[mail-filter/amavisd-new] add from PR
This commit is contained in:
parent
fb746c5923
commit
6856c25916
1
mail-filter/amavisd-new/Manifest
Normal file
1
mail-filter/amavisd-new/Manifest
Normal file
@ -0,0 +1 @@
|
|||||||
|
DIST amavis-v2.13.0.tar.bz2 890721 BLAKE2B ceb2d020a9066b530a7a05de30c1a3483010f018e9344a354a6a372581bc6442ac74990b733cf4fd4d2e63d3adfe7140ebaca7d050becb69cc26cd010d032afd SHA512 b4d623b212bd2bbdcd192cee603941af3854bcd6c09ed1d6194138c0d7e10160ab1fece821bdd134ae86a1f8e5ccd4b3f92643f2f2b4c73c3f0c1e30e4b97441
|
267
mail-filter/amavisd-new/amavisd-new-2.13.0.ebuild
Normal file
267
mail-filter/amavisd-new/amavisd-new-2.13.0.ebuild
Normal file
@ -0,0 +1,267 @@
|
|||||||
|
# Copyright 1999-2023 Gentoo Authors
|
||||||
|
# Distributed under the terms of the GNU General Public License v2
|
||||||
|
|
||||||
|
EAPI=8
|
||||||
|
|
||||||
|
inherit systemd perl-module
|
||||||
|
|
||||||
|
DESCRIPTION="High-performance interface between the MTA and content checkers"
|
||||||
|
HOMEPAGE="https://gitlab.com/amavis/amavis"
|
||||||
|
SRC_URI="https://gitlab.com/amavis/amavis/-/archive/v${PV}/amavis-v${PV}.tar.bz2"
|
||||||
|
|
||||||
|
LICENSE="GPL-2 BSD-2"
|
||||||
|
SLOT="0"
|
||||||
|
KEYWORDS="~amd64 ~x86"
|
||||||
|
IUSE="clamav dkim ldap mysql postgres razor rspamd rspamd-https selinux snmp spamassassin test"
|
||||||
|
RESTRICT="!test? ( test )"
|
||||||
|
REQUIRED_USE="test? ( spamassassin )"
|
||||||
|
|
||||||
|
MY_RSPAMD_DEPEND="dev-perl/HTTP-Message
|
||||||
|
dev-perl/JSON
|
||||||
|
dev-perl/LWP-UserAgent-Determined"
|
||||||
|
DEPEND="acct-user/amavis"
|
||||||
|
RDEPEND="${DEPEND}
|
||||||
|
app-arch/arc
|
||||||
|
app-arch/bzip2
|
||||||
|
app-arch/cabextract
|
||||||
|
app-arch/cpio
|
||||||
|
app-arch/gzip
|
||||||
|
app-arch/lha
|
||||||
|
app-arch/lrzip
|
||||||
|
app-arch/lzop
|
||||||
|
app-arch/p7zip
|
||||||
|
app-arch/pax
|
||||||
|
app-arch/arj
|
||||||
|
app-arch/unrar
|
||||||
|
app-arch/xz-utils
|
||||||
|
app-arch/zoo
|
||||||
|
dev-lang/perl:*
|
||||||
|
dev-perl/Archive-Zip
|
||||||
|
dev-perl/BerkeleyDB
|
||||||
|
dev-perl/Convert-BinHex
|
||||||
|
dev-perl/File-LibMagic
|
||||||
|
dev-perl/IO-Socket-SSL
|
||||||
|
dev-perl/IO-stringy
|
||||||
|
>=dev-perl/Mail-DKIM-0.31
|
||||||
|
>=dev-perl/MailTools-1.58
|
||||||
|
>=dev-perl/MIME-tools-5.415
|
||||||
|
dev-perl/Net-LibIDN2
|
||||||
|
>=dev-perl/Net-Server-0.91
|
||||||
|
dev-perl/Net-SSLeay
|
||||||
|
dev-perl/Unix-Syslog
|
||||||
|
net-mail/ripole
|
||||||
|
net-mail/tnef
|
||||||
|
>=sys-apps/coreutils-5.0-r3
|
||||||
|
>=sys-libs/db-4.4.20
|
||||||
|
virtual/mta
|
||||||
|
virtual/perl-Compress-Raw-Zlib
|
||||||
|
virtual/perl-Digest-MD5
|
||||||
|
virtual/perl-File-Temp
|
||||||
|
virtual/perl-IO-Compress
|
||||||
|
virtual/perl-IO-Socket-IP
|
||||||
|
virtual/perl-MIME-Base64
|
||||||
|
virtual/perl-Time-HiRes
|
||||||
|
clamav? ( app-antivirus/clamav )
|
||||||
|
ldap? ( >=dev-perl/perl-ldap-0.33 )
|
||||||
|
mysql? ( dev-perl/DBD-mysql )
|
||||||
|
postgres? ( dev-perl/DBD-Pg )
|
||||||
|
razor? ( mail-filter/razor )
|
||||||
|
rspamd? ( ${MY_RSPAMD_DEPEND} )
|
||||||
|
rspamd-https? ( ${MY_RSPAMD_DEPEND}
|
||||||
|
dev-perl/LWP-Protocol-https
|
||||||
|
dev-perl/Net-SSLeay )
|
||||||
|
selinux? ( sec-policy/selinux-amavis )
|
||||||
|
snmp? ( net-analyzer/net-snmp[perl] )
|
||||||
|
spamassassin? ( mail-filter/spamassassin dev-perl/Image-Info )"
|
||||||
|
|
||||||
|
BDEPEND="${RDEPEND}
|
||||||
|
dev-perl/Dist-Zilla
|
||||||
|
virtual/perl-ExtUtils-MakeMaker
|
||||||
|
test? (
|
||||||
|
virtual/perl-Test-Harness
|
||||||
|
dev-perl/Test-Class
|
||||||
|
dev-perl/DBI
|
||||||
|
dev-perl/perl-ldap
|
||||||
|
dev-perl/NetAddr-IP
|
||||||
|
dev-perl/Test-Most
|
||||||
|
)"
|
||||||
|
|
||||||
|
AMAVIS_ROOT="/var/lib/amavishome"
|
||||||
|
S="${WORKDIR}/amavis-v${PV}"
|
||||||
|
|
||||||
|
dzil_to_distdir() {
|
||||||
|
local dzil_root dest has_missing modname dzil_version
|
||||||
|
dzil_root="$1"
|
||||||
|
dest="$2"
|
||||||
|
|
||||||
|
cd "${dzil_root}" || die "Can't enter workdir '${dzil_root}'";
|
||||||
|
|
||||||
|
dzil_version="$(dzil version)" || die "Error invoking 'dzil version'"
|
||||||
|
einfo "Generating CPAN dist with ${dzil_version}"
|
||||||
|
|
||||||
|
has_missing=""
|
||||||
|
|
||||||
|
einfo "Checking dzil authordeps"
|
||||||
|
while IFS= read -d $'\n' -r modname; do
|
||||||
|
if [[ -z "${has_missing}" ]]; then
|
||||||
|
has_missing=1
|
||||||
|
eerror "'dzil authordeps' indicates missing build dependencies"
|
||||||
|
eerror "These will prevent building, please report a bug"
|
||||||
|
eerror "Missing:"
|
||||||
|
fi
|
||||||
|
S= eerror " ${modname}"
|
||||||
|
done < <( dzil authordeps --missing --versions )
|
||||||
|
|
||||||
|
[[ -z "${has_missing}" ]] || die "Satisfy all missing authordeps first"
|
||||||
|
|
||||||
|
einfo "Checking dzil build deps"
|
||||||
|
while IFS= read -d $'\n' -r modname; do
|
||||||
|
if [[ -z "${has_missing}" ]]; then
|
||||||
|
has_missing=1
|
||||||
|
ewarn "'dzil listdeps' indicates missing build dependencies"
|
||||||
|
ewarn "These may prevent building, please report a bug if they do"
|
||||||
|
ewarn "Missing:"
|
||||||
|
fi
|
||||||
|
ewarn " ${modname}"
|
||||||
|
done < <( dzil listdeps --missing --versions --author )
|
||||||
|
|
||||||
|
einfo "Generating release"
|
||||||
|
dzil build --notgz --in "${dest}" || die "Unable to build CPAN dist in '${dest}'"
|
||||||
|
}
|
||||||
|
|
||||||
|
src_prepare() {
|
||||||
|
# perl-module doesn't account for this being a directory
|
||||||
|
mv README_FILES READ_FILES || die
|
||||||
|
|
||||||
|
# We need to fix the daemon_user and daemon_group in amavis-mc even
|
||||||
|
# though we're going to run it in the foreground, because it calls
|
||||||
|
# "drop_priv" unconditionally and will crash if its user/group
|
||||||
|
# doesn't exist.
|
||||||
|
sed -i \
|
||||||
|
-e '/daemon/s/vscan/amavis/' \
|
||||||
|
-e "s:'/var/virusmails':\"\$MYHOME/quarantine\":" \
|
||||||
|
"${S}/conf/amavisd.conf" "${S}/bin/amavis-mc" || die "missing conf file"
|
||||||
|
|
||||||
|
if ! use dkim ; then
|
||||||
|
sed -i -e '/enable_dkim/s/1/0/' "${S}/conf/amavisd.conf" \
|
||||||
|
|| die "missing conf file - dkim"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if ! use spamassassin ; then
|
||||||
|
sed -i -e \
|
||||||
|
"/^#[[:space:]]*@bypass_spam_checks_maps[[:space:]]*=[[:space:]]*(1)/s/^#//" \
|
||||||
|
"${S}/conf/amavisd.conf" || die "missing conf file - sa"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# needs ZMQ::LibZMQ3 which only suports net-libs/zeromq-3*,
|
||||||
|
# long since removed from tree
|
||||||
|
perl_rm_files t/Amavis/ZMQTest.t
|
||||||
|
sed -e '/^ZMQ::LibZMQ3 =/d' \
|
||||||
|
-i dist.ini || die "Can't patch dist.ini"
|
||||||
|
|
||||||
|
rm bin/{amavis-services,amavis-mc,amavisd-snmp-subagent-zmq}
|
||||||
|
|
||||||
|
if ! use snmp ; then
|
||||||
|
rm bin/amavisd-snmp-subagent
|
||||||
|
fi
|
||||||
|
|
||||||
|
eapply_user
|
||||||
|
|
||||||
|
# prevent distdir-in-distdir
|
||||||
|
mv "${S}" "${T}" || die
|
||||||
|
dzil_to_distdir "${T}/amavis-v${PV}" "${S}"
|
||||||
|
|
||||||
|
perl-module_src_prepare
|
||||||
|
}
|
||||||
|
|
||||||
|
src_test() {
|
||||||
|
prove -lr t || die
|
||||||
|
}
|
||||||
|
|
||||||
|
src_install() {
|
||||||
|
perl-module_src_install
|
||||||
|
mkdir "${ED}"/usr/sbin
|
||||||
|
mv "${ED}"/usr/bin/amavisd "${ED}"/usr/sbin/amavisd || die
|
||||||
|
mv "${ED}"/usr/bin/amavisd-agent "${ED}"/usr/sbin/amavisd-agent || die
|
||||||
|
mv "${ED}"/usr/bin/amavisd-nanny "${ED}"/usr/sbin/amavisd-nanny || die
|
||||||
|
mv "${ED}"/usr/bin/amavisd-release "${ED}"/usr/sbin/amavisd-release || die
|
||||||
|
mv "${ED}"/usr/bin/amavisd-signer "${ED}"/usr/sbin/amavisd-signer || die
|
||||||
|
mv "${ED}"/usr/bin/amavisd-status "${ED}"/usr/sbin/amavisd-status || die
|
||||||
|
dobin contrib/p0f-analyzer.pl
|
||||||
|
|
||||||
|
if use snmp ; then
|
||||||
|
mv "${ED}"/usr/bin/amavisd-snmp-subagent "${ED}"/usr/sbin/amavisd-snmp-subagent || die
|
||||||
|
newinitd "${FILESDIR}/amavisd-snmp-subagent.initd" \
|
||||||
|
amavisd-snmp-subagent
|
||||||
|
dodoc AMAVIS-MIB.txt
|
||||||
|
fi
|
||||||
|
|
||||||
|
perl_fix_packlist
|
||||||
|
|
||||||
|
if use ldap ; then
|
||||||
|
insinto /etc/openldap/schema
|
||||||
|
newins contrib/LDAP.schema "${PN}.schema"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# The config file should be root:amavis so that the amavis user can
|
||||||
|
# read (only) it after dropping privileges. And of course he should
|
||||||
|
# own everything in his home directory.
|
||||||
|
insinto /etc
|
||||||
|
insopts -m0640 -g amavis
|
||||||
|
doins conf/amavisd.conf
|
||||||
|
|
||||||
|
# Implementation detail? Keepdir calls dodir under the hood.
|
||||||
|
diropts -o amavis -g amavis
|
||||||
|
keepdir "${AMAVIS_ROOT}"/{,db,quarantine,tmp,var}
|
||||||
|
|
||||||
|
# BEWARE:
|
||||||
|
#
|
||||||
|
# Anything below this line is using the mangled insopts/diropts from
|
||||||
|
# above!
|
||||||
|
#
|
||||||
|
|
||||||
|
newinitd "${FILESDIR}/amavisd.initd-r2" amavisd
|
||||||
|
|
||||||
|
systemd_newunit "${FILESDIR}/amavisd.service-r1" amavisd.service
|
||||||
|
|
||||||
|
dodoc AAAREADME.first RELEASE_NOTES TODO \
|
||||||
|
conf/amavisd.conf-default conf/amavisd-custom.conf \
|
||||||
|
conf/amavisd-docker.conf
|
||||||
|
|
||||||
|
docinto README_FILES
|
||||||
|
dodoc READ_FILES/README*
|
||||||
|
dodoc -r READ_FILES/*.{html,css}
|
||||||
|
docinto README_FILES/images
|
||||||
|
dodoc READ_FILES/images/*.png
|
||||||
|
docinto README_FILES/images/callouts
|
||||||
|
dodoc READ_FILES/images/callouts/*.png
|
||||||
|
|
||||||
|
docinto test-messages
|
||||||
|
dodoc t/messages/README
|
||||||
|
dodoc t/messages/sample.tar.gz.compl
|
||||||
|
}
|
||||||
|
|
||||||
|
pkg_preinst() {
|
||||||
|
# TODO: the following is done as root, but should probably be done
|
||||||
|
# as the amavis user.
|
||||||
|
if use razor ; then
|
||||||
|
if [ ! -d "${ROOT}${AMAVIS_ROOT}/.razor" ] ; then
|
||||||
|
elog "Setting up initial razor config files..."
|
||||||
|
|
||||||
|
razor-admin -create -home="${D}/${AMAVIS_ROOT}/.razor"
|
||||||
|
sed -i -e "s:debuglevel\([ ]*\)= .:debuglevel\1= 0:g" \
|
||||||
|
"${D}/${AMAVIS_ROOT}/.razor/razor-agent.conf" || die
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
pkg_postinst() {
|
||||||
|
local d="/var/amavis"
|
||||||
|
if [ -d ${d} ]; then
|
||||||
|
elog "Existing data found. Please make sure to manually copy it to amavis' new"
|
||||||
|
elog "home directory by executing the following command as root from a shell:"
|
||||||
|
elog
|
||||||
|
elog " cp -a ${d}/* ${d}/.??* ${AMAVIS_ROOT}/ && rm -r ${d}"
|
||||||
|
elog
|
||||||
|
fi
|
||||||
|
}
|
25
mail-filter/amavisd-new/files/amavisd-snmp-subagent.initd
Normal file
25
mail-filter/amavisd-new/files/amavisd-snmp-subagent.initd
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
#!/sbin/openrc-run
|
||||||
|
# Copyright 1999-2018 Gentoo Authors
|
||||||
|
# Distributed under the terms of the GNU General Public License v2
|
||||||
|
|
||||||
|
command="/usr/sbin/amavisd-snmp-subagent"
|
||||||
|
pidfile="/run/${RC_SVCNAME}.pid"
|
||||||
|
|
||||||
|
# The RELEASE_NOTES say "it is safe to run it as root, although
|
||||||
|
# perhaps not necessary." I'm not in a position to test, but I bet
|
||||||
|
# it's safe to run this as amavis:amavis. Since the program itself
|
||||||
|
# doesn't have the ability to drop privileges, we'd have to let OpenRC
|
||||||
|
# do that; and in that case, the easiest way to deal with the PID file
|
||||||
|
# is to let OpenRC handle that, too.
|
||||||
|
#
|
||||||
|
# Thus as a means of future-proofing, we run $command in the
|
||||||
|
# foreground, and let OpenRC background it and write a PID file. So
|
||||||
|
# if somebody wants to try command_user="amavis:amavis" here, it might
|
||||||
|
# just work.
|
||||||
|
command_args="-f"
|
||||||
|
command_background="true"
|
||||||
|
|
||||||
|
depend() {
|
||||||
|
use logger
|
||||||
|
before amavisd-new snmpd
|
||||||
|
}
|
42
mail-filter/amavisd-new/files/amavisd.initd-r2
Normal file
42
mail-filter/amavisd-new/files/amavisd.initd-r2
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
#!/sbin/openrc-run
|
||||||
|
# Copyright 1999-2018 Gentoo Authors
|
||||||
|
# Distributed under the terms of the GNU General Public License v2
|
||||||
|
|
||||||
|
extra_started_commands="reload"
|
||||||
|
command="/usr/sbin/${RC_SVCNAME}"
|
||||||
|
pidfile="/run/${RC_SVCNAME}.pid"
|
||||||
|
|
||||||
|
# Why run in the foreground? Typically amavisd will drop privileges
|
||||||
|
# and then write its own PID file in its home directory. This is fine
|
||||||
|
# so long as you use e.g. "amavisd stop" to stop the daemon. But, we
|
||||||
|
# want to use start-stop-daemon to do it. And start-stop-daemon will
|
||||||
|
# send a signal *as root* to the PID contained in the PID file. So, we
|
||||||
|
# don't want to rely on a PID file that's controlled by a non-root
|
||||||
|
# user.
|
||||||
|
#
|
||||||
|
# As a workaround, we run amavisd in the foreground, and let
|
||||||
|
# start-stop-daemon push it into the background with its own PID
|
||||||
|
# file. We don't pass "-P" via command_args below because we don't
|
||||||
|
# want amavisd to try (and fail) to create that PID file. This does
|
||||||
|
# mean that you can't run "amavisd stop" or "amavisd reload" directly;
|
||||||
|
# sorry!
|
||||||
|
command_args="foreground"
|
||||||
|
command_background="true"
|
||||||
|
|
||||||
|
# The amavisd daemon provides its own "stop" and "reload" functions,
|
||||||
|
# but if you read into the source, they just do what start-stop-daemon
|
||||||
|
# is going to do anyway. The "stop" command for amavisd will send a
|
||||||
|
# SIGTERM immediately, and then a SIGKILL after 60 seconds. So, we do
|
||||||
|
# that too. The "reload" command sends a SIGHUP; see reload() below.
|
||||||
|
retry="SIGTERM/15 SIGKILL/60"
|
||||||
|
|
||||||
|
depend() {
|
||||||
|
use net logger antivirus snmpd
|
||||||
|
before mta
|
||||||
|
}
|
||||||
|
|
||||||
|
reload() {
|
||||||
|
ebegin "Reloading ${RC_SVCNAME}"
|
||||||
|
start-stop-daemon --signal HUP --pidfile "${pidfile}"
|
||||||
|
eend $?
|
||||||
|
}
|
21
mail-filter/amavisd-new/files/amavisd.service-r1
Normal file
21
mail-filter/amavisd-new/files/amavisd.service-r1
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=Amavisd Daemon
|
||||||
|
Before=postfix.service
|
||||||
|
After=clamd.service
|
||||||
|
After=network.target
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
User=amavis
|
||||||
|
Group=amavis
|
||||||
|
ExecStart=/usr/sbin/amavisd -c /etc/amavisd.conf foreground
|
||||||
|
ExecReload=/usr/sbin/amavisd -c /etc/amavisd.conf reload
|
||||||
|
PrivateTmp=true
|
||||||
|
CapabilityBoundingSet=
|
||||||
|
ProtectSystem=full
|
||||||
|
NoNewPrivileges=true
|
||||||
|
PrivateDevices=true
|
||||||
|
ProtectHome=true
|
||||||
|
MemoryDenyWriteExecute=true
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
17
mail-filter/amavisd-new/metadata.xml
Normal file
17
mail-filter/amavisd-new/metadata.xml
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
|
||||||
|
<pkgmetadata>
|
||||||
|
<!-- maintainer-needed -->
|
||||||
|
<use>
|
||||||
|
<flag name="courier">Add courier support</flag>
|
||||||
|
<flag name="dkim">Add DomainKeys Identified Mail support</flag>
|
||||||
|
<flag name="qmail">Add qmail support</flag>
|
||||||
|
<flag name="razor">Add support for <pkg>mail-filter/razor</pkg></flag>
|
||||||
|
<flag name="rspamd">Add support for <pkg>mail-filter/rspamd</pkg> extension (HTTP only)</flag>
|
||||||
|
<flag name="rspamd-https">Add support for <pkg>mail-filter/rspamd</pkg> extension (both HTTP and HTTPS)</flag>
|
||||||
|
<flag name="spamassassin">Add support for <pkg>mail-filter/spamassassin</pkg></flag>
|
||||||
|
</use>
|
||||||
|
<upstream>
|
||||||
|
<remote-id type="gitlab">amavis/amavis</remote-id>
|
||||||
|
</upstream>
|
||||||
|
</pkgmetadata>
|
Loading…
Reference in New Issue
Block a user