initial import

opendkim/PKGBUILD

@@ -0,0 +1,83 @@
+# Maintainer: Jesus E. <heckyel@riseup.net>
+
+pkgname=opendkim
+pkgver=2.10.3
+pkgrel=6
+pkgdesc='A free and libre implementation of the DKIM sender authentication system, based on a fork of dkim-milter.'
+arch=('i686' 'x86_64')
+url='http://www.opendkim.org/'
+license=('Modified-BSD' 'custom:Sendmail')
+depends=('db' 'libressl' 'libbsd' 'opendbx' 'libldap')
+optdepends=('perl: for opendkim-genkey')
+makedepends=('libmilter')
+backup=(etc/conf.d/opendkim)
+options=(!emptydirs)
+install=$pkgname.install
+source=("https://downloads.sourceforge.net/project/$pkgname/$pkgname-$pkgver.tar.gz"
+        "$pkgname.initd"
+        "$pkgname.confd"
+        "$pkgname.run"
+        "$pkgname.conf")
+sha512sums=('97923e533d072c07ae4d16a46cbed95ee799aa50f19468d8bc6d1dc534025a8616c3b4b68b5842bc899b509349a2c9a67312d574a726b048c0ea46dd4fcc45d8'
+            '220ba494b83189aceba304534d1538cc38414c82a522a9fa8211f9277bf22ae8787581b3913e2a267b766ad33bfa4ee005780ee744633f2c765d15696f5bd0cb'
+            'db103c23d03bcc5919e795cd0bb6e9cfa6a0b8b65c55476fce8aaedfa539a707f0e2b7e10fc493e8a18ef9743b1f80bb97c1b3aaa8b6dc51646898ffdc0fff65'
+            'c2799e2c879505cb4c06062b8e8277982f9a83125bef3aa12ddf52b839e7752a5fb1b2252cf397093ac51237896d3d29b46789406e033eee4a7362f4f5f93867'
+            '7d4dc6862c40efa7fd3d235d00c9c0e4a76113232993c694866ac7af5c63ae6e0374a9e2728ea9b1eef81b102f4ff47aa2201bd9020db01fc4ad7399a400fbef')
+
+prepare() {
+  cd "$srcdir/$pkgname-$pkgver"
+  autoreconf -vi
+}
+
+build() {
+  cd "$srcdir/$pkgname-$pkgver"
+  ./configure \
+    --prefix=/usr \
+    --sysconfdir=/etc \
+    --localstatedir=/var \
+    --with-db \
+    --with-odbx \
+    --with-sql-backend \
+    --with-openldap \
+    --disable-live-testing
+  make
+}
+
+package() {
+  cd "$srcdir/$pkgname-$pkgver"
+
+  make DESTDIR="$pkgdir/" install
+
+  # remove remnants from systemd within documentation
+  rm "$pkgdir/usr/share/doc/$pkgname/$pkgname.service"
+
+  # sample configuration
+  mkdir -p "$pkgdir/etc/$pkgname"
+  mv "$pkgdir/usr/share/doc/$pkgname/$pkgname.conf.sample" "$pkgdir/etc/$pkgname/$pkgname.conf.sample"
+  chmod 0700 "$pkgdir/etc/$pkgname"
+  chmod 0600 "$pkgdir/etc/$pkgname/$pkgname.conf.sample"
+
+  # services
+  install -Dm644 "$srcdir/$pkgname.confd" "$pkgdir/etc/conf.d/$pkgname"
+  install -Dm755 "$srcdir/$pkgname.initd" "$pkgdir/etc/init.d/$pkgname"
+  install -Dm644 "$srcdir/$pkgname.conf" "$pkgdir/etc/sv/$pkgname/conf"
+  install -Dm755 "$srcdir/$pkgname.run" "$pkgdir/etc/sv/$pkgname/run"
+
+  # create default configuration
+
+  # Some MTAs are known to break DKIM signatures with "simple"
+  # canonicalization [1], so we choose the "relaxed" policy
+  # over OpenDKIM's current default settings.
+  # [1] https://wordtothewise.com/2016/12/dkim-canonicalization-or-why-microsoft-breaks-your-mail/
+  sed -E -e 's:^(Canonicalization)[[:space:]]+.*:\1\trelaxed/relaxed:' \
+    "$srcdir/$pkgname-$pkgver/$pkgname/$pkgname.conf.simple" > "$pkgdir"/etc/$pkgname/$pkgname.conf
+
+  # move tools to /usr/bin for FHS compliance
+  install -dm755 "$pkgdir/usr/bin"
+  for b in opendkim-{genkey,genzone,testkey,testmsg}; do
+    mv "$pkgdir/usr/sbin/$b" "$pkgdir/usr/bin/$b"
+  done
+
+  # licenses
+  install -Dm644 LICENSE LICENSE.Sendmail -t "$pkgdir/usr/share/licenses/$pkgname"
+}

opendkim/opendkim.conf

@@ -0,0 +1,20 @@
+# This overrides the "Socket" line in your opendkim.conf configuration
+# file, and is required (so that we don't have to try to parse the
+# configuration file in an init script). The default below listens
+# on the network.
+#
+# If you would rather use a local (UNIX) socket, try the following:
+#
+# WARNING: The directory containing this socket will have its owner
+#          changed to "opendkim".
+#
+#OPENDKIM_SOCKET="local:/run/opendkim/opendkim.sock"
+#
+# More examples of valid socket syntax can be found in the opendkim(8)
+# man page, under the "-p socketspec" option. However -- contrary to
+# what that man page says -- if you want to use a local socket, the
+# "local:" prefix is not optional here.
+#
+OPENDKIM_SOCKET="inet:8891@localhost"
+OPENDKIM_CONFFILE="/etc/opendkim/opendkim.conf"
+OPENDKIM_PIDFILE="/run/opendkim.pid"

opendkim/opendkim.confd

@@ -0,0 +1,18 @@
+# This overrides the "Socket" line in your opendkim.conf configuration
+# file, and is required (so that we don't have to try to parse the
+# configuration file in an init script). The default below listens
+# on the network.
+#
+# If you would rather use a local (UNIX) socket, try the following:
+#
+# WARNING: The directory containing this socket will have its owner
+#          changed to "opendkim".
+#
+#OPENDKIM_SOCKET="local:/run/opendkim/opendkim.sock"
+#
+# More examples of valid socket syntax can be found in the opendkim(8)
+# man page, under the "-p socketspec" option. However -- contrary to
+# what that man page says -- if you want to use a local socket, the
+# "local:" prefix is not optional here.
+#
+OPENDKIM_SOCKET="inet:8891@localhost"

opendkim/opendkim.initd

@@ -0,0 +1,73 @@
+#!/sbin/openrc-run
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+CONFFILE="/etc/opendkim/${RC_SVCNAME}.conf"
+required_files="${CONFFILE}"
+
+command="/usr/sbin/opendkim"
+pidfile="/run/${RC_SVCNAME}.pid"
+command_args="-P ${pidfile} -x ${CONFFILE} -p ${OPENDKIM_SOCKET}"
+
+depend() {
+	use dns logger net
+	before mta
+}
+
+check_cfg() {
+	#
+	# The opendkim.conf man page says,
+	#
+	#   For parameters that are Boolean in nature, only the first byte
+	#   of the value is processed... For negative values, the following
+	#   are accepted: "F", "f", "N", "n", "0".'
+	#
+	if grep --quiet '^[[:space:]]*Background[[:space:]]\+[FfNn0]' \
+			"${CONFFILE}"; then
+		eerror "${RC_SVCNAME} cannot run in the foreground!"
+		return 1
+	fi
+}
+
+start_pre() {
+	# If this isn't a restart, make sure that the user's config isn't
+	# busted before we try to start the daemon (this will produce
+	# better error messages than if we just try to start it blindly).
+	#
+	# If, on the other hand, this *is* a restart, then the stop_pre
+	# action will have ensured that the config is usable and we don't
+	# need to do that again.
+	if [ "${RC_CMD}" != "restart" ]; then
+		check_cfg || return $?
+	fi
+
+	if [ -S "${OPENDKIM_SOCKET}" ] && ! fuser -s "${OPENDKIM_SOCKET}"; then
+		# Remove stalled Unix socket if no other process is
+		# using it
+		if ! rm "${UNIX_SOCKET}"; then
+			eerror "failed to remove stale unix socket ${OPENDKIM_SOCKET}"
+			return 2
+		fi
+	fi
+
+	# This relies on the "local:" prefix being there, but the conf.d
+	# file explicitly states that it's not optional (contrary to what
+	# the opendkim(8) man page says).
+	if [ "${OPENDKIM_SOCKET#local:}" != "${OPENDKIM_SOCKET}" ]; then
+		# The socket begins with "local:"
+		OPENDKIM_SOCKET_PATH="${OPENDKIM_SOCKET#local:}"
+		OPENDKIM_SOCKET_DIR="${OPENDKIM_SOCKET_PATH%/*}"
+
+		# This is dangerous, but there's a big warning about it
+		# in the conf.d file.
+		checkpath --directory --owner opendkim "${OPENDKIM_SOCKET_DIR}"
+	fi
+}
+
+stop_pre() {
+	# If this is a restart, check to make sure the user's config
+	# isn't busted before we stop the running daemon.
+	if [ "${RC_CMD}" = "restart" ]; then
+		check_cfg || return $?
+	fi
+}

opendkim/opendkim.install

@@ -0,0 +1,26 @@
+post_upgrade() {
+	if ! getent passwd opendkim &>/dev/null; then
+		useradd -r -g mail -G adm -d / -s /bin/nologin opendkim >/dev/null
+	fi
+	if ! groups opendkim | grep adm &>/dev/null; then
+		gpasswd -a opendkim adm >/dev/null
+	fi
+	opendkim_shell=$(getent passwd opendkim | cut -d: -f7)
+	if [ "$opendkim_shell" != '/bin/nologin' ]; then
+		chsh -s /bin/nologin opendkim &>/dev/null
+	fi
+}
+
+post_install() {
+	post_upgrade
+	chown -R opendkim:mail etc/opendkim
+	cat <<EOF
+>>>  Check and modify /etc/opendkim/opendkim.conf before starting
+EOF
+}
+
+post_remove() {
+	if getent passwd opendkim &>/dev/null; then
+		userdel opendkim >/dev/null
+	fi
+}

opendkim/opendkim.run

@@ -0,0 +1,3 @@
+#!/bin/sh
+[ -r ./conf ] && . ./conf
+exec chpst -U opendkim /usr/sbin/opendkim -P ${OPENDKIM_PIDFILE} -x ${OPENDKIM_CONFFILE} -p ${OPENDKIM_SOCKET}