From 6950dbe23b98000777a4eac1695b8e4b919da312 Mon Sep 17 00:00:00 2001 From: Steve Jenkins Date: Thu, 22 Sep 2011 11:52:26 -0700 Subject: Updating to 2.4.2-5 --- opendkim-2.4.2-initscript.patch | 21 ++++++++++++++------- opendkim.spec | 33 ++++++++++++++++++++++++++++----- 2 files changed, 42 insertions(+), 12 deletions(-) diff --git a/opendkim-2.4.2-initscript.patch b/opendkim-2.4.2-initscript.patch index 5670542..325313f 100644 --- a/opendkim-2.4.2-initscript.patch +++ b/opendkim-2.4.2-initscript.patch @@ -1,5 +1,5 @@ --- opendkim-2.4.2/contrib/init/redhat/opendkim.in 2011-08-05 21:09:35.000000000 -0700 -+++ opendkim-2.4.2p/contrib/init/redhat/opendkim.in 2011-09-19 13:54:19.138499060 -0700 ++++ opendkim-2.4.2p/contrib/init/redhat/opendkim.in 2011-09-22 10:59:20.765451439 -0700 @@ -2,7 +2,7 @@ # # opendkim Start and stop OpenDKIM. @@ -9,7 +9,7 @@ # description: OpenDKIM implements the DomainKeys Identified Mail (DKIM) # service and a milter-based filter application that can plug # in to any milter-aware MTA. -@@ -11,33 +11,66 @@ +@@ -11,33 +11,73 @@ ### BEGIN INIT INFO # Provides: opendkim @@ -24,8 +24,8 @@ -# OpenDKIM startup script v1.3 for RHEL/CentOS/Fedora -# by Steve Jenkins (SteveJenkins.com) - 02-15-2011 -# Based on a script by Andrew Colin Kissa (TopDog) for dkim-milter - 28-05-2009 -+# OpenDKIM startup script v1.5 for RHEL/CentOS/Fedora -+# by Steve Jenkins (SteveJenkins.com) - 09-19-2011 ++# OpenDKIM startup script v1.7 for RHEL/CentOS/Fedora ++# by Steve Jenkins (SteveJenkins.com) - 09-22-2011 +# Based on a script by Andrew Colin Kissa (TopDog) for dkim-milter - 05-28-2009 # - Additional functionality to prevent multiple instances and a reload -# handler by Chris LaJoie - 11-01-2011 @@ -36,6 +36,8 @@ +# - Added support for /etc/sysconfig/opendkim override of default init script +# setup parameters - 09-19-2011 +# - Changed default stop priority - 09-19-2011 ++# - Updated success and warning outputs for default key generation - 09-20-2011 ++# - Changed default key directory ownership and permissions - 09-22-2011 . /etc/rc.d/init.d/functions @@ -64,14 +66,19 @@ + if [ ! -s $DKIM_KEYDIR/$DKIM_SELECTOR.private ]; then + echo -n $"Generating default DKIM keys: " + if [ "x`hostname --domain`" = "x" ]; then -+ echo -n $"Cannot determine host's domain name, skipping default key generation." ++ echo_warning ++ echo ++ echo $"Cannot determine host's domain name, so skipping default key generation." + else + mkdir -p $DKIM_KEYDIR + $KEYGEN -D $DKIM_KEYDIR -s $DKIM_SELECTOR -d `hostname --domain` -+ chown -R opendkim:opendkim $DKIM_KEYDIR ++ chown root:$prog $DKIM_KEYDIR ++ chown $prog:$prog $DKIM_KEYDIR/$DKIM_SELECTOR.{private,txt} + chmod 600 $DKIM_KEYDIR/$DKIM_SELECTOR.private + chmod 644 $DKIM_KEYDIR/$DKIM_SELECTOR.txt -+ echo -n $"Default DKIM keys generated." ++ echo_success ++ echo ++ echo Default DKIM keys for `hostname --domain` created in $DKIM_KEYDIR. + fi + fi +} diff --git a/opendkim.spec b/opendkim.spec index 4e9a830..723ff8b 100644 --- a/opendkim.spec +++ b/opendkim.spec @@ -5,7 +5,7 @@ Summary: A DomainKeys Identified Mail (DKIM) milter to sign and/or verify mail Name: opendkim Version: 2.4.2 -Release: 4%{?dist} +Release: 5%{?dist} License: BSD and Sendmail URL: http://opendkim.org/ Group: System Environment/Daemons @@ -168,6 +168,22 @@ cat > %{buildroot}%{_sysconfdir}/%{name}/SigningTable << 'EOF' #example.com default._domainkey.example.com EOF +cat > %{buildroot}%{_sysconfdir}/%{name}/KeyTable << 'EOF' +# To use this file, uncomment the #KeyTable option in %{_sysconfdir}/%{name}.conf, +# then uncomment the following line and replace example.com with your domain +# name, then restart OpenDKIM. Additional keys may be added on separate lines. + +#default._domainkey.example.com example.com:default:%{_sysconfdir}/%{name}/keys/default.private +EOF + +cat > %{buildroot}%{_sysconfdir}/%{name}/TrustedHosts << 'EOF' +# To use this file, uncomment the #ExternalIgnoreList and/or the #InternalHosts +# option in %{_sysconfdir}/%{name}.conf then restart OpenDKIM. Additional hosts +# may be added on separate lines (IP addresses, hostnames, or CIDR ranges). +# The localhost IP (127.0.0.1) should be the first entry in this file. +127.0.0.1 +EOF + install -p -d %{buildroot}%{_sysconfdir}/tmpfiles.d cat > %{buildroot}%{_sysconfdir}/tmpfiles.d/%{name}.conf <<'EOF' D %{_localstatedir}/run/%{name} 0700 %{name} %{name} - @@ -228,16 +244,18 @@ rm -rf %{buildroot} %doc contrib/stats/README.opendkim-reportstats %config(noreplace) %{_sysconfdir}/%{name}.conf %config(noreplace) %{_sysconfdir}/tmpfiles.d/%{name}.conf -%config(noreplace) %attr(-,%{name},%{name}) %{_sysconfdir}/%{name}/SigningTable -%{_sysconfdir}/sysconfig/%{name} +%config(noreplace) %attr(640,%{name},%{name}) %{_sysconfdir}/%{name}/SigningTable +%config(noreplace) %attr(640,%{name},%{name}) %{_sysconfdir}/%{name}/KeyTable +%config(noreplace) %attr(640,%{name},%{name}) %{_sysconfdir}/%{name}/TrustedHosts +%config(noreplace) %{_sysconfdir}/sysconfig/%{name} %{_initrddir}/%{name} %{_sbindir}/* %{_bindir}/* %{_mandir}/*/* %dir %attr(-,%{name},%{name}) %{_localstatedir}/spool/%{name} %dir %attr(-,%{name},%{name}) %{_localstatedir}/run/%{name} -%dir %attr(-,%{name},%{name}) %{_sysconfdir}/%{name} -%dir %attr(-,%{name},%{name}) %{_sysconfdir}/%{name}/keys +%dir %attr(-,root,%{name}) %{_sysconfdir}/%{name} +%dir %attr(-,root,%{name}) %{_sysconfdir}/%{name}/keys %files -n libopendkim %defattr(-,root,root) @@ -253,6 +271,11 @@ rm -rf %{buildroot} %{_libdir}/pkgconfig/*.pc %changelog +* Thu Sep 22 2011 Steve Jenkins 2.4.2-5 +- Changed ownernship of directories to comply with selinux-policy +- Added default KeyTable and TrustedHosts files +- Added config(noreplace) to sysconfig file + * Mon Sep 19 2011 Steve Jenkins 2.4.2-4 - Use Fedora standard method to fix pkg supplied libtool (Todd Lyons) - Updated Summary and Description -- cgit