Update to 2.8.0-1

3 files changed, 137 insertions, 48 deletions

diff --git a/.gitignore b/.gitignore
index 5304fc6..288b362 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,3 +4,4 @@
 /opendkim-2.7.2.tar.gz
 /opendkim-2.7.3.tar.gz
 /opendkim-2.7.4.tar.gz
+/opendkim-2.8.0.tar.gz
diff --git a/opendkim.spec b/opendkim.spec
index af5e795..9fca3a0 100644
--- a/opendkim.spec
+++ b/opendkim.spec
@@ -4,22 +4,28 @@
 
 Summary: A DomainKeys Identified Mail (DKIM) milter to sign and/or verify mail
 Name: opendkim
-Version: 2.7.4
-Release: 2%{?dist}
+Version: 2.8.0
+Release: 1%{?dist}
 License: BSD and Sendmail
 URL: http://opendkim.org/
 Group: System Environment/Daemons
 Requires: lib%{name} = %{version}-%{release}
 Requires (pre): shadow-utils
-Requires (post): chkconfig
-Requires (preun): chkconfig, initscripts
-Requires (postun): initscripts
+Requires (post): systemd-units
+Requires (preun): systemd-units
+Requires (postun): systemd-units
+# This is actually needed for the %triggerun script but Requires(triggerun)
+# is not valid.  We can use %post because this particular %triggerun script
+# should fire just after this package is installed.
+Requires (post): systemd-sysv
 
 BuildRequires: openssl-devel
 BuildRequires: pkgconfig
 BuildRequires: sendmail-devel
 
 Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz
+#Source1: %{name}.service
+#Source2: %{name}-default-keygen
 
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
@@ -46,11 +52,25 @@ Requires: libopendkim = %{version}-%{release}
 This package contains the static libraries, headers, and other support files
 required for developing applications against libopendkim.
 
+%package sysvinit
+Summary: The SysV init script to manage the OpenDKIM milter.
+Group: System Environmnt/Daemons
+Requires: %{name} = %{version}-%{release}
+
+%description sysvinit
+OpenDKIM allows signing and/or verification of email through an open source
+library that implements the DKIM service, plus a milter-based filter
+application that can plug in to any milter-aware MTA, including sendmail,
+Postfix, or any other MTA that supports the milter protocol. This package
+contains the SysV init script to manage the OpenDKIM milter when running a
+legacy SysV-compatible init system.
+
+It is not required when the init system used is systemd.
+
 %prep
 %setup -q
 
 %build
-#%configure --enable-stats
 %configure
 sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
 sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
@@ -59,12 +79,17 @@ sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
 rm -rf %{buildroot}
 
 make DESTDIR=%{buildroot} install %{?_smp_mflags}
-mkdir -p %{buildroot}%{_sysconfdir}
-mkdir -p %{buildroot}%{_initrddir}
-install -m 0755 contrib/init/redhat/opendkim %{buildroot}%{_initrddir}/%{name}
+install -d %{buildroot}%{_sysconfdir}
+install -d %{buildroot}%{_sysconfdir}/sysconfig
+install -d %{buildroot}%{_initrddir}
+install -d -m 0755 %{buildroot}%{_unitdir}
+install -m 0755 contrib/init/redhat/%{name} %{buildroot}%{_initrddir}/%{name}
+install -m 0644 contrib/systemd/%{name}.service %{buildroot}%{_unitdir}/%{name}.service
+install -m 0755 contrib/init/redhat/%{name}-default-keygen %{buildroot}%{_sbindir}/%{name}-default-keygen
+
 cat > %{buildroot}%{_sysconfdir}/%{name}.conf << 'EOF'
 ## BASIC OPENDKIM CONFIGURATION FILE
-## See opendkim.conf(5) or %{_docdir}/%{name}-%{version}/%{name}.conf.sample for more
+## See %{name}.conf(5) or %{_docdir}/%{name}-%{version}/%{name}.conf.sample for more
 
 ## BEFORE running OpenDKIM you must:
 
@@ -79,13 +104,9 @@ cat > %{buildroot}%{_sysconfdir}/%{name}.conf << 'EOF'
 # Specifies the path to the process ID file.
 PidFile	%{_localstatedir}/run/%{name}/%{name}.pid
 
-# Determines whether to automatically restart if the process dies unexpectedly
-AutoRestart	yes
-
-# Limits the number of automatic restarts allowed per any given time period
-AutoRestartRate	5/1h
-
-# Selects operating modes. Valid modes are s (signer) and v (verifier). Default is v.
+# Selects operating modes. Valid modes are s (sign) and v (verify). Default is v.
+# Must be changed to s (sign only) or sv (sign and verify) in order to sign outgoing
+# messages.
 Mode	v
 
 # Log activity to the system log.
@@ -116,7 +137,7 @@ Umask	002
 ## SIGNING OPTIONS
 
 # Selects the canonicalization method(s) to be used when signing messages.
-Canonicalization	relaxed/simple
+Canonicalization	relaxed/relaxed
 
 # Domain(s) whose mail should be signed by this filter. Mail from other domains will
 # be verified rather than being signed. Uncomment and use your domain name.
@@ -129,58 +150,73 @@ Selector	default
 # Specifies the minimum number of key bits for acceptable keys and signatures.
 MinimumKeyBits 1024
 
-# Gives the location of a private key to be used for signing ALL messages.
+# Gives the location of a private key to be used for signing ALL messages. This
+# directive is ignored if KeyTable is enabled.
 KeyFile	%{_sysconfdir}/%{name}/keys/default.private
 
 # Gives the location of a file mapping key names to signing keys. In simple terms,
 # this tells OpenDKIM where to find your keys. If present, overrides any KeyFile
-# setting in the configuration file. 
+# directive in the configuration file. Requires SigningTable be enabled.
 #KeyTable	%{_sysconfdir}/%{name}/KeyTable
 
 # Defines a table used to select one or more signatures to apply to a message based
 # on the address found in the From: header field. In simple terms, this tells
-# OpenDKIM how to use your keys.  
+# OpenDKIM how to use your keys. Requires KeyTable be enabled.
 #SigningTable	refile:%{_sysconfdir}/%{name}/SigningTable
 
 # Identifies a set of "external" hosts that may send mail through the server as one
 # of the signing domains without credentials as such.
 #ExternalIgnoreList	refile:%{_sysconfdir}/%{name}/TrustedHosts
 
-# Identifies a set internal hosts whose mail should be signed rather than verified.
+# Identifies a set "internal" hosts whose mail should be signed rather than verified.
 #InternalHosts	refile:%{_sysconfdir}/%{name}/TrustedHosts
 EOF
 
-mkdir -p %{buildroot}%{_sysconfdir}/sysconfig
 cat > %{buildroot}%{_sysconfdir}/sysconfig/%{name} << 'EOF'
-# Uncomment the following line to disable automatic DKIM key creation
-#AUTOCREATE_DKIM_KEYS=NO
-#
-# Uncomment the following line to set the default DKIM selector
-#DKIM_SELECTOR=default
-#
-# Uncomment the following to set the default DKIM key directory
-#DKIM_KEYDIR=/etc/opendkim/keys
+# Set the necessary startup options
+OPTIONS="-x %{_sysconfdir}/%{name}.conf -P %{_localstatedir}/run/%{name}/%{name}.pid"
+
+# Determine whether default DKIM keys are automatically created on start
+AUTOCREATE_DKIM_KEYS=YES
+
+# Set the default DKIM selector
+DKIM_SELECTOR=default
+
+# Set the default DKIM key location
+DKIM_KEYDIR=%{_sysconfdir}/%{name}/keys
 EOF
 
 mkdir -p %{buildroot}%{_sysconfdir}/%{name}
 cat > %{buildroot}%{_sysconfdir}/%{name}/SigningTable << 'EOF'
-# The following wildcard will work only if
-# refile:%{_sysconfdir}/%{name}/SigningTable is included
-# in %{_sysconfdir}/%{name}.conf.
+# OPENDKIM SIGNING TABLE
+# This table controls how to apply one or more signatures to outgoing messages based
+# on the address found in the From: header field. In simple terms, this tells
+# OpenDKIM "how" to apply your keys.
+
+# To use this file, uncomment the SigningTable option in %{_sysconfdir}/%{name}.conf,
+# then uncomment one of the usage examples below and replace example.com with your
+# domain name, then restart OpenDKIM.
+
+# WILDCARD EXAMPLE
+# Enables signing for any address on the listed domain(s), but will work only if
+# "refile:%{_sysconfdir}/%{name}/SigningTable" is included in %{_sysconfdir}/%{name}.conf.
+# Create additional lines for additional domains.
 
 #*@example.com default._domainkey.example.com
 
-# If refile: is not specified in %{_sysconfdir}/%{name}.conf, then full
-# user@host is checked first, then simply host, then user@.domain (with all
-# superdomains checked in sequence, so "foo.example.com" would first check
-# "user@foo.example.com", then "user@.example.com", then "user@.com"), then
-# .domain, then user@*, and finally *. See the opendkim.conf(5) man page
-# under "SigningTable".
+# NON-WILDCARD EXAMPLE
+# If "file:" (instead of "refile:") is specified in %{_sysconfdir}/%{name}.conf, then
+# wildcards will not work. Instead, full user@host is checked first, then simply host,
+# then user@.domain (with all superdomains checked in sequence, so "foo.example.com"
+# would first check "user@foo.example.com", then "user@.example.com", then "user@.com"),
+# then .domain, then user@*, and finally *. See the %{name}.conf(5) man page under
+# "SigningTable" for more details.
 
 #example.com default._domainkey.example.com
 EOF
 
 cat > %{buildroot}%{_sysconfdir}/%{name}/KeyTable << 'EOF'
+# OPENDKIM KEY TABLE
 # To use this file, uncomment the #KeyTable option in %{_sysconfdir}/%{name}.conf,
 # then uncomment the following line and replace example.com with your domain
 # name, then restart OpenDKIM. Additional keys may be added on separate lines.
@@ -189,11 +225,14 @@ cat > %{buildroot}%{_sysconfdir}/%{name}/KeyTable << 'EOF'
 EOF
 
 cat > %{buildroot}%{_sysconfdir}/%{name}/TrustedHosts << 'EOF'
+# OPENDKIM TRUSTED HOSTS
 # To use this file, uncomment the #ExternalIgnoreList and/or the #InternalHosts
 # option in %{_sysconfdir}/%{name}.conf then restart OpenDKIM. Additional hosts
 # may be added on separate lines (IP addresses, hostnames, or CIDR ranges).
-# The localhost IP (127.0.0.1) should be the first entry in this file.
+# The localhost IP (127.0.0.1) should always be the first entry in this file.
 127.0.0.1
+#host.example.com
+#192.168.1.0/24
 EOF
 
 install -p -d %{buildroot}%{_sysconfdir}/tmpfiles.d
@@ -224,11 +263,24 @@ getent passwd %{name} >/dev/null || \
 exit 0
 
 %post
-/sbin/chkconfig --add %{name} || :
+#%systemd_post %{name}.service
+if [ $1 -eq 1 ] ; then 
+    # Initial installation 
+    /bin/systemctl enable %{name}.service >/dev/null 2>&1 || :
+fi
 
-%post -n libopendkim -p /sbin/ldconfig
+%post sysvinit
+/sbin/chkconfig --add %{name} || :
 
 %preun
+#%systemd_preun %{name}.service
+if [ $1 -eq 0 ] ; then
+    # Package removal, not upgrade
+    /bin/systemctl --no-reload disable %{name}.service > /dev/null 2>&1 || :
+    /bin/systemctl stop %{name}.service > /dev/null 2>&1 || :
+fi
+
+%preun sysvinit
 if [ $1 -eq 0 ]; then
 	service %{name} stop >/dev/null || :
 	/sbin/chkconfig --del %{name} || :
@@ -236,11 +288,30 @@ fi
 exit 0
 
 %postun
+#%systemd_postun_with_restart %{name}.service
+/bin/systemctl daemon-reload >/dev/null 2>&1 || :
+if [ $1 -ge 1 ] ; then
+    # Package upgrade, not uninstall
+    /bin/systemctl try-restart %{name}.service >/dev/null 2>&1 || :
+fi
+
+%postun sysvinit
 if [ "$1" -ge "1" ] ; then
 	/sbin/service %{name} condrestart >/dev/null 2>&1 || :
 fi
 exit 0
 
+%triggerun -- %{name} < 2.8.0-1
+/usr/bin/systemd-sysv-convert --save %{name} >/dev/null 2>&1 || :
+/bin/systemctl enable %{name}.service >/dev/null 2>&1
+/sbin/chkconfig --del %{name} >/dev/null 2>&1 || :
+/bin/systemctl try-restart %{name}.service >/dev/null 2>&1 || :
+
+%triggerpostun -n opendkim-sysvinit -- %{name} < 2.8.0-1
+/sbin/chkconfig --add %{name} >/dev/null 2>&1 || :
+
+%post -n libopendkim -p /sbin/ldconfig
+
 %postun -n libopendkim -p /sbin/ldconfig
 
 %clean
@@ -252,20 +323,26 @@ rm -rf %{buildroot}
 %doc contrib/convert/convert_keylist.sh %{name}/*.sample
 %doc %{name}/%{name}.conf.simple-verify %{name}/%{name}.conf.simple
 %doc %{name}/README contrib/lua/*.lua
-%doc contrib/stats/README.opendkim-reportstats
+%doc contrib/stats/README.%{name}-reportstats
 %config(noreplace) %{_sysconfdir}/%{name}.conf
 %config(noreplace) %{_sysconfdir}/tmpfiles.d/%{name}.conf
 %config(noreplace) %attr(640,%{name},%{name}) %{_sysconfdir}/%{name}/SigningTable
 %config(noreplace) %attr(640,%{name},%{name}) %{_sysconfdir}/%{name}/KeyTable
 %config(noreplace) %attr(640,%{name},%{name}) %{_sysconfdir}/%{name}/TrustedHosts
 %config(noreplace) %{_sysconfdir}/sysconfig/%{name}
-%{_initrddir}/%{name}
 %{_sbindir}/*
 %{_mandir}/*/*
 %dir %attr(-,%{name},%{name}) %{_localstatedir}/spool/%{name}
 %dir %attr(-,%{name},%{name}) %{_localstatedir}/run/%{name}
 %dir %attr(-,root,%{name}) %{_sysconfdir}/%{name}
 %dir %attr(750,root,%{name}) %{_sysconfdir}/%{name}/keys
+%attr(0644,root,root) %{_unitdir}/%{name}.service
+%attr(0755,root,root) %{_sbindir}/%{name}-default-keygen
+
+%files sysvinit
+%defattr(-,root,root)
+#%{_initrddir}/%{name}
+%attr(0755,root,root) %{_initrddir}/%{name}
 
 %files -n libopendkim
 %defattr(-,root,root)
@@ -284,8 +361,19 @@ rm -rf %{buildroot}
 %{_libdir}/pkgconfig/*.pc
 
 %changelog
-* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.7.4-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
+* Thu Feb 21 2013 Steve Jenkins <steve stevejenkins com> 2.8.0-1
+- Happy Birthday to me! :)
+- Updated to use newer upstream 2.8.0 source code
+- Migration from SysV initscript to systemd unit file
+- Added systemd build requirement
+- Edited comments in default configuration files
+- Changed default Canonicalization to relaxed/relaxed in config file
+- Changed default values in EnvironmentFile
+- Moved program startup options into EnvironmentFile
+- Moved default key check and generation on startup to external script
+- Removed AutoRestart directives from default config (systemd will handle)
+- Incorporated additional variable names throughout spec file
+- Added support for new opendkim-sysvinit package for legacy SysV systems
 
 * Tue Jan 08 2013 Steve Jenkins <steve stevejenkins com> 2.7.4-1
 - Updated to use newer upstream 2.7.4 source code
diff --git a/sources b/sources
index 14f97a3..582f9e8 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-310063cabe530eb0b5c16103334b3bb0  opendkim-2.7.4.tar.gz
+53bd811c6577235bd008f632e7f63dae  opendkim-2.8.0.tar.gz