[arch-commits] Commit in opendmarc/repos (6 files)

Thore Bödecker foxxx0 at archlinux.org
Wed Feb 24 14:16:49 UTC 2021


    Date: Wednesday, February 24, 2021 @ 14:16:49
  Author: foxxx0
Revision: 871431

archrelease: copy trunk to community-testing-x86_64

Added:
  opendmarc/repos/community-testing-x86_64/
  opendmarc/repos/community-testing-x86_64/PKGBUILD
    (from rev 871430, opendmarc/trunk/PKGBUILD)
  opendmarc/repos/community-testing-x86_64/glibc2.32-compat.patch
    (from rev 871430, opendmarc/trunk/glibc2.32-compat.patch)
  opendmarc/repos/community-testing-x86_64/opendmarc.conf
    (from rev 871430, opendmarc/trunk/opendmarc.conf)
  opendmarc/repos/community-testing-x86_64/opendmarc.service
    (from rev 871430, opendmarc/trunk/opendmarc.service)
  opendmarc/repos/community-testing-x86_64/opendmarc.sysusers
    (from rev 871430, opendmarc/trunk/opendmarc.sysusers)

------------------------+
 PKGBUILD               |   72 +++++++++
 glibc2.32-compat.patch |   19 ++
 opendmarc.conf         |  370 +++++++++++++++++++++++++++++++++++++++++++++++
 opendmarc.service      |   13 +
 opendmarc.sysusers     |    2 
 5 files changed, 476 insertions(+)

Copied: opendmarc/repos/community-testing-x86_64/PKGBUILD (from rev 871430, opendmarc/trunk/PKGBUILD)
===================================================================
--- community-testing-x86_64/PKGBUILD	                        (rev 0)
+++ community-testing-x86_64/PKGBUILD	2021-02-24 14:16:49 UTC (rev 871431)
@@ -0,0 +1,72 @@
+# Maintainer: Thore Bödecker <foxxx0 at archlinux.org>
+# Contributor: Sergej Pupykin <arch+pub at sergej.pp.ru>
+# Contributor: Arthur Țițeică arthur.titeica/gmail/com
+# Contributor: Hao Zhang <theivorytower [at] gmail [dot] com>
+
+pkgname=opendmarc
+pkgver=1.4.0
+pkgrel=1
+_tarball_folder="OpenDMARC-rel-${pkgname}-${pkgver//./-}"
+pkgdesc="Free open source software implementation of the DMARC specification"
+arch=('x86_64')
+url="https://github.com/trusteddomainproject/OpenDMARC"
+license=('custom')
+depends=('smtp-server' 'libspf2' 'libbsd' 'libidn')
+makedepends=('libmilter')
+optdepends=('opendbx: acts as a middleware layer between OpenDMARC and a SQL backend of choice'
+            'python: run opendmarc scripts at /usr/share/doc/opendmarc'
+            'perl: run opendmarc scripts at /usr/share/doc/opendmarc'
+            'perl-switch: generate DMARC reports'
+            'perl-dbd-mysql: generate DMARC reports'
+            'perl-libwww: generate DMARC reports')
+backup=('etc/opendmarc/opendmarc.conf')
+source=("https://github.com/trusteddomainproject/OpenDMARC/archive/rel-${pkgname}-${pkgver//./-}.tar.gz"
+        'glibc2.32-compat.patch'
+        'opendmarc.service'
+        'opendmarc.conf'
+        'opendmarc.sysusers')
+sha512sums=('3f27d5ab0adda6d26184176683d6a784456d85e72bdae23d07977909fceafd679480b5058155d0ccf5c4eac16259215ac4ca7df0a9d1acee3f418a8e2e37d1ef'
+            'b79b6cf0f48030665a70de97d5b264850f2ec6022ef325bce1343980dae68af8129f0a0e40fd84efb6abe36b3a62af9c00a2606cfffdff6fadcb98928c4cf9b2'
+            '738de0cd286dd30713f32034f9ecf9009b6f64038c573c9f8aedaf10df8293bb9eec9d19492a03a2ebf2d2960289bdf48be9b1eb25395dbe9a490f7e3b25cb34'
+            '2753ad4477b499947ca07bb385ad0e10f327efa61a9059884091ead8e8e2bd65793436053d5a9c734e4c0676b7823982083ea7b35fae967eeacaeafb6226ff20'
+            'fbd5e81ded35281e3a63b4858a368033fa27696dee22a5dcf52e3e04b0762476e1ffa6edb489cf76612f3b4ffaee0fce586ab97d1da9805a089bbaf3487c907b')
+
+prepare() {
+  cd "${srcdir}/${_tarball_folder}"
+  mkdir docs
+  touch docs/Makefile.in
+  patch -p1 -N -i "${srcdir}"/glibc2.32-compat.patch
+}
+
+build() {
+  cd "${srcdir}/${_tarball_folder}"
+#  export LDFLAGS="${LDFLAGS//,--as-needed}"
+  test -x configure || autoreconf -v -i
+  ./configure --prefix=/usr \
+              --bindir=/usr/bin \
+              --sbindir=/usr/bin \
+              --sysconfdir="/etc/${pkgname}" \
+              --with-spf \
+              --with-spf2-include=/usr/include/spf2 \
+              --with-spf2-lib=/usr/lib/
+  make
+}
+
+check() {
+  cd "${srcdir}/${_tarball_folder}"
+  make -k check
+}
+
+package() {
+  cd "${srcdir}/${_tarball_folder}"
+  make DESTDIR="${pkgdir}/" install
+  # config
+  install -D -m640 -o 335 -g 12 "${srcdir}/opendmarc.conf" "${pkgdir}/etc/${pkgname}/opendmarc.conf"
+  # License
+  install -D -m644 "LICENSE" "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
+  rm "${pkgdir}/usr/share/doc/${pkgname}/LICENSE"
+  # systemd service
+  install -D -m644 "${srcdir}/${pkgname}.service" "${pkgdir}/usr/lib/systemd/system/${pkgname}.service"
+  # sysusers.d snippet
+  install -D -m644 "${srcdir}/${pkgname}.sysusers" "${pkgdir}/usr/lib/sysusers.d/${pkgname}.conf"
+}

Copied: opendmarc/repos/community-testing-x86_64/glibc2.32-compat.patch (from rev 871430, opendmarc/trunk/glibc2.32-compat.patch)
===================================================================
--- community-testing-x86_64/glibc2.32-compat.patch	                        (rev 0)
+++ community-testing-x86_64/glibc2.32-compat.patch	2021-02-24 14:16:49 UTC (rev 871431)
@@ -0,0 +1,19 @@
+diff -upr a/configure.ac b/configure.ac
+--- a/configure.ac	2021-01-28 18:35:29.000000000 +0100
++++ b/configure.ac	2021-02-24 15:03:51.290443097 +0100
+@@ -139,15 +139,9 @@ m4_define([AC_LANG_CALL], [AC_LANG_PROGR
+ AC_SEARCH_LIBS(res_ninit, resolv,
+ 	AC_DEFINE(HAVE_RES_NINIT, 1,
+ 	[Define to 1 if you have the `res_ninit()' function.]))
+-AC_SEARCH_LIBS(res_ndestroy, resolv,
+-        AC_DEFINE(HAVE_RES_NDESTROY, 1,
+-        [Define to 1 if you have the `res_ndestroy()' function.]))
+ AC_SEARCH_LIBS(__res_ninit, resolv,
+         AC_DEFINE(HAVE_RES_NINIT, 1,
+         [Define to 1 if you have the `__res_ninit()' function.]))
+-AC_SEARCH_LIBS(__res_ndestroy, resolv,
+-        AC_DEFINE(HAVE_RES_NDESTROY, 1,
+-        [Define to 1 if you have the `__res_ndestroy()' function.]))
+  
+ m4_rename_force([saved_AC_LANG_CALL], [AC_LANG_CALL])
+ AC_CHECK_LIB(idn, idn_free)

Copied: opendmarc/repos/community-testing-x86_64/opendmarc.conf (from rev 871430, opendmarc/trunk/opendmarc.conf)
===================================================================
--- community-testing-x86_64/opendmarc.conf	                        (rev 0)
+++ community-testing-x86_64/opendmarc.conf	2021-02-24 14:16:49 UTC (rev 871431)
@@ -0,0 +1,370 @@
+## opendmarc.conf -- configuration file for OpenDMARC filter
+##
+## Copyright (c) 2012-2015, The Trusted Domain Project.  All rights reserved.
+
+## DEPRECATED CONFIGURATION OPTIONS
+## 
+## The following configuration options are no longer valid.  They should be
+## removed from your existing configuration file to prevent potential issues.
+## Failure to do so may result in opendmarc being unable to start.
+## 
+## Renamed in 1.3.0:
+##   ForensicReports became FailureReports
+##   ForensicReportsBcc became FailureReportsBcc
+##   ForensicReportsOnNone became FailureReportsOnNone
+##   ForensicReportsSentBy became FailureReportsSentBy
+
+## CONFIGURATION OPTIONS
+
+##  AuthservID (string)
+##  	defaults to MTA name
+##
+##  Sets the "authserv-id" to use when generating the Authentication-Results:
+##  header field after verifying a message.  If the string "HOSTNAME" is
+##  provided, the name of the host running the filter (as returned by the
+##  gethostname(3) function) will be used.  
+#
+# AuthservID name
+AuthservID HOSTNAME
+
+##  AuthservIDWithJobID { true | false }
+##  	default "false"
+##
+##  If "true", requests that the authserv-id portion of the added
+##  Authentication-Results header fields contain the job ID of the message
+##  being evaluated.
+#
+# AuthservIDWithJobID false
+
+##  AutoRestart { true | false }
+##  	default "false"
+##
+##  Automatically re-start on failures. Use with caution; if the filter fails
+##  instantly after it starts, this can cause a tight fork(2) loop.
+#
+# AutoRestart false
+
+##  AutoRestartCount n
+##  	default 0
+##
+##  Sets the maximum automatic restart count.  After this number of automatic
+##  restarts, the filter will give up and terminate.  A value of 0 implies no
+##  limit.
+#
+# AutoRestartCount 0
+
+##  AutoRestartRate n/t[u]
+##  	default (no limit)
+##
+##  Sets the maximum automatic restart rate.  If the filter begins restarting
+##  faster than the rate defined here, it will give up and terminate.  This
+##  is a string of the form n/t[u] where n is an integer limiting the count
+##  of restarts in the given interval and t[u] defines the time interval
+##  through which the rate is calculated; t is an integer and u defines the
+##  units thus represented ("s" or "S" for seconds, the default; "m" or "M"
+##  for minutes; "h" or "H" for hours; "d" or "D" for days). For example, a
+##  value of "10/1h" limits the restarts to 10 in one hour. There is no
+##  default, meaning restart rate is not limited.
+#
+# AutoRestartRate n/t[u]
+
+##  Background { true | false }
+##  	default "true"
+##
+##  Causes opendmarc to fork and exits immediately, leaving the service
+##  running in the background.
+#
+# Background true
+
+##  BaseDirectory (string)
+##  	default (none)
+##
+##  If set, instructs the filter to change to the specified directory using
+##  chdir(2) before doing anything else.  This means any files referenced
+##  elsewhere in the configuration file can be specified relative to this
+##  directory.  It's also useful for arranging that any crash dumps will be
+##  saved to a specific location.
+#
+# BaseDirectory /var/run/opendmarc
+
+##  ChangeRootDirectory (string)
+##  	default (none)
+##
+##  Requests that the operating system change the effective root directory of
+##  the process to the one specified here prior to beginning execution.
+##  chroot(2) requires superuser access.  A warning will be generated if
+##  UserID is not also set.
+# 
+# ChangeRootDirectory /var/chroot/opendmarc
+
+##  CopyFailuresTo (string)
+##  	default (none)
+##
+##  Requests addition of the specified email address to the envelope of
+##  any message that fails the DMARC evaluation.
+#
+# CopyFailuresTo postmaster at localhost
+
+##  DNSTimeout (integer)
+##  	default 5
+## 
+##  Sets the DNS timeout in seconds.  A value of 0 causes an infinite wait.
+##  (NOT YET IMPLEMENTED)
+#
+# DNSTimeout 5
+
+##  EnableCoredumps { true | false }
+##  	default "false"
+##
+##  On systems that have such support, make an explicit request to the kernel
+##  to dump cores when the filter crashes for some reason.  Some modern UNIX
+##  systems suppress core dumps during crashes for security reasons if the
+##  user ID has changed during the lifetime of the process.  Currently only
+##  supported on Linux.
+#
+# EnableCoreDumps false
+
+##  FailureReports { true | false }
+##  	default "false"
+##
+##  Enables generation of failure reports when the DMARC test fails and the
+##  purported sender of the message has requested such reports.  Reports are
+##  formatted per RFC6591.
+# 
+# FailureReports false
+
+##  FailureReportsBcc (string)
+##  	default (none)
+##
+##  When failure reports are enabled and one is to be generated, always
+##  send one to the address(es) specified here.  If a failure report is
+##  requested by the domain owner, the address(es) are added in a Bcc: field.
+##  If no request is made, they address(es) are used in a To: field.  There
+##  is no default.
+# 
+# FailureReportsBcc postmaster at example.coom
+
+##  FailureReportsOnNone { true | false }
+##  	default "false"
+##
+##  Supplements the "FailureReports" setting by generating reports for
+##  domains that advertise "none" policies.  By default, reports are only
+##  generated (when enabled) for sending domains advertising a "quarantine"
+##  or "reject" policy.
+# 
+# FailureReportsOnNone false
+
+##  FailureReportsSentBy string
+##  	default "USER at HOSTNAME"
+##
+##  Specifies the email address to use in the From: field of failure
+##  reports generated by the filter.  The default is to use the userid of
+##  the user running the filter and the local hostname to construct an
+##  email address.  "postmaster" is used in place of the userid if a name
+##  could not be determined.
+# 
+# FailureReportsSentBy USER at HOSTNAME
+
+##  HistoryFile path
+##  	default (none)
+##
+##  If set, specifies the location of a text file to which records are written
+##  that can be used to generate DMARC aggregate reports.  Records are groups
+##  of rows containing information about a single received message, and
+##  include all relevant information needed to generate a DMARC aggregate
+##  report.  It is expected that this will not be used in its raw form, but
+##  rather periodically imported into a relational database from which the
+##  aggregate reports can be extracted by a tool such as opendmarc-import(8).
+#
+# HistoryFile /var/run/opendmarc.dat
+
+##  IgnoreAuthenticatedClients { true | false }
+##  	default "false"
+##
+##  If set, causes mail from authenticated clients (i.e., those that used
+##  SMTP AUTH) to be ignored by the filter.
+#
+IgnoreAuthenticatedClients true
+
+##  IgnoreHosts path
+##  	default (internal)
+##
+##  Specifies the path to a file that contains a list of hostnames, IP
+##  addresses, and/or CIDR expressions identifying hosts whose SMTP
+##  connections are to be ignored by the filter.  If not specified, defaults
+##  to "127.0.0.1" only.
+#
+# IgnoreHosts /etc/opendmarc/ignore.hosts
+
+##  IgnoreMailFrom domain[,...]
+##  	default (none)
+##
+##  Gives a list of domain names whose mail (based on the From: domain) is to
+##  be ignored by the filter.  The list should be comma-separated.  Matching
+##  against this list is case-insensitive.  The default is an empty list,
+##  meaning no mail is ignored.
+#
+# IgnoreMailFrom example.com
+
+##  MilterDebug (integer)
+##  	default 0
+##
+##  Sets the debug level to be requested from the milter library.
+#
+# MilterDebug 0
+
+##  PidFile path
+##  	default (none)
+##
+##  Specifies the path to a file that should be created at process start
+##  containing the process ID.
+#
+# PidFile /var/run/opendmarc.pid
+
+##  PublicSuffixList path
+##  	default (none)
+##
+##  Specifies the path to a file that contains top-level domains (TLDs) that
+##  will be used to compute the Organizational Domain for a given domain name,
+##  as described in the DMARC specification.  If not provided, the filter will
+##  not be able to determine the Organizational Domain and only the presented
+##  domain will be evaluated.
+#
+# PublicSuffixList path
+
+##  RecordAllMessages { true | false }
+##  	default "false"
+##
+##  If set and "HistoryFile" is in use, all received messages are recorded
+##  to the history file.  If not set (the default), only messages for which
+##  the From: domain published a DMARC record will be recorded in the
+##  history file.
+#
+# RecordAllMessages false
+
+##  RejectFailures { true | false }
+##  	default "false"
+##
+##  If set, messages will be rejected if they fail the DMARC evaluation, or
+##  temp-failed if evaluation could not be completed.  By default, no message
+##  will be rejected or temp-failed regardless of the outcome of the DMARC
+##  evaluation of the message.  Instead, an Authentication-Results header
+##  field will be added.
+#
+# RejectFailures false
+
+##  ReportCommand string
+##  	default "/usr/sbin/sendmail -t"
+##
+##  Indicates the shell command to which failure reports should be passed for
+##  delivery when "FailureReports" is enabled.
+#
+# ReportCommand /usr/sbin/sendmail -t
+
+##  RequiredHeaders { true | false }
+##  	default "false"
+##
+##  If set, the filter will ensure the header of the message conforms to the
+##  basic header field count restrictions laid out in RFC5322, Section 3.6.
+##  Messages failing this test are rejected without further processing.  A
+##  From: field from which no domain name could be extracted will also be
+##  rejected.
+#
+# RequiredHeaders false
+
+##  Socket socketspec
+##  	default (none)
+##
+##  Specifies the socket that should be established by the filter to receive
+##  connections from sendmail(8) in order to provide service.  socketspec is
+##  in one of two forms: local:path, which creates a UNIX domain socket at
+##  the specified path, or inet:port[@host] or inet6:port[@host] which creates
+##  a TCP socket on the specified port for the appropriate protocol family.
+##  If the host is not given as either a hostname or an IP address, the
+##  socket will be listening on all interfaces.  This option is mandatory
+##  either in the configuration file or on the command line.  If an IP
+##  address is used, it must be enclosed in square brackets.
+#
+# Socket inet:8893 at localhost
+Socket unix:/var/spool/opendmarc/opendmarc.sock
+
+##  SoftwareHeader { true | false }
+##  	default "false"
+##
+##  Causes the filter to add a "DMARC-Filter" header field indicating the
+##  presence of this filter in the path of the message from injection to
+##  delivery.  The product's name, version, and the job ID are included in
+##  the header field's contents.
+#
+# SoftwareHeader false
+
+##  SPFIgnoreResults { true | false }
+##	default "false"
+##
+##  Causes the filter to ignore any SPF results in the header of the
+##  message.  This is useful if you want the filter to perfrom SPF checks
+##  itself, or because you don't trust the arriving header.
+#
+# SPFIgnoreResults false
+
+##  SPFSelfValidate { true | false }
+##	default false
+##
+##  Enable internal spf checking with --with-spf
+##  To use libspf2 instead:  --with-spf --with-spf2-include=path --with-spf2-lib=path
+##
+##  Causes the filter to perform a fallback SPF check itself when
+##  it can find no SPF results in the message header.  If SPFIgnoreResults
+##  is also set, it never looks for SPF results in headers and
+##  always performs the SPF check itself when this is set.
+#
+SPFSelfValidate true
+
+##  Syslog { true | false }
+##  	default "false"
+##
+##  Log via calls to syslog(3) any interesting activity.
+#
+# Syslog false
+
+##  SyslogFacility facility-name
+##  	default "mail"
+##
+##  Log via calls to syslog(3) using the named facility.  The facility names
+##  are the same as the ones allowed in syslog.conf(5).
+#
+# SyslogFacility mail
+
+##  TrustedAuthservIDs string
+##  	default HOSTNAME
+##
+##  Specifies one or more "authserv-id" values to trust as relaying true
+##  upstream DKIM and SPF results.  The default is to use the name of
+##  the MTA processing the message.  To specify a list, separate each entry
+##  with a comma.  The key word "HOSTNAME" will be replaced by the name of
+##  the host running the filter as reported by the gethostname(3) function.
+#
+# TrustedAuthservIDs HOSTNAME
+
+##  UMask mask
+##  	default (none)
+##
+##  Requests a specific permissions mask to be used for file creation.  This
+##  only really applies to creation of the socket when Socket specifies a
+##  UNIX domain socket, and to the HistoryFile and PidFile (if any); temporary
+##  files are normally created by the mkstemp(3) function that enforces a
+##  specific file mode on creation regardless of the process umask.  See
+##  umask(2) for more information.
+#
+# UMask 077
+UMask 002
+
+##  UserID user[:group]
+##  	default (none)
+##
+##  Attempts to become the specified userid before starting operations.
+##  The process will be assigned all of the groups and primary group ID of
+##  the named userid unless an alternate group is specified.
+#
+# UserID opendmarc
+# ATTENTION: user and group are enforced throug the systemd service file

Copied: opendmarc/repos/community-testing-x86_64/opendmarc.service (from rev 871430, opendmarc/trunk/opendmarc.service)
===================================================================
--- community-testing-x86_64/opendmarc.service	                        (rev 0)
+++ community-testing-x86_64/opendmarc.service	2021-02-24 14:16:49 UTC (rev 871431)
@@ -0,0 +1,13 @@
+[Unit]
+Description=OpenDMARC
+After=network.target remote-fs.target nss-lookup.target
+
+[Service]
+Type=forking
+User=opendmarc
+Group=mail
+ExecStart=/usr/bin/opendmarc -c /etc/opendmarc/opendmarc.conf
+Restart=always
+
+[Install]
+WantedBy=multi-user.target

Copied: opendmarc/repos/community-testing-x86_64/opendmarc.sysusers (from rev 871430, opendmarc/trunk/opendmarc.sysusers)
===================================================================
--- community-testing-x86_64/opendmarc.sysusers	                        (rev 0)
+++ community-testing-x86_64/opendmarc.sysusers	2021-02-24 14:16:49 UTC (rev 871431)
@@ -0,0 +1,2 @@
+u opendmarc 335 - /etc/opendmarc
+m opendmarc mail



More information about the arch-commits mailing list