS="$CCARGS %{l_cppflags}"
173 CCARGS="$CCARGS -DDEF_COMMAND_DIR=\\\"%{l_prefix}/sbin\\\""
174 CCARGS="$CCARGS -DDEF_SENDMAIL_PATH=\\\"%{l_prefix}/sbin/sendmail\\\""
175 CCARGS="$CCARGS -DDEF_CONFIG_DIR=\\\"%{l_prefix}/etc/postfix\\\""
176 CCARGS="$CCARGS -DDEF_DAEMON_DIR=\\\"%{l_prefix}/libexec/postfix\\\""
177 CCARGS="$CCARGS -DDEF_QUEUE_DIR=\\\"%{l_prefix}/var/postfix\\\""
178 CCARGS="$CCARGS -DDEF_DATA_DIR=\\\"%{l_prefix}/var/postfix/data\\\""
179 AUXLIBS=""
180 AUXLIBS="$AUXLIBS %{l_ldflags}"
181 CCARGS="$CCARGS -DHAS_DB"
182 AUXLIBS="$AUXLIBS -ldb"
183 CCARGS="$CCARGS -DHAS_PCRE"
184 AUXLIBS="$AUXLIBS -lpcre"
185 %if "%{with_mysql}" == "yes"
186 CCARGS="$CCARGS -DHAS_MYSQL %{l_cppflags mysql .}"
187 AUXLIBS="$AUXLIBS %{l_ldflags mysql .} -lmysqlclient -lz -lm"
188 %endif
189 %if "%{with_pgsql}" == "yes"
190 CCARGS="$CCARGS -DHAS_PGSQL %{l_cppflags postgresql .}"
191 AUXLIBS="$AUXLIBS -lpq -lssl -lcrypto -lcrypt"
192 %endif
193 %if "%{with_sasl}" == "yes"
194 CCARGS="$CCARGS -DUSE_SASL_AUTH -DUSE_CYRUS_SASL %{l_cppflags sasl .}"
195 AUXLIBS="$AUXLIBS -lsasl2 -lcrypt"
196 if [ -f /usr/lib/libdl.so -o -f /usr/lib/libdl.a ]; then
197 AUXLIBS="$AUXLIBS -ldl"
198 fi
199 if [ -f /usr/lib64/libdl.so -o -f /usr/lib64/libdl.a ]; then
200 AUXLIBS="$AUXLIBS -ldl"
201 fi
202 %endif
203 %if "%{with_ssl}" == "yes"
204 CCARGS="$CCARGS -DUSE_TLS"
205 AUXLIBS="$AUXLIBS -lssl -lcrypto"
206 %endif
207 %if "%{with_ldap}" == "yes"
208 CCARGS="$CCARGS -DHAS_LDAP"
209 AUXLIBS="$AUXLIBS -lldap -llber -lssl -lcrypto"
210 %endif
211 %if "%{with_fsl}" == "yes"
212 AUXLIBS="$AUXLIBS %{l_fsl_ldflags} %{l_fsl_libs}"
213 CCARGS="$CCARGS -DUSE_SOFTLIMITONLY"
214 %endif
215 %if "%{with_fdsetsize}" != "no"
216 %if "%{with_fdsetsize}" == "yes"
217 CCARGS="$CCARGS -DFD_SETSIZE=1024"
218 %else
219 CCARGS="$CCARGS -DFD_SETSIZE=%{with_fdsetsize}"
220 %endif
221 %endif
222 case "%{l_platform -t}" in
223 *-sunos* ) AUXLIBS="$AUXLIBS -lrt" ;;
224 esac
225 %{l_make} %{l_mflags} -f Makefile.init makefiles \
226 CC="%{l_cc}" CCARGS="$CCARGS" AUXLIBS="$AUXLIBS"
228 # configure Postfix (hard-core part II)
229 %{l_shtool} subst \
230 -e 's;#define HAS_DBM;#define HAS_DBM_DISABLED;' \
231 -e 's;#define HAS_DB;#define HAS_DB_DISABLED;' \
232 src/util/sys_defs.h
234 # build Postfix
235 %{l_make} %{l_mflags}
237 %install
238 rm -rf $RPM_BUILD_ROOT
240 # perform standard installation procedure
241 %{l_shtool} subst -e "s;chown;true;" postfix-install
242 sh postfix-install -non-interactive \
243 install_root=$RPM_BUILD_ROOT \
244 config_directory=%{l_prefix}/etc/postfix \
245 daemon_directory=%{l_prefix}/libexec/postfix \
246 command_directory=%{l_prefix}/sbin \
247 queue_directory=%{l_prefix}/var/postfix \
248 data_directory=%{l_prefix}/var/postfix/data \
249 sendmail_path=%{l_prefix}/sbin/sendmail \
250 newaliases_path=%{l_prefix}/sbin/newaliases \
251 mailq_path=%{l_prefix}/sbin/mailq \
252 manpage_directory=%{l_prefix}/man \
253 mail_user=%{l_musr} \
254 setgid_group=%{l_rgrp}
256 # post-adjust binaries
257 rm -f $RPM_BUILD_ROOT%{l_prefix}/sbin/mailq
258 ln $RPM_BUILD_ROOT%{l_prefix}/sbin/sendmail \
259 $RPM_BUILD_ROOT%{l_prefix}/sbin/mailq
260 rm -f $RPM_BUILD_ROOT%{l_prefix}/sbin/newaliases
261 ln $RPM_BUILD_ROOT%{l_prefix}/sbin/sendmail \
262 $RPM_BUILD_ROOT%{l_prefix}/sbin/newaliases
263 strip $RPM_BUILD_ROOT%{l_prefix}/sbin/* >/dev/null 2>&1 || true
264 strip $RPM_BUILD_ROOT%{l_prefix}/libexec/postfix/* >/dev/null 2>&1 || true
266 # post-adjust configuration
267 for cfg in \
268 *LICENSE makedefs.out bounce.cf.default access aliases \
269 canonical header_checks relocated transport virtual \
270 main.cf master.cf main.cf.default; do
271 rm -f $RPM_BUILD_ROOT%{l_prefix}/etc/postfix/$cfg
272 done
273 mv $RPM_BUILD_ROOT%{l_prefix}/etc/postfix/postfix-script \
274 $RPM_BUILD_ROOT%{l_prefix}/sbin/postfix-script
275 rm -f $RPM_BUILD_ROOT%{l_prefix}/etc/postfix/postfix-script*
276 mv $RPM_BUILD_ROOT%{l_prefix}/etc/postfix/post-install \
277 $RPM_BUILD_ROOT%{l_prefix}/sbin/postfix-install
279 # install default configuration
280 for name in `grep "^<file" %{SOURCE postfix.txt} | sed -e 's;^.*name=";;' -e 's;".*$;;'`; do
281 (echo ""; cat %{SOURCE postfix.txt}; echo "") |\
282 sed -e "1,/^<file name=\"$name\">/d" -e "/<\/file>/,\$d" >$name
283 %{l_shtool} install -c -m 644 %{l_value -s -a} \
284 $name $RPM_BUILD_ROOT%{l_prefix}/etc/postfix/
285 done
287 # pre-create variable stuff
288 ( cd $RPM_BUILD_ROOT%{l_prefix}/var/postfix
289 %{l_shtool} mkdir -f -p -m 700 data
290 %{l_shtool} mkdir -f -p -m 755 log
291 ) || exit $?
293 # install addons
294 %{l_shtool} install -c -m 755 \
295 -e 's;/usr/sbin/sendmail;%{l_prefix}/sbin/sendmail;g' \
296 auxiliary/rmail/rmail $RPM_BUILD_ROOT%{l_prefix}/sbin/rmail
297 %{l_shtool} install -c -m 755 \
298 -e 's;/usr/bin/perl;%{l_prefix}/bin/perl;g' \
299 -e 's;postconf -h;%{l_prefix}/sbin/postconf -h;' \
300 auxiliary/qshape/qshape.pl $RPM_BUILD_ROOT%{l_prefix}/sbin/qshape
301 %{l_shtool} install -c -m 644 \
302 man/man1/qshape.1 $RPM_BUILD_ROOT%{l_prefix}/man/man8/qshape.8
303 ( cd pflogsumm-%{V_pflogsumm}
304 %{l_shtool} install -c -m 755 \
305 -e 's;/usr/bin/perl;%{l_prefix}/bin/perl;g' \
306 pflogsumm.pl $RPM_BUILD_ROOT%{l_prefix}/sbin/pflogsumm
307 %{l_shtool} install -c -m 644 \
308 pflogsumm.1 $RPM_BUILD_ROOT%{l_prefix}/man/man1/
309 ) || exit $?
311 # install run-command script
312 %{l_shtool} mkdir -f -p -m 755 \
313 $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d
314 %{l_shtool} install -c -m 755 %{l_value -s -a} \
315 %{SOURCE rc.postfix} $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/
317 # adjust installation to avoid file name conflicts
318 ( cd $RPM_BUILD_ROOT%{l_prefix}/man/man8
319 mv master.8 postfix_master.8
320 ) || exit $?
322 # install OSSP fsl configuration
323 %{l_shtool} mkdir -f -p -m 755 $RPM_BUILD_ROOT%{l_prefix}/etc/fsl
324 %{l_shtool} install -c -m 644 %{l_value -s -a} \
325 %{SOURCE fsl.postfix} \
326 $RPM_BUILD_ROOT%{l_prefix}/etc/fsl/
328 # generate file list
329 %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
330 %{l_files_std} \
331 '%config %{l_prefix}/etc/fsl/fsl.postfix' \
332 '%attr(-,%{l_susr},%{l_mgrp}) %{l_prefix}/etc/postfix' \
333 '%config %attr(-,%{l_susr},%{l_mgrp}) %{l_prefix}/etc/postfix/*' \
334 '%attr(-,%{l_susr},%{l_mgrp}) %{l_prefix}/libexec/postfix/*' \
335 '%attr(2755,%{l_musr},%{l_rgrp}) %{l_prefix}/sbin/{postdrop,postqueue}' \
336 '%dir %attr(-,%{l_susr},%{l_mgrp}) %{l_prefix}/libexec/postfix' \
337 '%dir %attr(-,%{l_susr},%{l_mgrp}) %{l_prefix}/var/postfix' \
338 '%dir %attr(-,%{l_musr},%{l_rgrp}) %{l_prefix}/var/postfix/{maildrop,public}'
340 %files -f files
342 %clean
343 rm -rf $RPM_BUILD_ROOT
345 %pre
346 # before upgrade, save status and stop service
347 [ $1 -eq 2 ] || exit 0
348 eval `%{l_rc} postfix status 2>/dev/null | tee %{l_tmpfile}`
349 %{l_rc} postfix stop 2>/dev/null
350 exit 0
352 %post
353 if [ $1 -eq 1 ]; then
354 # after install, generate configuration
355 ( cd $RPM_INSTALL_PREFIX/etc/postfix && %{l_make} all; true ) >/dev/null 2>&1
356 fi
357 if [ $1 -eq 2 ]; then
358 # after upgrade, regenerate configuration
359 ( cd $RPM_INSTALL_PREFIX/etc/postfix && %{l_make} clean all; true ) >/dev/null 2>&1
360 # after upgrade, restore status
361 eval `cat %{l_tmpfile}`; rm -f %{l_tmpfile} >/dev/null 2>&1 || true
362 [ ".$postfix_active" = .yes ] && %{l_rc} postfix start
363 fi
364 exit 0
366 %preun
367 # before erase, stop service and remove log files
368 [ $1 -eq 0 ] || exit 0
369 %{l_rc} postfix stop 2>/dev/null
370 rm -f $RPM_INSTALL_PREFIX/var/postfix/log/postfix.log* >/dev/null 2>&1 || true
371 rm -f $RPM_INSTALL_PREFIX/var/postfix/log/postfix.sum* >/dev/null 2>&1 || true
372 # remove generated configuration files
373 ( cd $RPM_INSTALL_PREFIX/etc/postfix && %{l_make} clean >/dev/null 2>&1; true ) || true
374 # remove generated run-time files and directories
375 rm -rf $RPM_INSTALL_PREFIX/etc/postfix/data/*
376 rm -rf $RPM_INSTALL_PREFIX/var/postfix/pid/*
377 rm -rf $RPM_INSTALL_PREFIX/var/postfix/private/*
378 rm -rf $RPM_INSTALL_PREFIX/var/postfix/public/*
379 find $RPM_INSTALL_PREFIX/var/postfix/active/ -type d -print |\
380 xargs rmdir >/dev/null 2>&1 || true
381 find $RPM_INSTALL_PREFIX/var/postfix/incoming/ -type d -print |\
382 xargs rmdir >/dev/null 2>&1 || true
383 exit 0
