rpms / openarc

Clone
Source Code
GIT

Blame openarc.spec

epel7 epel8 epel8-playground f28 f29 f30 f31 f32 f33 main rawhide
  1.   50271b58b9e90b0ba1baa78dd6b772fe08ab8f10
  2.   openarc.spec
Blob History Raw
366d11d 
%global systemd (0%{?fedora} >= 18) || (0%{?rhel} >= 7)
d885bd8 
# F21+ and RHEL8+ have systemd 211+ which offers RuntimeDirectory
d885bd8 
# use that instead of tmpfiles.d
d885bd8 
%global systemd_runtimedir (0%{?fedora} >= 21) || (0%{?rhel} >= 8)
d885bd8 
%global tmpfiles ((0%{?fedora} >= 15) || (0%{?rhel} == 7)) && !%{systemd_runtimedir}
366d11d
f932e75 
%global pre_rel Beta3
366d11d
366d11d 
Summary: An open source library and milter for providing ARC service
366d11d 
Name: openarc
366d11d 
Version: 1.0.0
65b15c0 
Release: %{?pre_rel:0.}11%{?pre_rel:.%pre_rel}%{?dist}.1
366d11d 
License: BSD and Sendmail
366d11d 
URL: https://github.com/trusteddomainproject/OpenARC
d885bd8 
# actually https://github.com/trusteddomainproject/OpenARC/archive/rel-openarc-1-0-0-Beta3.tar.gz but our local tarball is misnamed
d885bd8 
Source0:  openarc-1.0.0.Beta3.tar.gz
3f30750 
Patch0:   openarc-headerdebug.patch
366d11d
50271b5 
BuildRequires: make
366d11d 
BuildRequires: libtool gcc
366d11d 
BuildRequires: pkgconfig(openssl)
366d11d 
BuildRequires: pkgconfig(libbsd)
c5eb49b 
BuildRequires: pkgconfig(jansson)
366d11d
366d11d 
# sendmail-devel renamed for F25+
366d11d 
%if 0%{?fedora} > 25
366d11d 
BuildRequires: sendmail-milter-devel
366d11d 
%else
366d11d 
BuildRequires: sendmail-devel
366d11d 
%endif
366d11d
366d11d 
BuildRequires: autoconf
366d11d 
BuildRequires: automake
366d11d
366d11d 
Requires: lib%{name}%{?_isa} = %{version}-%{release}
366d11d 
Requires: libopenarc = %{version}-%{release}
366d11d 
Requires(pre): shadow-utils
366d11d 
%if %systemd
366d11d 
# Required for systemd
366d11d 
%{?systemd_requires}
366d11d 
BuildRequires: systemd
366d11d 
%else
366d11d 
# Required for SysV
366d11d 
Requires(post): chkconfig
366d11d 
Requires(preun): chkconfig, initscripts
366d11d 
%endif
366d11d
366d11d
366d11d 
%description
366d11d 
The Trusted Domain Project is a community effort to develop and maintain a
366d11d 
C library for producing ARC-aware applications and an open source milter for
366d11d 
providing ARC service through milter-enabled MTAs.
366d11d
366d11d 
%package -n libopenarc
366d11d 
Summary: An open source ARC library
366d11d
366d11d 
%description -n libopenarc
366d11d 
This package contains the library files required for running services built
366d11d 
using libopenarc.
366d11d
366d11d 
%package -n libopenarc-devel
366d11d 
Summary: Development files for libopenarc
366d11d 
Requires: lib%{name}%{?_isa} = %{version}-%{release}
366d11d
366d11d 
%description -n libopenarc-devel
366d11d 
This package contains the static libraries, headers, and other support files
366d11d 
required for developing applications against libopenarc.
366d11d
366d11d 
%prep
f932e75 
%autosetup -n OpenARC-rel-openarc-1-0-0-Beta3 -p1
cb85133
366d11d
366d11d 
%build
366d11d 
autoreconf --install
366d11d 
%configure --disable-static
366d11d 
%make_build
366d11d
366d11d 
%install
366d11d 
%make_install
52b7c04 
mkdir -p -m 0700 %{buildroot}%{_sysconfdir}/%{name}
216bd52 
mkdir -p -m 0750 %{buildroot}%{_rundir}/%{name}
366d11d 
rm -r %{buildroot}%{_prefix}/share/doc/openarc
366d11d 
rm %{buildroot}/%{_libdir}/*.la
366d11d
366d11d
366d11d 
cat > %{buildroot}%{_sysconfdir}/openarc.conf <
cbf214e 
## See openarc.conf(5) or %{_docdir}/%{name}%{?rhel:-%{version}}/openarc.conf.sample for more
216bd52 
PidFile %{_rundir}/%{name}/%{name}.pid
366d11d 
Syslog  yes
366d11d 
UserID  openarc:openarc
d885bd8 
Socket  local:%{_rundir}/%{name}/%{name}.sock
52b7c04 
SignHeaders to,subject,message-id,date,from,mime-version,dkim-signature
52b7c04 
PeerList %{_sysconfdir}/%{name}/PeerList
52b7c04 
MilterDebug 6
52b7c04 
EnableCoredumps yes
366d11d
366d11d 
## After setting Mode to "sv", running
366d11d 
## opendkim-genkey -D %{_sysconfdir}/openarc -s key -d `hostname --domain`
366d11d 
## and putting %{_sysconfdir}/openarc
52b7c04 
#Mode                    sv
366d11d 
#Canonicalization        relaxed/simple
366d11d 
#Domain                  example.com # change to domain
366d11d 
#Selector                key
366d11d 
#KeyFile                 %{_sysconfdir}/openarc/key.private
366d11d 
#SignatureAlgorithm rsa-sha256
366d11d 
EOF
366d11d
52b7c04 
# Don't sign or validate connections from localhost
52b7c04 
cat > %{buildroot}%{_sysconfdir}/%{name}/PeerList <
52b7c04 
127.0.0.1/32
52b7c04 
[::1]/128
52b7c04 
EOF
52b7c04 
chmod 0640 %{buildroot}%{_sysconfdir}/%{name}/PeerList
366d11d
366d11d 
%if %systemd
366d11d 
install -d -m 0755 %{buildroot}%{_unitdir}
366d11d 
cat > %{buildroot}%{_unitdir}/%{name}.service << 'EOF'
366d11d 
[Unit]
366d11d 
Description=Authenticated Receive Chain (ARC) Milter
366d11d 
Documentation=man:%{name}(8) man:%{name}.conf(5) http://www.trusteddomain.org/%{name}/
366d11d 
After=network.target nss-lookup.target syslog.target
366d11d
366d11d 
[Service]
366d11d 
Type=forking
d885bd8 
%if %{systemd_runtimedir}
d885bd8 
RuntimeDirectory=%{name}
d885bd8 
RuntimeDirectoryMode=0750
d885bd8 
%endif
216bd52 
PIDFile=%{_rundir}/%{name}/%{name}.pid
366d11d 
EnvironmentFile=-%{_sysconfdir}/sysconfig/%{name}
366d11d 
ExecStart=/usr/sbin/%{name} $OPTIONS
8300c6e 
ExecStartPost=/sbin/restorecon -r -F %{_rundir}/%{name}
366d11d 
ExecReload=/bin/kill -USR1 $MAINPID
366d11d 
User=%{name}
366d11d 
Group=%{name}
216bd52 
UMask=0007
216bd52 
ProtectSystem=strict
d885bd8 
ReadWritePaths=%{_rundir}/%{name}
216bd52 
ProtectHome=true
366d11d
366d11d 
[Install]
366d11d 
WantedBy=multi-user.target
366d11d 
EOF
366d11d 
%else
366d11d 
mkdir -p %{buildroot}%{_initrddir}
366d11d 
install -m 0755 contrib/init/redhat/%{name} %{buildroot}%{_initrddir}/%{name}
366d11d 
%endif
366d11d
366d11d 
%if %{tmpfiles}
366d11d 
install -p -d %{buildroot}%{_tmpfilesdir}
366d11d 
cat > %{buildroot}%{_tmpfilesdir}/%{name}.conf <
216bd52 
D %{_rundir}/%{name} 0750 %{name} %{name} -
366d11d 
EOF
366d11d 
%endif
366d11d
366d11d 
%pre
216bd52 
if ! getent passwd %{name} >/dev/null 2>&1; then
216bd52 
    %{_sbindir}/useradd -M -d %{_localstatedir}/lib/%{name} -r -s /sbin/nologin %{name}
216bd52 
    if ! getent group %{name} >/dev/null; then
216bd52 
        %{_sbindir}/groupadd %{name}
216bd52 
        %{_sbindir}/usermod -g %{name} %{name}
366d11d 
    fi
366d11d 
    if getent group mail >/dev/null; then
216bd52 
        %{_sbindir}/usermod -G mail %{name}
366d11d 
    fi
366d11d 
fi
366d11d 
exit 0
366d11d
366d11d
366d11d 
%post
366d11d
366d11d 
%if %systemd
366d11d 
%systemd_post %{name}.service
366d11d 
%else
366d11d 
/sbin/chkconfig --add %{name} || :
366d11d 
%endif
366d11d
366d11d
366d11d 
%preun
366d11d 
%if %systemd
366d11d 
%systemd_preun %{name}.service
366d11d 
%else
366d11d 
if [ $1 -eq 0 ]; then
366d11d 
    service %{name} stop >/dev/null || :
366d11d 
    /sbin/chkconfig --del %{name} || :
366d11d 
fi
366d11d 
exit 0
366d11d 
%endif
366d11d
366d11d 
%ldconfig_scriptlets -n libopenarc
366d11d
366d11d 
%files
366d11d 
%license LICENSE LICENSE.Sendmail
216bd52 
%doc README RELEASE_NOTES %{name}/%{name}.conf.sample
216bd52 
%dir %attr(0755,root,%{name}) %{_sysconfdir}/%{name}
216bd52 
%config(noreplace) %attr(0644,root,%{name}) %{_sysconfdir}/%{name}.conf
216bd52 
%config(noreplace) %attr(0440,%{name},%{name}) %{_sysconfdir}/%{name}/PeerList
366d11d
366d11d 
%if %{tmpfiles}
366d11d 
%{_tmpfilesdir}/%{name}.conf
d885bd8 
%endif
d885bd8 
%if !%{tmpfiles} && !%{systemd_runtimedir}
216bd52 
%dir %attr(0750,%{name},%{name}) %{_rundir}/%{name}
366d11d 
%endif
366d11d
366d11d 
%if %{systemd}
366d11d 
%{_unitdir}/%{name}.service
366d11d 
%else
366d11d 
%{_initrddir}/%{name}
366d11d 
%endif
366d11d 
%{_mandir}/*/*
366d11d 
%{_sbindir}/*
366d11d
366d11d
366d11d 
%files -n libopenarc
366d11d 
%license LICENSE LICENSE.Sendmail
366d11d 
%{_libdir}/*.so.0
366d11d 
%{_libdir}/*.so.0.0.0
366d11d
366d11d 
%files -n libopenarc-devel
366d11d 
%{_includedir}/*
366d11d 
%{_libdir}/*.so
366d11d 
%{_libdir}/pkgconfig/*.pc
366d11d
366d11d 
%changelog
65b15c0 
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.0-0.11.Beta3.1
65b15c0 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
65b15c0
8300c6e 
* Mon May 18 2020 Matt Domsch <mdomsch@fedoraproject.org> - 1.0.0-0.11.Beta3
8300c6e 
- set selinux labels on /run/openarc
8300c6e 
- restore selinux labels at service start
8300c6e
3f30750 
* Fri May 15 2020 Matt Domsch <mdomsch@fedoraproject.org> - 1.0.0-0.10.Beta3
3f30750 
- add headerdebug patch
3f30750
d885bd8 
* Fri May 1 2020 Matt Domsch <mdomsch@fedoraproject.org> - 1.0.0-0.9.Beta3
d885bd8 
- fix typo in systemd service file
d885bd8 
- use RuntimeDirectory and RuntimeDirectoryMode when systemd 211 or higher is present
d885bd8 
  rather than tmpfiles.d.
d885bd8 
- use ReadWritePaths to ensure our temp directory is writable with ProtectSystem=strict
d885bd8
216bd52 
* Tue Apr 21 2020 Matt Domsch <mdomsch@fedoraproject.org> - 1.0.0-0.8.Beta3
216bd52 
- packaging suggestions from
216bd52 
  https://github.com/trusteddomainproject/OpenARC/pull/103#issuecomment-574367733
216bd52 
- use systemd service ProtectHome and ProtectSystem
216bd52
5d0c59b 
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.0-0.7.Beta3.1
5d0c59b 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
5d0c59b
73cecdf 
* Mon Dec  2 2019 Tim Landscheidt <tim@tim-landscheidt.de> - 1.0.0-0.7.Beta3
73cecdf 
- Remove obsolete requirement for %%postun scriptlet
73cecdf
c5eb49b 
* Mon Dec  2 2019 Matt Domsch <mdomsch@fedoraproject.org> - 1.0.0-0.6.Beta3
f932e75 
- Upstream beta3
a07d261 
- Add dependency on janusson-devel, needed for new SealHeaderChecks config option
f932e75
4eb0073 
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.0-0.5.Beta2.1
4eb0073 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
4eb0073
cb85133 
* Mon Feb 11 2019 Matt Domsch
cb85133 
- Upstream beta2, drop merged patch
cb85133
4d62f76 
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.0-0.1.Beta1.1
4d62f76 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
4d62f76
4fd0f3d 
* Fri Sep 28 2018 Matt Domsch <matt@domsch.com> 1.0.0-0.1.Beta1
4fd0f3d 
- Upstream beta1
4fd0f3d
f67d473 
* Sat Sep 22 2018 Matt Domsch <matt@domsch.com> 1.0.0-0.4.Beta0
f67d473 
- fix ownership of openarc.conf and PeerList files
f67d473
cbf214e 
* Sat Sep 22 2018 Matt Domsch <matt@domsch.com> 1.0.0-0.3.Beta0
cbf214e 
- replace header generation patch with upstream fix
cbf214e 
- apply specfile fixes from https://github.com/trusteddomainproject/OpenARC/pull/103
cbf214e
fb9168e 
* Mon Sep 10 2018 Matt Domsch <matt@domsch.com> 1.0.0-0.2.Beta0
52b7c04 
- Own /etc/openarc/
52b7c04 
- improve default config file, add default PeerList config
52b7c04
366d11d 
* Wed Jul 11 2018 Xavier Bachelot <xavier@bachelot.org> 1.0.0-0.1.Beta0
366d11d 
- Specfile clean up.
366d11d 
- Update to 1.0.0 beta 0.
366d11d
366d11d 
* Sun Jul 23 2017  Matt Domsch <matt@domsch.com> 0.1.0-1
366d11d 
- update to Fedora Packaging Guidelines
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.