[AlternC-dev] some changes to install procedure and packaging

Retour à l'archive de la liste
Le site d'AlternC
Google Custom Search

The Anarcat anarcat at koumbit.org
Mar 7 Oct 00:18:41 CEST 2008


Hello everyone, salut,

I am making some critical changes to the package these days. This
commit, for example, modifies the way the postfix configuration is
managed and offloads it to a /etc/alternc/postfix.cf instead of
replacing the whole /etc/postfix/main.cf configuration file.

Also, I am working on a alternc-slave package that will ease
installation of AlternC on web nodes that have /var/alternc NFS-mounted.
Progress is going well and I hope to release 0.9.9 with those changes
soon.

--- fr ----

je suis en train de faire des changements critique au package principal
ces jours-ci. Ce commit, par exemple, change la façon que postfix est
configuré et délègue cette configuration à un fichier
/etc/alternc/postfix.cf au lieu de remplacer /etc/main.cf en entier.

Aussi, je suis à créer un nouveau paquet alternc-slave (nom affreux, je
sais) qui va faciliter l'installation d'alternc sur des nodes web qui
ont /var/alternc monté en NFS. Ça avance bien et j'espère pouvoir
publier un 0.9.9 avec ces changements bientôt.

Merci de votre attention.

A.

----- Forwarded message from commitlogs d'alternc par email <cvs-commit at alternc.org> -----

Date: Tue,  7 Oct 2008 00:12:41 +0200 (CEST)
From: commitlogs d'alternc par email <cvs-commit at alternc.org>
To: cvs-commit at alternc.org
Subject: [Cvs-commit] r2322 - in alternc/trunk: debian etc/alternc
	etc/alternc/templates/postfix install
List-Id: commitlogs d'alternc par email <cvs-commit.alternc.org>
List-Post: <mailto:cvs-commit at alternc.org>
List-Subscribe: <http://alternc.org/cgi-bin/mailman/listinfo/cvs-commit>,
	<mailto:cvs-commit-request at alternc.org?subject=subscribe>

Author: anarcat
Date: 2008-10-07 00:12:41 +0200 (Tue, 07 Oct 2008)
New Revision: 2322

Added:
   alternc/trunk/etc/alternc/postfix.cf
Removed:
   alternc/trunk/etc/alternc/templates/postfix/main.cf
Modified:
   alternc/trunk/debian/changelog
   alternc/trunk/debian/control
   alternc/trunk/install/alternc.install
Log:
do not override Postfix's main.cf: instead, we use a /etc/alternc/postfix.cf to hold our configuration changes and apply that on postinst.

Closes: #1029

Modified: alternc/trunk/debian/changelog
===================================================================
--- alternc/trunk/debian/changelog	2008-10-06 21:35:12 UTC (rev 2321)
+++ alternc/trunk/debian/changelog	2008-10-06 22:12:41 UTC (rev 2322)
@@ -10,6 +10,7 @@
     * #1124: fix database user configuration
     * FTP/TLS is now working properly (config is RSA not DSA, and key AND
       certif config must be BOTH populated)
+    * #1029: do not overwrite the main.cf from postfix
   * new features:
     * start logging IP addresses in logs
     * rework the sqlbackup script to allow for date-based backups instead of
@@ -19,9 +20,13 @@
       value or available domains
     * make a new alternc-slave package that eases installation on NFS-backed
       frontend nodes
+    * builtin postgrey and Spamhaus blacklisting configuration
   * other changes:
     * deprecate the mynetwork modification in Postfix, this is now left to the
       admin
+    * note that even though main.cf is not directly overwritten (#1029, as
+      per Debian Policy), some settings are directly overwritten. those
+      settings are configured in /etc/alternc/postfix.cf.
 
  -- Antoine Beaupré <anarcat at koumbit.org>  Tue, 15 Apr 2008 11:52:56 -0400
 

Modified: alternc/trunk/debian/control
===================================================================
--- alternc/trunk/debian/control	2008-10-06 21:35:12 UTC (rev 2321)
+++ alternc/trunk/debian/control	2008-10-06 22:12:41 UTC (rev 2322)
@@ -10,7 +10,7 @@
 Package: alternc
 Architecture: all
 Pre-depends: debconf (>= 0.5.00) | debconf-2.0
-Depends: debianutils (>= 1.13.1), apache | apache2, libapache-mod-php5 | libapache2-mod-php5 | libapache-mod-php4 | libapache2-mod-php4, courier-ssl, courier-imap-ssl, courier-pop-ssl, php5-mysql | php4-mysql, phpmyadmin, postfix, proftpd-mysql, squirrelmail, postfix-tls, bind9, wget, rsync, quota, courier-authmysql | courier-authlib-mysql, ca-certificates, locales, perl-suid, perl, postfix-mysql, wwwconfig-common, sasl2-bin, libsasl2-modules, php5-cli | php4-cli, lockfile-progs (>= 0.1.9), gettext (>= 0.10.40-5), pdksh (>= 5.2.14-6), adduser, mysql-client
+Depends: debianutils (>= 1.13.1), apache | apache2, libapache-mod-php5 | libapache2-mod-php5 | libapache-mod-php4 | libapache2-mod-php4, courier-ssl, courier-imap-ssl, courier-pop-ssl, php5-mysql | php4-mysql, phpmyadmin, postfix, proftpd-mysql, squirrelmail, postfix-tls, bind9, wget, rsync, quota, courier-authmysql | courier-authlib-mysql, ca-certificates, locales, perl-suid, perl, postfix-mysql, wwwconfig-common, sasl2-bin, libsasl2-modules, php5-cli | php4-cli, lockfile-progs (>= 0.1.9), gettext (>= 0.10.40-5), pdksh (>= 5.2.14-6), adduser, mysql-client, postgrey
 Recommends: libapache-mod-gzip, apache-ssl, mysql-server
 Conflicts: alternc-admintools, alternc-awstats (<= 0.3.2), alternc-webalizer (<= 0.9.4)
 Provides: alternc-admintools
@@ -29,7 +29,7 @@
 Package: alternc-slave
 Architecture: all
 Pre-depends: debconf (>= 0.5.00) | debconf-2.0
-Depends: debianutils (>= 1.13.1), apache | apache2, libapache-mod-php5 | libapache2-mod-php5 | libapache-mod-php4 | libapache2-mod-php4, courier-ssl, courier-imap-ssl, courier-pop-ssl, php5-mysql | php4-mysql, phpmyadmin, postfix, proftpd-mysql, squirrelmail, postfix-tls, bind9, wget, rsync, quota, courier-authmysql | courier-authlib-mysql, ca-certificates, locales, perl-suid, perl, postfix-mysql, wwwconfig-common, sasl2-bin, libsasl2-modules, php5-cli | php4-cli, lockfile-progs (>= 0.1.9), gettext (>= 0.10.40-5), pdksh (>= 5.2.14-6), adduser, mysql-client
+Depends: debianutils (>= 1.13.1), apache | apache2, libapache-mod-php5 | libapache2-mod-php5 | libapache-mod-php4 | libapache2-mod-php4, courier-ssl, courier-imap-ssl, courier-pop-ssl, php5-mysql | php4-mysql, phpmyadmin, postfix, proftpd-mysql, squirrelmail, postfix-tls, bind9, wget, rsync, quota, courier-authmysql | courier-authlib-mysql, ca-certificates, locales, perl-suid, perl, postfix-mysql, wwwconfig-common, sasl2-bin, libsasl2-modules, php5-cli | php4-cli, lockfile-progs (>= 0.1.9), gettext (>= 0.10.40-5), pdksh (>= 5.2.14-6), adduser, mysql-client, postgrey
 Recommends: libapache-mod-gzip, apache-ssl
 Conflicts: alternc-admintools, alternc-awstats (<= 0.3.2), alternc-webalizer (<= 0.9.4), alternc
 Provides: alternc

Copied: alternc/trunk/etc/alternc/postfix.cf (from rev 2321, alternc/trunk/etc/alternc/templates/postfix/main.cf)
===================================================================
--- alternc/trunk/etc/alternc/postfix.cf	                        (rev 0)
+++ alternc/trunk/etc/alternc/postfix.cf	2008-10-06 22:12:41 UTC (rev 2322)
@@ -0,0 +1,34 @@
+home_mailbox = Maildir/
+smtpd_banner = $myhostname ESMTP
+header_checks = regexp:/etc/postfix/header_checks
+body_checks = regexp:/etc/postfix/body_checks
+local_destination_concurrency_limit = 8
+default_destination_concurrency_limit = 10
+smtpd_use_tls = yes
+smtpd_tls_dcert_file = /etc/courier/pop3d.pem
+smtpd_tls_dkey_file = $smtpd_tls_dcert_file
+smtpd_tls_CApath = /etc/ssl/certs/
+smtpd_tls_key_file =  $smtpd_tls_dcert_file
+smtpd_tls_cert_file =  $smtpd_tls_dcert_file
+smtpd_tls_loglevel = 0
+smtpd_tls_received_header = yes
+smtpd_tls_session_cache_timeout = 3600s
+smtp_use_tls = yes
+smtp_tls_dcert_file = $smtpd_tls_dcert_file
+smtp_tls_dkey_file = $smtpd_tls_dcert_file
+smtp_tls_CApath = $smtpd_tls_CApath
+smtpd_tls_auth_only = yes
+smtpd_sasl_auth_enable = yes
+smtpd_sasl_local_domain = postfix
+smtpd_sasl_security_options = noanonymous
+enable_sasl_authentification = yes
+broken_sasl_auth_clients = yes
+alias_maps = mysql:/etc/postfix/myalias.cf hash:/etc/aliases
+virtual_maps = proxy:mysql:/etc/postfix/mydomain.cf
+virtual_mailbox_maps = proxy:mysql:/etc/postfix/myvirtual.cf
+virtual_mailbox_base = /
+virtual_minimum_uid = 1000
+virtual_gid_maps = proxy:mysql:/etc/postfix/mygid.cf
+virtual_uid_maps = static:33
+default_privs = www-data
+smtpd_recipient_restrictions = reject_unlisted_recipient, permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_policy_service inet:127.0.0.1:60000, reject_rbl_client zen.spamhaus.org
\ No newline at end of file


Property changes on: alternc/trunk/etc/alternc/postfix.cf
___________________________________________________________________
Name: svn:mergeinfo
   + 

Deleted: alternc/trunk/etc/alternc/templates/postfix/main.cf
===================================================================
--- alternc/trunk/etc/alternc/templates/postfix/main.cf	2008-10-06 21:35:12 UTC (rev 2321)
+++ alternc/trunk/etc/alternc/templates/postfix/main.cf	2008-10-06 22:12:41 UTC (rev 2322)
@@ -1,77 +0,0 @@
-#
-# Fichier de configuration de Postfix pour AlternC
-# $Id: main.cf,v 1.17 2006/01/12 06:50:15 anarcat Exp $
-# 
-# %%warning_message%% 
-# pour postfix SARGE v2
-
-queue_directory = /var/spool/postfix
-command_directory = /usr/sbin
-daemon_directory = /usr/lib/postfix
-mail_owner = postfix
-# recipient_delimiter = +
-
-home_mailbox = Maildir/
-
-smtpd_banner = $myhostname ESMTP
-
-header_checks = regexp:/etc/postfix/header_checks
-body_checks = regexp:/etc/postfix/body_checks
-
-local_destination_concurrency_limit = 8
-default_destination_concurrency_limit = 10
-
-myhostname = %%fqdn%%
-myorigin = %%fqdn%%
-
-
-# Configuration TLS pour le serveur smtp : 
-smtpd_use_tls = yes
-smtpd_tls_dcert_file = /etc/courier/pop3d.pem
-smtpd_tls_dkey_file = $smtpd_tls_dcert_file
-smtpd_tls_CApath = /etc/ssl/certs/
-smtpd_tls_key_file =  $smtpd_tls_dcert_file
-smtpd_tls_cert_file =  $smtpd_tls_dcert_file
-smtpd_tls_loglevel = 0
-smtpd_tls_received_header = yes
-smtpd_tls_session_cache_timeout = 3600s
-tls_random_source = dev:/dev/urandom
-
-# Configuration TLS pour le client smtp
-smtp_use_tls = yes
-smtp_tls_dcert_file = $smtpd_tls_dcert_file
-smtp_tls_dkey_file = $smtpd_tls_dcert_file
-smtp_tls_CApath = $smtpd_tls_CApath
-
-# Configuration SASL via sasldb (/etc/sasldb) uniquement en TLS.
-# Sinon le pass passe en clair et c'est mal !
-smtpd_tls_auth_only = yes
-smtpd_sasl_auth_enable = yes
-smtpd_sasl_local_domain = postfix
-smtpd_sasl_security_options = noanonymous
-enable_sasl_authentification = yes
-broken_sasl_auth_clients = yes
-
-#queue_directory = /var/spool/postfix
-#command_directory = /usr/sbin
-#daemon_directory = /usr/lib/postfix
-#mail_owner = postfix
-#recipient_delimiter = +
-
-# Pour ?viter certains vieux spammeurs.
-disable_vrfy_command = yes
-
-# On autorise le relai ? : les authentifi?s en saslet nos domaines.
-smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, reject_unauth_destination
-
-alias_maps = mysql:/etc/postfix/myalias.cf hash:/etc/aliases
-virtual_maps = proxy:mysql:/etc/postfix/mydomain.cf
-virtual_mailbox_maps = proxy:mysql:/etc/postfix/myvirtual.cf
-
-virtual_mailbox_base = /
-virtual_minimum_uid = 1000
-virtual_gid_maps = proxy:mysql:/etc/postfix/mygid.cf
-virtual_uid_maps = static:33
-
-default_privs = www-data
-program_directory = /usr/lib/postfix

Modified: alternc/trunk/install/alternc.install
===================================================================
--- alternc/trunk/install/alternc.install	2008-10-06 21:35:12 UTC (rev 2321)
+++ alternc/trunk/install/alternc.install	2008-10-06 22:12:41 UTC (rev 2322)
@@ -32,7 +32,7 @@
                   etc/courier/authmysqlrc"
 fi
 if [ -d /etc/postfix ]; then
-    CONFIG_FILES="$CONFIG_FILES etc/postfix/main.cf etc/postfix/myalias.cf
+    CONFIG_FILES="$CONFIG_FILES etc/postfix/myalias.cf
                   etc/postfix/mydomain.cf etc/postfix/mygid.cf
                   etc/postfix/myvirtual.cf etc/postfix/sasl/smtpd.conf"
 fi
@@ -213,6 +213,20 @@
     chmod 640 /etc/postfix/my*
 fi
 
+# configure postfix appropriatly for our needs"
+while read line
+do
+   postconf -e $line
+done < /etc/alternc/postfix.cf
+
+while read line
+do
+   postconf -e $line
+done <<EOF
+myhostname = $FQDN
+myorigin = $FQDN
+EOF
+
 if [ -e /etc/courier/authmysqlrc ] ; then
     chown root:root /etc/courier/authmysqlrc
     chmod 640 /etc/courier/authmysqlrc


_______________________________________________
Cvs-commit mailing list
Cvs-commit at alternc.org
http://alternc.org/cgi-bin/mailman/listinfo/cvs-commit


----- End forwarded message -----

-- 
Antoine Beaupré
Réseau Koumbit Networks
+1.514.387.6262
-------------- section suivante --------------
Une pièce jointe autre que texte a été nettoyée...
Nom: signature.asc
Type: application/pgp-signature
Taille: 197 octets
Desc: Digital signature
URL: <http://lists.alternc.org/arch/dev/attachments/20081006/fb6d5693/attachment.pgp>


Plus d'informations sur la liste de diffusion Dev