- follow guidelines for alternatives (#570801)

- move sasl config to /etc/sasl2 (#574434) - drop sasl v1 support - remove unnecessary requirements - use bcond macros
2010-03-17 15:57:04 +00:00 · 2010-03-17 15:57:04 +00:00 · 55c883d56a
parent b91909e268
commit 55c883d56a
2 changed files with 98 additions and 151 deletions
--- a/README-Postfix-SASL-RedHat.txt
+++ b/README-Postfix-SASL-RedHat.txt
@ -76,12 +76,6 @@ Using Saslauthd:
 To use saslauthd there are several things you must assure are
 configured. 

-SASL has been shipped in various versions, currently there is SASL V1
-and SASL V2. The implementation of saslauthd is not compatible between
-SASL V1 and V2 libraries. You must use the V2 implementation of
-SASL. Note that currently the V1 SASL libraries install in
-/usr/lib/sasl and the V2 SASL libraries install in /usr/lib/sasl2.
-
 Selecting an Authentication Method:
 -----------------------------------

@ -133,17 +127,10 @@ When Postfix invokes SASL it must give SASL an application name that
 SASL will use among other things to locate a configuration file for
 the application. The application name Postfix identifies itself as is
 "smtpd". SASL will append ".conf" to the application name and look for
-a config file in its library directory. Thus SASL will read Postfix's
-configuration from
-
-   /usr/lib/sasl2/smtpd.conf
-
-if postfix has been linked against the version 2 library of cyrus-sasl, or:
-
-   /usr/lib/sasl/smtpd.conf
-
-if postfix has been linked against the version 1 library of cyrus-sasl
+a config file in its library and config directories. Thus SASL will
+read Postfix's configuration from

+   /etc/sasl2/smtpd.conf

 This file names the authentication method SASL will use for Postfix
 (actually for smtpd, other MTA's such as sendmail may use the same
@ -156,28 +143,6 @@ This tells SASL when being invoked to authentication for Postfix that
 it should use saslauthd. Saslauthd's mechanism is set in
 /etc/sysconfig/saslauthd (see below).

-A note about cyrus-sasl versions and saslauthd. Red Hat cyrus-sasl
-RPM's parallel install both the v1 and v2 versions of cyrus-sasl
-libraries into /usr/lib/sasl and /usr/lib/sasl2 respectively. However
-only the v2 version of saslauthd is installed. The v1 and v2 versions
-saslauthd are not compatible, the protocol used to communicate between
-a client which has linked cyrus-sasl and the saslauthd daemon was
-changed between the v1 and v2 versons of sasluathd. The saslauthd
-daemon that the Red Hat package installs is the v2 version. Therefore
-for a client which has linked against a v1 version of cyrus-sasl must
-communicate using the v2 version of the saslauthd protocol because
-only the v2 version of saslauthd is installed. Red Hat has modified
-the v1 version of the cyrus-sasl library to generate v2 protocol if
-the client is configured to use the v2 protocol. This is accomplished
-by adding a parameter to the sasl service configuration file. Since
-the service is smtpd this file is /usr/lib/sasl/smtpd.conf. Note
-/usr/lib/sasl2/smtpd.conf does not need this extra configuration
-parameter because it will by default speak version 2 of the saslauthd
-protocol. Therefore /usr/lib/sasl/smtpd.conf need the following extra
-line it its file in addition to the pwcheck_method of saslauthd.
-
-saslauthd_version: 2
-
 When Postfix calls on SASL to authenticate it passes to SASL a service
 name. This service name is used in authentication method specific
 way. The service name Postfix passes to SASL is "smtp" (note this is
--- a/postfix.spec
+++ b/postfix.spec
@ -1,21 +1,11 @@
-%{?!MYSQL: %define MYSQL 1}
-%{?!PGSQL: %define PGSQL 0}
-%define LDAP 2
-%define PCRE 1
-%define SASL 2
-%define TLS 1
-%define IPV6 1
-%define POSTDROP_GID 90
-%define PFLOGSUMM 1
-
-%if %{LDAP} == 1 && %{SASL} >= 2
-%undefine SASL
-%define SASL 1
-%endif
-
-%if %{PFLOGSUMM}
-%define pflogsumm_ver 1.1.2
-%endif
+%bcond_without mysql
+%bcond_with pgsql
+%bcond_without ldap
+%bcond_without pcre
+%bcond_without sasl
+%bcond_without tls
+%bcond_without ipv6
+%bcond_without pflogsumm

 # Postfix requires one exlusive uid/gid and a 2nd exclusive gid for its own
 # use.  Let me know if the second gid collides with another package.
@ -24,9 +14,8 @@
 %define postfix_user	postfix
 %define postfix_gid	89
 %define postfix_group	postfix
-%define postdrop_group	postdrop
-%define maildrop_group	%{postdrop_group}
-%define maildrop_gid	%{POSTDROP_GID}
+%define maildrop_group	postdrop
+%define maildrop_gid	90

 %define postfix_config_dir	%{_sysconfdir}/postfix
 %define postfix_daemon_dir	%{_libexecdir}/postfix
@ -40,7 +29,7 @@
 Name: postfix
 Summary: Postfix Mail Transport Agent
 Version: 2.7.0
-Release: 1%{?dist}
+Release: 2%{?dist}
 Epoch: 2
 Group: System Environment/Daemons
 URL: http://www.postfix.org
@ -62,7 +51,9 @@ Source3: README-Postfix-SASL-RedHat.txt

 # Sources 50-99 are upstream [patch] contributions

-%if %{PFLOGSUMM}
+%define pflogsumm_ver 1.1.2
+
+%if %{with pflogsumm}
 # Postfix Log Entry Summarizer: http://jimsun.linxnet.com/postfix_contrib.html
 Source53: http://jimsun.linxnet.com/downloads/pflogsumm-%{pflogsumm_ver}.tar.gz
 %endif
@ -88,44 +79,12 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 # Determine the different packages required for building postfix
 BuildRequires: db4-devel, pkgconfig, zlib-devel

-Requires: setup >= 2.5.36-1
-BuildRequires: setup >= 2.5.36-1
-
-%if %{LDAP}
-BuildRequires: openldap >= 2.0.27, openldap-devel >= 2.0.27
-Requires: openldap >= 2.0.27
-%endif
-
-%if %{SASL}
-BuildRequires: cyrus-sasl >= 2.1.10, cyrus-sasl-devel >= 2.1.10
-Requires: cyrus-sasl  >= 2.1.10
-%endif
-
-%if %{PCRE}
-Requires: pcre
-BuildRequires: pcre, pcre-devel
-%endif
-
-%if %{MYSQL}
-Requires: mysql-libs
-BuildRequires: mysql-devel
-%endif
-
-%if %{PGSQL}
-Requires: postgresql-libs
-BuildRequires: postgresql-devel
-%endif
-
-%if %{TLS}
-Requires: openssl
-BuildRequires: openssl-devel >= 0.9.6
-%endif
-
-Provides: %{_sbindir}/sendmail %{_bindir}/mailq %{_bindir}/newaliases
-Provides: %{_bindir}/rmail /usr/lib/sendmail
-Provides: %{_sysconfdir}/pam.d/smtp
-Provides: %{_mandir}/man1/mailq.1.gz %{_mandir}/man1/newaliases.1.gz
-Provides: %{_mandir}/man5/aliases.5.gz %{_mandir}/man8/sendmail.8.gz
+%{?with_ldap:BuildRequires: openldap-devel}
+%{?with_sasl:BuildRequires: cyrus-sasl-devel}
+%{?with_pcre:BuildRequires: pcre-devel}
+%{?with_mysql:BuildRequires: mysql-devel}
+%{?with_pgsql:BuildRequires: postgresql-devel}
+%{?with_tls:BuildRequires: openssl-devel}

 %description
 Postfix is a Mail Transport Agent (MTA), supporting LDAP, SMTP AUTH (SASL),
@ -137,7 +96,7 @@ Group: Applications/System
 Requires: %{name} = %{epoch}:%{version}-%{release}
 # perl-scripts introduced in 2:2.5.5-2
 Obsoletes: postfix < 2:2.5.5-2
-%if %{PFLOGSUMM}
+%if %{with pflogsumm}
 Provides: postfix-pflogsumm = %{epoch}:%{version}-%{release}
 Obsoletes: postfix-pflogsumm < 2:2.5.5-2
 %endif
@ -160,7 +119,7 @@ qshape prints Postfix queue domain and age distribution.
 %patch3 -p1 -b .alternatives
 %patch8 -p1 -b .large-fs

-%if %{PFLOGSUMM}
+%if %{with pflogsumm}
 gzip -dc %{SOURCE53} | tar xf -
 pushd pflogsumm-%{pflogsumm_ver}
 %patch9 -p1 -b .datecalc
@ -180,37 +139,29 @@ AUXLIBS=
 CCARGS="${CCARGS} -fsigned-char"
 %endif

-%if %{LDAP}
+%if %{with ldap}
  CCARGS="${CCARGS} -DHAS_LDAP -DLDAP_DEPRECATED=1"
-  AUXLIBS="${AUXLIBS} -L%{_libdir} -lldap -llber"
+  AUXLIBS="${AUXLIBS} -lldap -llber"
 %endif
-%if %{PCRE}
+%if %{with pcre}
  # -I option required for pcre 3.4 (and later?)
-  CCARGS="${CCARGS} -DHAS_PCRE -I/usr/include/pcre"
+  CCARGS="${CCARGS} -DHAS_PCRE -I%{_includedir}/pcre"
  AUXLIBS="${AUXLIBS} -lpcre"
 %endif
-%if %{MYSQL}
-  CCARGS="${CCARGS} -DHAS_MYSQL -I/usr/include/mysql"
+%if %{with mysql}
+  CCARGS="${CCARGS} -DHAS_MYSQL -I%{_includedir}/mysql"
  AUXLIBS="${AUXLIBS} -L%{_libdir}/mysql -lmysqlclient -lm"
 %endif
-%if %{PGSQL}
-  CCARGS="${CCARGS} -DHAS_PGSQL -I/usr/include/pgsql"
+%if %{with pgsql}
+  CCARGS="${CCARGS} -DHAS_PGSQL -I%{_includedir}/pgsql"
  AUXLIBS="${AUXLIBS} -lpq"
 %endif
-%if %{SASL}
-  %define sasl_v1_lib_dir %{_libdir}/sasl
-  %define sasl_v2_lib_dir %{_libdir}/sasl2
-  CCARGS="${CCARGS} -DUSE_SASL_AUTH -DUSE_CYRUS_SASL"
-  %if %{SASL} <= 1
-    %define sasl_lib_dir %{sasl_v1_lib_dir}
-    AUXLIBS="${AUXLIBS} -L%{sasl_lib_dir} -lsasl"
-  %else
-    %define sasl_lib_dir %{sasl_v2_lib_dir}
-    CCARGS="${CCARGS} -I/usr/include/sasl"
-    AUXLIBS="${AUXLIBS} -L%{sasl_lib_dir} -lsasl2"
-  %endif
+%if %{with sasl}
+  CCARGS="${CCARGS} -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I%{_includedir}/sasl"
+  AUXLIBS="${AUXLIBS} -L%{_libdir}/sasl2 -lsasl2"
+  %global sasl_config_dir %{_sysconfdir}/sasl2
 %endif
-%if %{TLS}
+%if %{with tls}
  if pkg-config openssl ; then
    CCARGS="${CCARGS} -DUSE_TLS `pkg-config --cflags openssl`"
    AUXLIBS="${AUXLIBS} `pkg-config --libs openssl`"
@ -219,7 +170,7 @@ CCARGS="${CCARGS} -fsigned-char"
    AUXLIBS="${AUXLIBS} -lssl -lcrypto"
  fi
 %endif
-%if %{IPV6} != 1
+%if ! %{with ipv6}
  CCARGS="${CCARGS} -DNO_IPV6"
 %endif

@ -284,16 +235,10 @@ done
 sed -i -r "s#(/man[158]/.*.[158]):f#\1.gz:f#" $RPM_BUILD_ROOT%{postfix_daemon_dir}/postfix-files

 cat $RPM_BUILD_ROOT%{postfix_daemon_dir}/postfix-files
-%if %{SASL}
+%if %{with sasl}
 # Install the smtpd.conf file for SASL support.
-# See README-Postfix-SASL-RedHat.txt for why we need to set saslauthd_version
-# in the v1 version of smtpd.conf
-mkdir -p $RPM_BUILD_ROOT%{sasl_v1_lib_dir}
-install -m 644 %{SOURCE100} $RPM_BUILD_ROOT%{sasl_v1_lib_dir}/smtpd.conf
-echo "saslauthd_version: 2" >> $RPM_BUILD_ROOT%{sasl_v1_lib_dir}/smtpd.conf
-
-mkdir -p $RPM_BUILD_ROOT%{sasl_v2_lib_dir}
-install -m 644 %{SOURCE100} $RPM_BUILD_ROOT%{sasl_v2_lib_dir}/smtpd.conf
+mkdir -p $RPM_BUILD_ROOT%{sasl_config_dir}
+install -m 644 %{SOURCE100} $RPM_BUILD_ROOT%{sasl_config_dir}/smtpd.conf
 %endif

 mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/pam.d
@ -314,7 +259,7 @@ rm -f $RPM_BUILD_ROOT%{postfix_config_dir}/{TLS_,}LICENSE
 find $RPM_BUILD_ROOT%{postfix_doc_dir} -type f | xargs chmod 644
 find $RPM_BUILD_ROOT%{postfix_doc_dir} -type d | xargs chmod 755

-%if %{PFLOGSUMM}
+%if %{with pflogsumm}
 install -c -m 644 pflogsumm-%{pflogsumm_ver}/pflogsumm-faq.txt $RPM_BUILD_ROOT%{postfix_doc_dir}/pflogsumm-faq.txt
 install -c -m 644 pflogsumm-%{pflogsumm_ver}/pflogsumm.1 $RPM_BUILD_ROOT%{_mandir}/man1/pflogsumm.1
 install -c pflogsumm-%{pflogsumm_ver}/pflogsumm.pl $RPM_BUILD_ROOT%{postfix_command_dir}/pflogsumm
@ -337,6 +282,14 @@ popd
 mkdir -p $RPM_BUILD_ROOT%{_var}/lib/misc
 touch $RPM_BUILD_ROOT%{_var}/lib/misc/postfix.aliasesdb-stamp

+# prepare alternatives ghosts 
+for i in %{postfix_command_dir}/sendmail %{_bindir}/{mailq,newaliases,rmail} \
+	%{_sysconfdir}/pam.d/smtp /usr/lib/sendmail \
+	%{_mandir}/{man1/{mailq.1,newaliases.1},man5/aliases.5,man8/sendmail.8}
+do
+	touch $RPM_BUILD_ROOT$i
+done
+
 %post
 /sbin/chkconfig --add postfix

@ -363,6 +316,16 @@ touch $RPM_BUILD_ROOT%{_var}/lib/misc/postfix.aliasesdb-stamp
 	--slave %{_mandir}/man5/aliases.5.gz mta-aliasesman %{_mandir}/man5/aliases.postfix.5.gz \
 	--initscript postfix

+%if %{with sasl}
+# Move sasl config to new location
+if [ -f %{_libdir}/sasl2/smtpd.conf ]; then
+	mv -f %{_libdir}/sasl2/smtpd.conf %{sasl_config_dir}/smtpd.conf
+	/sbin/restorecon %{sasl_config_dir}/smtpd.conf 2> /dev/null
+fi
+%endif
+
+exit 0
+
 %pre
 # Add user and groups if necessary
 %{_sbindir}/groupadd -g %{maildrop_gid} -r %{maildrop_group} 2>/dev/null
@ -401,9 +364,8 @@ rm -rf $RPM_BUILD_ROOT

 # Config files not part of upstream

-%if %{SASL}
-%config(noreplace) %{sasl_v1_lib_dir}/smtpd.conf
-%config(noreplace) %{sasl_v2_lib_dir}/smtpd.conf
+%if %{with sasl}
+%config(noreplace) %{sasl_config_dir}/smtpd.conf
 %endif
 %config(noreplace) %{_sysconfdir}/pam.d/smtp.postfix
 %attr(0755, root, root) %{_initrddir}/postfix
@ -411,18 +373,12 @@ rm -rf $RPM_BUILD_ROOT
 # Documentation

 %{postfix_doc_dir}
-%if %{PFLOGSUMM}
+%if %{with pflogsumm}
 %exclude %{postfix_doc_dir}/pflogsumm-faq.txt
 %endif

 # Misc files

-%attr(0755, root, root) %{_bindir}/rmail.postfix
-
-%attr(0755, root, root) %{postfix_command_dir}/smtp-sink
-%attr(0755, root, root) %{postfix_command_dir}/smtp-source
-%attr(0755, root, root) /usr/lib/sendmail.postfix
-
 %dir %attr(0755, root, root) %{postfix_config_dir}
 %dir %attr(0755, root, root) %{postfix_daemon_dir}
 %dir %attr(0755, root, root) %{postfix_queue_dir}
@ -442,13 +398,16 @@ rm -rf $RPM_BUILD_ROOT
 %dir %attr(0710, %{postfix_user}, %{maildrop_group}) %{postfix_queue_dir}/public
 %dir %attr(0700, %{postfix_user}, root) %{postfix_data_dir}

-%attr(0644, root, root) %{_mandir}/man1/*
-%exclude %{_mandir}/man1/qshape.1*
-%if %{PFLOGSUMM}
-%exclude %{_mandir}/man1/pflogsumm.1*
-%endif
-%attr(0644, root, root) %{_mandir}/man5/*
-%attr(0644, root, root) %{_mandir}/man8/*
+%attr(0644, root, root) %{_mandir}/man1/post*.1*
+%attr(0644, root, root) %{_mandir}/man1/smtp*.1*
+%attr(0644, root, root) %{_mandir}/man1/*.postfix.1*
+%attr(0644, root, root) %{_mandir}/man5/access.5*
+%attr(0644, root, root) %{_mandir}/man5/[b-v]*.5*
+%attr(0644, root, root) %{_mandir}/man5/*.postfix.5*
+%attr(0644, root, root) %{_mandir}/man8/*.8*
+
+%attr(0755, root, root) %{postfix_command_dir}/smtp-sink
+%attr(0755, root, root) %{postfix_command_dir}/smtp-source

 %attr(0755, root, root) %{postfix_command_dir}/postalias
 %attr(0755, root, root) %{postfix_command_dir}/postcat
@ -485,20 +444,43 @@ rm -rf $RPM_BUILD_ROOT
 %attr(0755, root, root) %{postfix_daemon_dir}/proxymap
 %attr(0755, root, root) %{_bindir}/mailq.postfix
 %attr(0755, root, root) %{_bindir}/newaliases.postfix
+%attr(0755, root, root) %{_bindir}/rmail.postfix
 %attr(0755, root, root) %{_sbindir}/sendmail.postfix
+%attr(0755, root, root) /usr/lib/sendmail.postfix
+
+%ghost %{_sysconfdir}/pam.d/smtp
+
+%ghost %{_mandir}/man1/mailq.1.gz
+%ghost %{_mandir}/man1/newaliases.1.gz
+%ghost %{_mandir}/man5/aliases.5.gz
+%ghost %{_mandir}/man8/sendmail.8.gz
+
+%ghost %attr(0755, root, root) %{_bindir}/mailq
+%ghost %attr(0755, root, root) %{_bindir}/newaliases
+%ghost %attr(0755, root, root) %{_bindir}/rmail
+%ghost %attr(0755, root, root) %{_sbindir}/sendmail
+%ghost %attr(0755, root, root) /usr/lib/sendmail
+
 %ghost %attr(0644, root, root) %{_var}/lib/misc/postfix.aliasesdb-stamp

 %files perl-scripts
 %defattr(-, root, root)
 %attr(0755, root, root) %{postfix_command_dir}/qshape
 %attr(0644, root, root) %{_mandir}/man1/qshape*
-%if %{PFLOGSUMM}
+%if %{with pflogsumm}
 %doc %{postfix_doc_dir}/pflogsumm-faq.txt
 %attr(0644, root, root) %{_mandir}/man1/pflogsumm.1.gz
 %attr(0755, root, root) %{postfix_command_dir}/pflogsumm
 %endif

 %changelog
+* Wed Mar 17 2010 Miroslav Lichvar <mlichvar@redhat.com> 2:2.7.0-2
+- follow guidelines for alternatives (#570801)
+- move sasl config to /etc/sasl2 (#574434)
+- drop sasl v1 support
+- remove unnecessary requirements
+- use bcond macros
+
 * Fri Feb 26 2010 Miroslav Lichvar <mlichvar@redhat.com> 2:2.7.0-1
 - update to 2.7.0