| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Signed-off-by: Michael Mair-Keimberger <m.mairkeimberger@gmail.com>
Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
|
|
|
|
|
|
| |
Bug: https://bugs.gentoo.org/684956
Package-Manager: Portage-2.3.62, Repoman-2.3.11
Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
|
|
|
|
|
| |
Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
Package-Manager: Portage-2.3.62, Repoman-2.3.11
|
|
|
|
|
|
|
|
|
|
|
|
| |
The OpenDKIM test suite won't be run if the user doesn't have Lua
installed. The (R)DEPEND variables have been refactored to add that
missing build-time dependency. In addition, a hacky sed line that
relocated the unix socket in the test suite has been replaced, by
the --with-test-socket ./configure flag.
Bug: https://bugs.gentoo.org/682290
Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
Package-Manager: Portage-2.3.62, Repoman-2.3.11
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the previous revision -r11, we tried to unite the configuration for
OpenRC and systemd. But, I made a mistake: the upstream location for
e.g. the main configuration file is @sysconfdir@/opendkim.conf, but in
Gentoo we install it to @sysconfdir@/opendkim/opendkim.conf. That path
is overridden in the OpenRC service script, but not in the systemd
service, which now crashes upon starting.
The error, however, is in the OpenRC script (and in our ebuild). The
correct way to relocate the configuration files is to pass a different
value to --sysconfdir in src_configure(). This new revision does that,
and updates the OpenRC service script to use the built-in location,
rather than a custom Gentoo-defined one. That's how it should have
been all along.
This also fixes an unreported bug, wherein all of the installed
documentation like opendkim.conf(5) pointed to the wrong path.
Thanks to Ralph Seichter who built a systemd virtual machine in order
to test everything.
Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
Package-Manager: Portage-2.3.62, Repoman-2.3.11
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
dev-libs/libressl lacks support for OPENSSL_thread_stop which was used
by the patch adding support for dev-libs/openssl-1.1.1
In order to address this problem we modify the patch to default to the
old deinitialization code when dev-libs/libressl is used.
Closes: https://bugs.gentoo.org/669612
Signed-off-by: Francisco Blas Izquierdo Riera (klondike) <klondike@gentoo.org>
Package-Manager: Portage-2.3.51, Repoman-2.3.11
Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Michael Orlitzky and I have been working on improved OpenRC support
for OpenDKIM. Our pull request has not yet been accepted upstream (not
even acknowledged, in fact). The multi-file patch adds our changes to
the existing Gentoo ebuild. Changes to the upstream build files
include:
* configure.ac: Added workaround to support @runstatedir@. On modern
systems /run replaces /var/run, so using @runstatedir@ instead of
@localstatedir@/run is preferable. Autoconf 2.70 will support
@runstatedir@ , but it has not been released yet, so a workaround
is required for version 2.61.
* contrib/systemd: Use @runstatedir@ in opendkim.service.in, enable
full @VARIABLE@ substitution, fix inconsistencies in the systemd
service file, add tmpfiles.d configuration file
(https://bugs.gentoo.org/606978).
* opendkim/opendkim.conf.*.in: Use @runstatedir@ in PidFile paths,
enable full @VARIABLE@ substitution.
Bug: https://bugs.gentoo.org/606978
Signed-off-by: Ralph Seichter <gentoo@seichter.de>
Package-Manager: Portage-2.3.62, Repoman-2.3.11
Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
|
|
|
|
|
| |
Signed-off-by: Michael Mair-Keimberger <m.mairkeimberger@gmail.com>
Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Removed support for the 'gnutls' use flag. Added missing enewgroup
statement. These modifications address the two bugs listed below.
Closes: https://bugs.gentoo.org/682906
Closes: https://bugs.gentoo.org/683338
Signed-off-by: Ralph Seichter <gentoo@seichter.de>
Package-Manager: Portage-2.3.62, Repoman-2.3.11
Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
|
|
|
|
|
|
|
| |
Bug: https://bugs.gentoo.org/629914
Bug: https://bugs.gentoo.org/629888
Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
Package-Manager: Portage-2.3.62, Repoman-2.3.11
|
|
|
|
|
| |
Package-Manager: Portage-2.3.62, Repoman-2.3.12
Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Ralph and I have been discussing the best way to handle a local UNIX
socket. One thing that we both agree on is that, regardless of the
other details, the daemon should be running with a UMask of 0117 to
create the socket group-writable but otherwise private. And since the
opendkim(8) man page says that the UMask is used only for the socket,
there's no reason we shouldn't add it to the default configuration. In
other words, it doesn't hurt anything if you're *not* using a local
socket. This is one fewer thing that we need to document.
Bug: https://bugs.gentoo.org/575666
Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
Package-Manager: Portage-2.3.62, Repoman-2.3.11
|
|
|
|
|
|
|
|
|
| |
Added pre-start configuration checks for OpenRC and systemd.
Signed-off-by: Ralph Seichter <gentoo@seichter.de>
Closes: https://bugs.gentoo.org/622604
Package-Manager: Portage-2.3.62, Repoman-2.3.11
Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
|
|
|
|
|
|
| |
Signed-off-by: Agostino Sarubbo <ago@gentoo.org>
Package-Manager: Portage-2.3.62, Repoman-2.3.11
RepoMan-Options: --include-arches="amd64"
|
|
|
|
|
|
|
|
|
| |
Looking through the upstream example config files, I don't see any of
the expressions that the "sed" script in src_prepare is supposed to
replace. Huh. This commit removes those "sed" commands.
Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
Package-Manager: Portage-2.3.62, Repoman-2.3.11
|
|
|
|
|
|
|
|
| |
These two people expressed interest (on the -dev mailing list) in
maintaining this package.
Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
Package-Manager: Portage-2.3.62, Repoman-2.3.11
|
|
|
|
|
|
|
|
|
|
|
| |
The keys that are generated by opendkim-genkey are data, in a sense,
and not configuration files. As a result, I think it's more appropriate
to store them in /var/lib/opendkim than in /etc/opendkim where they were
previously stored. This commit moves the keys, and also tightens the
permissions on them a bit so that the "opendkim" user can only read them.
Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
Package-Manager: Portage-2.3.62, Repoman-2.3.11
|
|
|
|
|
|
|
|
|
|
|
| |
The previous revisions installed a variable config file, and only did
so conditionally, based on the state of the live filesystem. The new
revision always installs the same config file. This should be simpler
and more predictable. In addition, the temporary directory "${T}" is
now used as "scratch space" while mangling that config file.
Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
Package-Manager: Portage-2.3.62, Repoman-2.3.11
|
|
|
|
|
|
|
|
|
|
|
|
| |
There's a sed line in src_prepare that messes with some *.lua test
files. I've changed the action of that script to use "${T}" rather
than "/tmp" for security reasons... but I'm unable to figure out when
those test files are actuallty used. So, I've left a TODO comment to
figure it out in the future (or maybe just delete that sed line
entirely).
Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
Package-Manager: Portage-2.3.62, Repoman-2.3.11
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sharing a local OpenDKIM socket with an MTA is far too tricky. This
commit adds an elog with some vague hints, but we really need a decent
wiki page with some step-by-step instructions. This is progress
towards bug 575666, but I won't consider that resolved until we have
a wiki page.
Bug: https://bugs.gentoo.org/575666
Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
Package-Manager: Portage-2.3.62, Repoman-2.3.11
|
|
|
|
|
| |
Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
Package-Manager: Portage-2.3.62, Repoman-2.3.11
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The OpenRC service script has been largely rewritten in this revision,
to solve a number of problems:
* The PID file is now stored securely (bug 629914).
* Different PID files are used for multiple instances (bug 536162).
* The detection of boolean options in the config file is more robust,
allowing "1", "0", "yes", "false", et cetera.
* The socket is now located in a conf.d file, rather than parsed from
the config file. The service script ensures that the directory
containing the socket has the correct permissions, and the conf.d
file comes with a big warning to that effect. Note that the (commented-
out) example directory IS NOT shared with the PID file.
* An error is thrown if we can't remove a stale socket.
* Modern OpenRC service script standards have been adopted.
Some minor changes have been made to the systemd service for
consistency, but none of them have been tested. More work needs to be
done here anyway; for example, we most likely want a tmpfiles.d entry
for the local socket directory if the user configures one. This should
be documented in opendkim.service.conf, and tested by someone who uses
systemd.
Closes: https://bugs.gentoo.org/536162
Bug: https://bugs.gentoo.org/629914
Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
Package-Manager: Portage-2.3.62, Repoman-2.3.11
|
|
|
|
|
| |
Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
Package-Manager: Portage-2.3.62, Repoman-2.3.11
|
|
|
|
|
| |
Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
Package-Manager: Portage-2.3.62, Repoman-2.3.11
|
|
|
|
|
| |
Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
Package-Manager: Portage-2.3.62, Repoman-2.3.11
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Prior to this revision, the OpenDKIM daemon would run as the "milter"
user, which is a username shared by a few other related packages.
However, that user has the ability to read your private DKIM signing
keys, and no other services should have access to those. Thus, sharing
the user account creates a security risk. In the new revision, a
dedicated "opendkim" user is created for the OpenDKIM daemon. The
configuration, OpenRC service script, and systemd service files have
all been updated with the new user name.
In addition, the permissions on /var/lib/opendkim have been tightened
so members of the "opendkim" group can only read it by default. The
daemon does not need to modify your keys, in particular, and should
not be able to. One downside to this is that the "Statistics"
configuration directive that was enabled by default with USE=berkdb
will no longer work out-of-the-box. It will still work, but the
administrator will need to grant write access to the file that he
designates for the statistics data. But since it won't work without
some extra fiddling, it has been removed from the configuration file
that we install.
An ewarn notifies users who are upgrading of the account name change.
Closes: https://bugs.gentoo.org/629888
Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
Package-Manager: Portage-2.3.62, Repoman-2.3.11
|
|
|
|
|
| |
Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
Package-Manager: Portage-2.3.62, Repoman-2.3.11
|
|
|
|
|
|
|
|
|
|
| |
The data directory /var/lib/opendkim is installed empty by default,
and therefore needs to be created with keepdir (and not dodir). This
changes the installed image, and thus is cause for a new revision.
Closes: https://bugs.gentoo.org/666334
Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
Package-Manager: Portage-2.3.62, Repoman-2.3.11
|
|
|
|
|
|
|
|
|
|
| |
Our init script is a critical out-of-tree piece of code that gets
installed, and it's licensed GPL-2. So, we should include that in the
LICENSE variable for the package.
Closes: https://bugs.gentoo.org/425960
Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
Package-Manager: Portage-2.3.62, Repoman-2.3.11
|
|
|
|
|
|
|
|
|
|
| |
There were a few commented variables at the top of the -r4 ebuild that
were used for beta releases. However, this package hasn't seen a
release in three years -- much less a beta release -- so I think
they're just wasting space at this point.
Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
Package-Manager: Portage-2.3.62, Repoman-2.3.11
|
|
|
|
|
| |
Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
Package-Manager: Portage-2.3.62, Repoman-2.3.11
|
|
|
|
|
| |
Bug: https://bugs.gentoo.org/681680
Signed-off-by: Michał Górny <mgorny@gentoo.org>
|
|
|
|
|
| |
Package-Manager: Portage-2.3.54, Repoman-2.3.12
Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
|
|
|
|
|
|
| |
Closes: https://bugs.gentoo.org/669512
Signed-off-by: Craig Andrews <candrews@gentoo.org>
Package-Manager: Portage-2.3.51, Repoman-2.3.11
|
|
|
|
| |
Package-Manager: Portage-2.3.49, Repoman-2.3.10
|
| |
|
|
|
|
|
|
| |
Package-Manager: Portage-2.3.3, Repoman-2.3.1
RepoMan-Options: --include-arches="x86"
Signed-off-by: Agostino Sarubbo <ago@gentoo.org>
|
|
|
|
|
|
| |
Package-Manager: Portage-2.3.3, Repoman-2.3.1
RepoMan-Options: --include-arches="amd64"
Signed-off-by: Agostino Sarubbo <ago@gentoo.org>
|
|
|
|
| |
Package-Manager: Portage-2.3.3, Repoman-2.3.1
|
|
|
|
|
|
| |
Bug: 583752
Package-Manager: Portage-2.3.3, Repoman-2.3.1
|
|
|
|
| |
Bug: 611234
|
|
|
|
| |
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
|
|
|
|
| |
Closes: https://github.com/gentoo/gentoo/pull/1977
|
|
|
|
| |
Package-Manager: portage-2.2.28
|
| |
|
|
|
|
|
|
| |
Fixes: https://bugs.gentoo.org/show_bug.cgi?id=542936
(cherry picked from commit add2021a15b569224b4d50b1d072307d00de0eb9)
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
|
|
|
|
| |
Package-Manager: portage-2.2.27
|
|
|
|
|
|
| |
Package-Manager: portage-2.2.26
RepoMan-Options: --include-arches="x86"
Signed-off-by: Agostino Sarubbo <ago@gentoo.org>
|
| |
|
|
|
|
|
| |
Replace all uses of herd with appropriate project maintainers, or no
maintainers in case of herds requested to be disbanded.
|