Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package opendkim for openSUSE:Factory checked in at 2021-07-07 18:30:40 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/opendkim (Old) and /work/SRC/openSUSE:Factory/.opendkim.new.2625 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "opendkim" Wed Jul 7 18:30:40 2021 rev:5 rq:904570 version:unknown Changes: -------- --- /work/SRC/openSUSE:Factory/opendkim/opendkim.changes 2020-08-20 22:30:00.312014334 +0200 +++ /work/SRC/openSUSE:Factory/.opendkim.new.2625/opendkim.changes 2021-07-07 18:31:57.618293824 +0200 @@ -1,0 +2,10 @@ +Tue Jul 6 21:16:59 UTC 2021 - Christian Wittmer <[email protected]> + +- add opendkim to Group unbound to be able to read TrustAnchorFile +- add postfix to Group opendkim to be able to read/write to opendkim.sock +- add %{_sysconfdir}/%{name}/keys dir +- change /var/run to /run wherever used +- rework opendkim-2.9.2_default_config.patch and renamed it to + opendkim-default_config.patch + +------------------------------------------------------------------- Old: ---- opendkim-2.9.2_default_config.patch New: ---- opendkim-default_config.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ opendkim.spec ++++++ --- /var/tmp/diff_new_pack.x7HWdX/_old 2021-07-07 18:31:58.030290591 +0200 +++ /var/tmp/diff_new_pack.x7HWdX/_new 2021-07-07 18:31:58.034290560 +0200 @@ -1,7 +1,7 @@ # # spec file for package opendkim # -# Copyright (c) 2020 SUSE LLC +# Copyright (c) 2021 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -49,7 +49,7 @@ # PATCH-FIX-UPSTREAM fix compiler warnings Patch0: opendkim-2.9.2_compiler_warnings.patch # PATCH-FIX-OPENSUSE set default values in installed configuration file -Patch1: opendkim-2.9.2_default_config.patch +Patch1: %{name}-default_config.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: curl-devel @@ -150,8 +150,8 @@ This package provides the shared library librepute which performs REPUTE queries for spammy domains. -# Maybe change name (there is already an other libut...) +# Maybe change name (there is already an other libut...) %package -n libut%{sover_ut} Summary: Library for assisting in URI construction from templates License: BSD-3-Clause @@ -207,7 +207,7 @@ %prep %setup -q -n %{upname}-%{full_version} %patch0 -p1 -%patch1 -p1 +%patch1 %build autoreconf -iv @@ -272,6 +272,7 @@ %endif mkdir -p %{buildroot}%{_localstatedir}/lib/%{name} install -D -m 0640 opendkim/opendkim.conf.sample %{buildroot}%{_sysconfdir}/%{name}/opendkim.conf +install -d -m 0750 %{buildroot}%{_sysconfdir}/%{name}/keys # Fix doc (move to correct location and fix for splitted packages) mkdir -p %{buildroot}%{_docdir}/autobuild mv %{buildroot}%{_datadir}/doc/%{name}/autobuild.conf.sample %{buildroot}%{_docdir}/autobuild @@ -288,7 +289,7 @@ getent group %{name} >/dev/null || \ %{_sbindir}/groupadd -r %{name} getent passwd %{name} >/dev/null || \ - %{_sbindir}/useradd -r -g %{name} -d %{_localstatedir}/lib/%{name} -s /sbin/nologin -c "User for opendkim" %{name} + %{_sbindir}/useradd -r -g %{name} -G unbound -d %{_localstatedir}/lib/%{name} -s /sbin/nologin -c "User for opendkim" %{name} %if %{with systemd} %service_add_pre %{name}.service %endif @@ -301,6 +302,11 @@ %endif %post +# enable opendkim to read TrustAnchorFile +%{_sbindir}/usermod -a -G unbound %{name} +# enable postfix to write to opendkim.sock +getent passwd postfix && \ + %{_sbindir}/usermod -a -G %{name} postfix %if %{with systemd} systemd-tmpfiles --create %{_tmpfilesdir}/%{name}.conf || true %service_add_post %{name}.service @@ -364,6 +370,7 @@ %doc %{_docdir}/%{name} # %config(noreplace) %attr(-,root,%{name}) %{_sysconfdir}/%{name} +%dir %attr(750,%{name},%{name}) %{_sysconfdir}/%{name}/keys %{_sbindir}/rc%{name} %if %{with systemd} %{_unitdir}/%{name}.service ++++++ opendkim-default_config.patch ++++++ Index: opendkim/opendkim.conf.sample =================================================================== --- opendkim/opendkim.conf.sample.orig +++ opendkim/opendkim.conf.sample @@ -109,7 +109,7 @@ ## operation. Thus, cores will be dumped here and configuration files ## are read relative to this location. -# BaseDirectory /var/run/opendkim +BaseDirectory /run/opendkim ## BodyLengthDB dataset ## default (none) @@ -160,7 +160,7 @@ ## Specify for which domain(s) signing should be done. No default; must ## be specified for signing. -Domain example.com +# Domain example.com ## DomainKeysCompat { yes | no } ## default "no" @@ -245,7 +245,7 @@ Domain example.com ## SigningTable and KeyTable are used. No default; must be specified for ## signing if SigningTable/KeyTable are not in use. -KeyFile /var/db/dkim/example.private +# KeyFile /etc/opendkim/keys/example.private ## KeyTable dataset ## default (none) @@ -432,7 +432,8 @@ KeyFile /var/db/dkim/example.private ## Name of the file where the filter should write its pid before beginning ## normal operations. -# PidFile filename +# DO NOT CHANGE IT IS REFERENCED IN THE INIT SCRIPTS. +PidFile /run/opendkim/opendkim.pid ## POPDBFile dataset ## default (none) @@ -570,7 +571,7 @@ KeyFile /var/db/dkim/example.private ## The name of the selector to use when signing. No default; must be ## specified for signing. -Selector my-selector-name +Selector default ## SenderHeaders dataset ## default (none) @@ -658,7 +659,7 @@ Selector my-selector-name ## inet:port to listen on all interfaces ## local:/path/to/socket to listen on a UNIX domain socket -Socket inet:port@localhost +Socket local:/run/opendkim/opendkim.sock ## SoftwareHeader { yes | no } ## default "no" @@ -749,7 +750,7 @@ Syslog Yes ## DNS queries and applying the DNSSEC protocol. See the Unbound documentation ## at http://unbound.net for the expected format of this file. -# TrustAnchorFile /var/named/trustanchor +TrustAnchorFile /var/lib/unbound/root.key ## UMask mask ## default (none) @@ -758,7 +759,7 @@ Syslog Yes ## The system has its own default which will be used (usually 022). ## See the umask(2) man page for more information. -# UMask 022 +UMask 002 # UnboundConfigFile /var/named/unbound.conf @@ -768,4 +769,4 @@ Syslog Yes ## Change to user "userid" before starting normal operation? May include ## a group ID as well, separated from the userid by a colon. -# UserID userid +UserID opendkim:opendkim ++++++ opendkim.service ++++++ --- /var/tmp/diff_new_pack.x7HWdX/_old 2021-07-07 18:31:58.082290183 +0200 +++ /var/tmp/diff_new_pack.x7HWdX/_new 2021-07-07 18:31:58.086290151 +0200 @@ -5,7 +5,7 @@ [Service] Type=simple -PIDFile=/var/run/opendkim/opendkim.pid +PIDFile=/run/opendkim/opendkim.pid ExecStart=/usr/sbin/opendkim -f -x /etc/opendkim/opendkim.conf ExecReload=/bin/kill -USR1 $MAINPID NonBlocking=yes
