192 lines
6.5 KiB
RPMSpec
192 lines
6.5 KiB
RPMSpec
%global upname OpenDMARC
|
|
%global bigname OPENDMARC
|
|
|
|
Summary: A Domain-based Message Authentication, Reporting & Conformance (DMARC) milter and library
|
|
Name: opendmarc
|
|
Version: 1.4.2
|
|
Release: 3
|
|
License: BSD and Sendmail
|
|
URL: http://www.trusteddomain.org/%{name}.html
|
|
Source0: https://github.com/trusteddomainproject/OpenDMARC/archive/refs/tags/rel-opendmarc-1-4-2.tar.gz
|
|
Patch01: opendmarc-1.4.0-ticket159-179.patch
|
|
Patch02: fix-CVE-2024-25768.patch
|
|
|
|
|
|
Requires: lib%{name}%{?_isa} = %{version}-%{release}
|
|
BuildRequires: make
|
|
BuildRequires: openssl-devel, libtool, pkgconfig, libbsd, libbsd-devel libspf2-devel
|
|
Requires(pre): shadow-utils
|
|
BuildRequires: libmilter
|
|
BuildRequires: libmilter-devel
|
|
BuildRequires: systemd
|
|
BuildRequires: autoconf
|
|
BuildRequires: automake
|
|
BuildRequires: libtool
|
|
BuildRequires: mariadb-connector-c-devel
|
|
BuildRequires: sendmail-milter-devel
|
|
|
|
%description
|
|
%{upname} (Domain-based Message Authentication, Reporting & Conformance)
|
|
provides an open source library that implements the DMARC verification
|
|
service plus a milter-based filter application that can plug in to any
|
|
milter-aware MTA, including sendmail, Postfix, or any other MTA that supports
|
|
the milter protocol.
|
|
|
|
The DMARC sender authentication system is still a draft standard, working
|
|
towards RFC status.
|
|
|
|
The database schema required for some functions is provided in
|
|
%{_datadir}/%{name}/db. The rddmarc tools are provided in
|
|
%{_datadir}/%{name}/contrib/rddmarc.
|
|
|
|
%package -n libopendmarc
|
|
Summary: An open source DMARC library
|
|
|
|
%description -n libopendmarc
|
|
This package contains the library files required for running services built
|
|
using libopendmarc.
|
|
|
|
%package -n libopendmarc-devel
|
|
Summary: Development files for libopendmarc
|
|
Requires: lib%{name}%{?_isa} = %{version}-%{release}
|
|
|
|
%description -n lib%{name}-devel
|
|
This package contains the static libraries, headers, and other support files
|
|
required for developing applications against libopendmarc.
|
|
|
|
%prep
|
|
%autosetup -p1 -n OpenDMARC-rel-opendmarc-1-4-2
|
|
|
|
%build
|
|
autoreconf -v -i
|
|
%configure --with-sql-backend --with-spf -with-spf2-include=%{_prefix}/include/spf2 --with-spf2-lib=%{_libdir}/libspf2.so
|
|
make DESTDIR=%{buildroot} %{?_smp_mflags}
|
|
|
|
%install
|
|
make DESTDIR=%{buildroot} install %{?_smp_mflags}
|
|
mkdir -p %{buildroot}%{_sysconfdir}
|
|
install -d %{buildroot}%{_sysconfdir}/sysconfig
|
|
mkdir -p -m 0755 %{buildroot}%{_sysconfdir}/%{name}
|
|
|
|
cat > %{buildroot}%{_sysconfdir}/sysconfig/%{name} << 'EOF'
|
|
# Set the necessary startup options
|
|
OPTIONS="-c %{_sysconfdir}/%{name}.conf"
|
|
EOF
|
|
|
|
install -d -m 0755 %{buildroot}%{_unitdir}
|
|
cat > %{buildroot}%{_unitdir}/%{name}.service <<EOF
|
|
[Unit]
|
|
Description=Domain-based Message Authentication, Reporting & Conformance (DMARC) Milter
|
|
Documentation=man:%{name}(8) man:%{name}.conf(5) man:%{name}-import(8) man:%{name}-reports(8) http://www.trusteddomain.org/%{name}/
|
|
After=network.target nss-lookup.target syslog.target
|
|
|
|
[Service]
|
|
Type=simple
|
|
RuntimeDirectory=opendmarc
|
|
RuntimeDirectoryMode=0750
|
|
EnvironmentFile=-/etc/sysconfig/%{name}
|
|
ExecStart=/usr/sbin/%{name} -f \$OPTIONS
|
|
ExecReload=/bin/kill -USR1 \$MAINPID
|
|
Restart=on-failure
|
|
User=%{name}
|
|
Group=%{name}
|
|
Umask=0007
|
|
ReadWritePaths=%{_localstatedir}/spool/%{name}
|
|
ProtectSystem=strict
|
|
ProtectHome=true
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
EOF
|
|
|
|
# Install and set some basic settings in the default config file
|
|
install -m 0644 %{name}/%{name}.conf.sample %{buildroot}%{_sysconfdir}/%{name}.conf
|
|
|
|
sed -i 's|^# AuthservID name |AuthservID HOSTNAME |' %{buildroot}%{_sysconfdir}/%{name}.conf
|
|
sed -i 's|^# HistoryFile /var/run/%{name}.dat|# HistoryFile %{_localstatedir}/spool/%{name}/%{name}.dat|' %{buildroot}%{_sysconfdir}/%{name}.conf
|
|
sed -i 's|^# Socket inet:8893@localhost|Socket local:%{_rundir}/%{name}/%{name}.sock|' %{buildroot}%{_sysconfdir}/%{name}.conf
|
|
sed -i 's|^# SoftwareHeader false|SoftwareHeader true|' %{buildroot}%{_sysconfdir}/%{name}.conf
|
|
sed -i 's|^# SPFIgnoreResults false|SPFIgnoreResults true|' %{buildroot}%{_sysconfdir}/%{name}.conf
|
|
sed -i 's|^# SPFSelfValidate false|SPFSelfValidate true|' %{buildroot}%{_sysconfdir}/%{name}.conf
|
|
sed -i 's|^# Syslog false|Syslog true|' %{buildroot}%{_sysconfdir}/%{name}.conf
|
|
sed -i 's|^# UMask 077|UMask 007|' %{buildroot}%{_sysconfdir}/%{name}.conf
|
|
sed -i 's|^# UserID %{name}|UserID %{name}:mail|' %{buildroot}%{_sysconfdir}/%{name}.conf
|
|
sed -i 's|/usr/local||' %{buildroot}%{_sysconfdir}/%{name}.conf
|
|
|
|
install -p -d %{buildroot}%{_sysconfdir}/tmpfiles.d
|
|
cat > %{buildroot}%{_sysconfdir}/tmpfiles.d/%{name}.conf <<EOF
|
|
D %{_rundir}/%{name} 0750 %{name} %{name} -
|
|
EOF
|
|
|
|
rm -rf %{buildroot}%{_prefix}/share/doc/%{name}
|
|
rm %{buildroot}%{_libdir}/*.{la,a}
|
|
|
|
mkdir -p %{buildroot}%{_includedir}/%{name}
|
|
install -m 0644 lib%{name}/dmarc.h %{buildroot}%{_includedir}/%{name}/
|
|
|
|
mkdir -p %{buildroot}%{_localstatedir}/spool/%{name}
|
|
mkdir -p %{buildroot}%{_rundir}/%{name}
|
|
|
|
# install db/ and contrib/ to datadir
|
|
mkdir -p %{buildroot}%{_datadir}/%{name}/contrib
|
|
cp -R db/ %{buildroot}%{_datadir}/%{name}
|
|
sed -i -e 's:/usr/local/bin/python:/usr/bin/python:' contrib/rddmarc/dmarcfail.py
|
|
cp -R contrib/rddmarc/ %{buildroot}%{_datadir}/%{name}/contrib
|
|
# not much point including the Makefiles
|
|
rm -f %{buildroot}%{_datadir}/%{name}/contrib/rddmarc/Makefile*
|
|
rm -f %{buildroot}%{_datadir}/%{name}/db/Makefile*
|
|
|
|
%pre
|
|
getent group %{name} >/dev/null || groupadd -r %{name}
|
|
getent passwd %{name} >/dev/null || \
|
|
useradd -r -g %{name} -G mail -d %{_rundir}/%{name} -s /sbin/nologin \
|
|
-c "%{upname} Milter" %{name}
|
|
exit 0
|
|
|
|
%post
|
|
%systemd_post %{name}.service
|
|
|
|
%preun
|
|
%systemd_preun %{name}.service
|
|
|
|
%postun
|
|
%systemd_postun_with_restart %{name}.service
|
|
|
|
%ldconfig_scriptlets -n libopendmarc
|
|
|
|
%files
|
|
%license LICENSE LICENSE.Sendmail
|
|
%doc README RELEASE_NOTES
|
|
%config(noreplace) %{_sysconfdir}/%{name}.conf
|
|
%config(noreplace) %{_sysconfdir}/tmpfiles.d/%{name}.conf
|
|
%config(noreplace) %{_sysconfdir}/sysconfig/%{name}
|
|
%{_datadir}/%{name}
|
|
%{_sbindir}/*
|
|
%{_mandir}/*/*
|
|
%dir %attr(-,%{name},%{name}) %{_localstatedir}/spool/%{name}
|
|
%dir %attr(710,%{name},mail) %{_rundir}/%{name}
|
|
%dir %attr(-,%{name},%{name}) %{_sysconfdir}/%{name}
|
|
%attr(0644,root,root) %{_unitdir}/%{name}.service
|
|
|
|
%files -n libopendmarc
|
|
%{_libdir}/lib%{name}.so.*
|
|
|
|
%files -n libopendmarc-devel
|
|
%doc lib%{name}/docs/*.html
|
|
%{_includedir}/%{name}
|
|
%{_libdir}/*.so
|
|
|
|
%changelog
|
|
* Mon May 06 2024 wangshuo <wangshuo@kylinos.cn> - 1.4.2-3
|
|
- Type:CVE
|
|
- ID:CVE-2024-25678
|
|
- SUG:NA
|
|
- DESC:fix CVE-2024-25678
|
|
|
|
* Wed Mar 1 2023 licihua <licihua@huawei.com> - 1.4.2-2
|
|
- DESC:https://gitee.com/src-openeuler/opendmarc/issues/I6IQJM
|
|
|
|
* Tue Oct 18 2022 openEuler Application <dev@openeuler.org> - 1.4.2-1
|
|
- DESC:Package init
|
|
|