stevej pushed to opendkim (el5). "Update to 2.10.1-1"

notifications at fedoraproject.org notifications at fedoraproject.org
Wed Mar 25 18:42:34 UTC 2015 

>From d66c980fc3917bca6b661ae0e6e290c9e2618e22 Mon Sep 17 00:00:00 2001
From: stevejenkins <steve at stevejenkins.com>
Date: Tue, 3 Mar 2015 19:47:55 -0800
Subject: Update to 2.10.1-1


diff --git a/.gitignore b/.gitignore
index 34ae57d..ba25e6e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -16,3 +16,4 @@
 /opendkim.autocreate-keys-no.patch
 /opendkim.keygen-permissions.patch
 /opendkim.systemd-no-default-genkey.patch
+/opendkim-2.10.1.tar.gz
diff --git a/opendkim.spec b/opendkim.spec
index bbb58ec..0e2f152 100644
--- a/opendkim.spec
+++ b/opendkim.spec
@@ -4,8 +4,8 @@
 
 Summary: A DomainKeys Identified Mail (DKIM) milter to sign and/or verify mail
 Name: opendkim
-Version: 2.9.2
-Release: 3%{?dist}
+Version: 2.10.1
+Release: 1%{?dist}
 License: BSD and Sendmail
 URL: http://opendkim.org/
 Group: System Environment/Daemons
@@ -26,18 +26,16 @@ BuildRequires: libmemcached-devel
 #Requires (postun): initscripts
 #BuildRequires: db4-devel
 
+# Required for all versions
 BuildRequires: libbsd
 BuildRequires: libbsd-devel
 BuildRequires: pkgconfig
 BuildRequires: openssl-devel
 BuildRequires: sendmail-devel
-BuildRequires: unbound-devel
 
 Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz
 
-Patch0: %{name}.keygen-permissions.patch
-Patch1: %{name}.autocreate-keys-no.patch
-Patch2: %{name}.systemd-no-default-genkey.patch
+# Patch0: %{name}.patchname.patch
 
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
@@ -81,12 +79,10 @@ It is not required when the init system used is systemd.
 
 %prep
 %setup -q
-%patch0 -p1
-%patch1 -p1
-%patch2 -p1
+#%patch0 -p1
 
 %build
-%configure --with-unbound --with-libmemcached --with-db
+%configure --with-libmemcached --with-db
 sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
 sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
 
@@ -191,9 +187,6 @@ cat > %{buildroot}%{_sysconfdir}/sysconfig/%{name} << 'EOF'
 # Set the necessary startup options
 OPTIONS="-x %{_sysconfdir}/%{name}.conf -P %{_localstatedir}/run/%{name}/%{name}.pid"
 
-# Determine whether default DKIM keys are automatically created on start (deprecated)
-# AUTOCREATE_DKIM_KEYS=YES
-
 # Set the default DKIM selector
 DKIM_SELECTOR=default
 
@@ -250,6 +243,86 @@ cat > %{buildroot}%{_sysconfdir}/%{name}/TrustedHosts << 'EOF'
 #192.168.1.0/24
 EOF
 
+cat > README.fedora << 'EOF'
+#####################################
+#FEDORA-SPECIFIC README FOR OPENDKIM#
+#####################################
+Last updated: Mar 3, 2015 by Steve Jenkins (steve at stevejenkins.com)
+
+Generating keys for OpenDKIM
+============================
+After installing the opendkim package, you MUST generate a pair of keys (public and private) before
+attempting to start the opendkim service.
+
+A valid private key must exist in the location expected by /etc/opendkim.conf before the service will start.
+
+A matching public key must be included in your domain's DNS records before remote systems can validate
+your outgoing mail's DKIM signature.
+
+
+Generating Keys Automatically
+=============================
+To automatically create a pair of default keys for the local domain, do:
+
+% sudo /usr/sbin/opendkim-default-keygen
+
+The default keygen script will attempt to fetch the local domain name, generate a private and public key for
+the domain, then save them in /etc/opendkim/keys as default.private and default.txt with the proper
+ownership and permissions.
+
+NOTE: The default key generation script MUST be run by a privileged user (or root). Otherwise, the resulting
+private key ownership and permissions will not be correct.
+
+
+Generating Keys Manually
+========================
+A privileged user (or root) can manually generate a set of keys by doing the following:
+
+1) Create a directory to store the new keys:
+
+% sudo mkdir /etc/opendkim/keys/example.com
+
+2) Generate keys in that directory for a specific domain name and selector:
+
+% sudo /usr/sbin/opendkim-genkey -D /etc/opendkim/keys/example.com/ -d example.com -s default
+
+3) Set the proper ownership for the directory and private key:
+
+% sudo chown -R root:opendkim /etc/opendkim/keys/example.com
+
+4) Set secure permissions for the private key:
+
+% sudo chmod 640 /etc/opendkim/keys/example.com/default.private
+
+5) Set standard permissions for the public key:
+
+% sudo chmod 644 /etc/opendkim/keys/example.com/default.txt
+
+
+Updating Key Location(s) in Configuration Files
+===============================================
+If you run the opendkim-default-keygen script, the default keys will be saved in /etc/opendkim/keys as
+default.private and default.txt, which is the location expected by the default /etc/opendkim.conf file.
+
+If you manually generate your own keys, you must update the key location and name in /etc/opendkim.conf
+before attempting to start the opendkim service.
+
+
+Additional Configuration Help
+=============================
+For help configuring your MTA (Postfix, Sendmail, etc.) with OpenDKIM, setting up DNS records with your
+public DKIM key, as well as instructions on configuring OpenDKIM to sign outgoing mail for multiple
+domains, follow the how-to at:
+
+http://wp.me/p1iGgP-ou
+
+Official documentation for OpenDKIM is available at http://opendkim.org/
+
+OpenDKIM mailing lists are available at http://lists.opendkim.org/
+
+###
+EOF
+
 install -p -d %{buildroot}%{_sysconfdir}/tmpfiles.d
 cat > %{buildroot}%{_sysconfdir}/tmpfiles.d/%{name}.conf <<'EOF'
 D %{_localstatedir}/run/%{name} 0700 %{name} %{name} -
@@ -314,7 +387,6 @@ fi
 exit 0
 
 %triggerun -- %{name} < 2.8.0-1
-/usr/bin/systemd-sysv-convert --save %{name} >/dev/null 2>&1 || :
 /bin/systemctl enable %{name}.service >/dev/null 2>&1
 /sbin/chkconfig --del %{name} >/dev/null 2>&1 || :
 /bin/systemctl try-restart %{name}.service >/dev/null 2>&1 || :
@@ -335,19 +407,19 @@ rm -rf %{buildroot}
 %doc contrib/convert/convert_keylist.sh %{name}/*.sample
 %doc %{name}/%{name}.conf.simple-verify %{name}/%{name}.conf.simple
 %doc %{name}/README contrib/lua/*.lua
-%doc contrib/stats/README.%{name}-reportstats
+%doc README.fedora
 %config(noreplace) %{_sysconfdir}/%{name}.conf
 %config(noreplace) %{_sysconfdir}/tmpfiles.d/%{name}.conf
-%config(noreplace) %attr(640,root,%{name}) %{_sysconfdir}/%{name}/SigningTable
-%config(noreplace) %attr(640,root,%{name}) %{_sysconfdir}/%{name}/KeyTable
-%config(noreplace) %attr(640,root,%{name}) %{_sysconfdir}/%{name}/TrustedHosts
+%config(noreplace) %attr(640,%{name},%{name}) %{_sysconfdir}/%{name}/SigningTable
+%config(noreplace) %attr(640,%{name},%{name}) %{_sysconfdir}/%{name}/KeyTable
+%config(noreplace) %attr(640,%{name},%{name}) %{_sysconfdir}/%{name}/TrustedHosts
 %config(noreplace) %{_sysconfdir}/sysconfig/%{name}
 %{_sbindir}/*
 %{_mandir}/*/*
 %dir %attr(-,%{name},%{name}) %{_localstatedir}/spool/%{name}
 %dir %attr(-,%{name},%{name}) %{_localstatedir}/run/%{name}
 %dir %attr(-,root,%{name}) %{_sysconfdir}/%{name}
-%dir %attr(750,root,%{name}) %{_sysconfdir}/%{name}/keys
+%dir %attr(750,%name,%{name}) %{_sysconfdir}/%{name}/keys
 %attr(0644,root,root) %{_unitdir}/%{name}.service
 %attr(0755,root,root) %{_sbindir}/%{name}-default-keygen
 
@@ -369,10 +441,19 @@ rm -rf %{buildroot}
 %{_libdir}/pkgconfig/*.pc
 
 %changelog
+* Tue Mar 03 2015 Steve Jenkins <steve at stevejenkins.com> - 2.10.1-1
+- Updated to use newer upstream 2.10.1 source code
+
+* Tue Dec 09 2014 Steve Jenkins <steve at stevejenkins.com> - 2.10.0-1
+- Updated to use newer upstream 2.10.0 source code
+- Removed unbound compile option due to orphaned upstream dependency
+- Removed AUTOCREATE_DKIM_KEYS option
+- Added README.fedora with basic key generation and config instructions
+
 * Sun Aug 17 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.9.2-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
 
-* Mon Aug 4 2014 Steve Jenkins <steve at stevejenkins.com> - 2.9.2-2
+* Mon Aug 04 2014 Steve Jenkins <steve at stevejenkins.com> - 2.9.2-2
 - Change file ownerships/permissions to fix https://bugzilla.redhat.com/show_bug.cgi?id=891292
 - Default keys no longer created on startup. Privileged user must run opendkim-default-keygen or create manually (after install)
 
diff --git a/sources b/sources
index 6c5f0b5..5c703a9 100644
--- a/sources
+++ b/sources
@@ -1,4 +1 @@
-80043a5147ae4ff2feb7f8d32ed2ccac  opendkim.autocreate-keys-no.patch
-a6a9c36328a9b4c18f5fca19e3b1aabc  opendkim.keygen-permissions.patch
-4f9d50fcd8428c280b2a4739cf4b8492  opendkim.systemd-no-default-genkey.patch
-08cc80a2aedec62b0444d8d6af24a155  opendkim-2.9.2.tar.gz
+e75c2944634f875a301d85ab30c2d094  opendkim-2.10.1.tar.gz
-- 
cgit v0.10.2


	http://pkgs.fedoraproject.org/cgit/opendkim.git/commit/?h=el5&id=d66c980fc3917bca6b661ae0e6e290c9e2618e22

More information about the scm-commits mailing list