diff options
| author | Peter Simons <simons@cryp.to> | 2016-01-13 14:12:50 +0100 |
|---|---|---|
| committer | Peter Simons <simons@cryp.to> | 2016-01-13 14:12:50 +0100 |
| commit | ae6fc4c5bed3dd69092936210d693e3e0cc44c4a (patch) | |
| tree | 2f8b5191884e8225056197ddddb397fa5f0088d9 /pkgs/servers | |
| parent | b8691461148ea923176ffbfce81fe507634a0cd5 (diff) | |
| parent | d3a19f1b8e65668ca711c4f329ab0a296f3774c9 (diff) | |
| download | nixlib-ae6fc4c5bed3dd69092936210d693e3e0cc44c4a.tar nixlib-ae6fc4c5bed3dd69092936210d693e3e0cc44c4a.tar.gz nixlib-ae6fc4c5bed3dd69092936210d693e3e0cc44c4a.tar.bz2 nixlib-ae6fc4c5bed3dd69092936210d693e3e0cc44c4a.tar.lz nixlib-ae6fc4c5bed3dd69092936210d693e3e0cc44c4a.tar.xz nixlib-ae6fc4c5bed3dd69092936210d693e3e0cc44c4a.tar.zst nixlib-ae6fc4c5bed3dd69092936210d693e3e0cc44c4a.zip | |
Merge pull request #12293 from abbradar/postfix-updates
Rework postfix module and package
Diffstat (limited to 'pkgs/servers')
| -rw-r--r-- | pkgs/servers/mail/postfix/3.0.nix | 49 | ||||
| -rw-r--r-- | pkgs/servers/mail/postfix/postfix-3.0-no-warnings.patch | 86 |
2 files changed, 119 insertions, 16 deletions
diff --git a/pkgs/servers/mail/postfix/3.0.nix b/pkgs/servers/mail/postfix/3.0.nix index 8c625da2c9e2..73ab8c8116f3 100644 --- a/pkgs/servers/mail/postfix/3.0.nix +++ b/pkgs/servers/mail/postfix/3.0.nix @@ -1,8 +1,25 @@ -{ stdenv, fetchurl, makeWrapper, gnused, db, openssl, cyrus_sasl, coreutils -, findutils, gnugrep, gawk, icu +{ stdenv, lib, fetchurl, makeWrapper, gnused, db, openssl, cyrus_sasl +, coreutils, findutils, gnugrep, gawk, icu, pcre +, withPgSQL ? false, postgresql +, withMySQL ? false, libmysql +, withSQLite ? false, sqlite }: -stdenv.mkDerivation rec { +let + ccargs = lib.concatStringsSep " " ([ + "-DUSE_TLS" "-DUSE_SASL_AUTH" "-DUSE_CYRUS_SASL" "-I${cyrus_sasl}/include/sasl" + "-DHAS_DB_BYPASS_MAKEDEFS_CHECK" + "-fPIE" "-fstack-protector-all" "--param" "ssp-buffer-size=4" "-O2" "-D_FORTIFY_SOURCE=2" + ] ++ lib.optional withPgSQL "-DHAS_PGSQL" + ++ lib.optionals withMySQL [ "-DHAS_MYSQL" "-I${libmysql}/include/mysql" ] + ++ lib.optional withSQLite "-DHAS_SQLITE"); + auxlibs = lib.concatStringsSep " " ([ + "-ldb" "-lnsl" "-lresolv" "-lsasl2" "-lcrypto" "-lssl" "-pie" "-Wl,-z,relro,-z,now" + ] ++ lib.optional withPgSQL "-lpq" + ++ lib.optional withMySQL "-lmysqlclient" + ++ lib.optional withSQLite "-lsqlite3"); + +in stdenv.mkDerivation rec { name = "postfix-${version}"; @@ -13,35 +30,35 @@ stdenv.mkDerivation rec { sha256 = "00mc12k5p1zlrlqcf33vh5zizaqr5ai8q78dwv69smjh6kn4c7j0"; }; - buildInputs = [ makeWrapper gnused db openssl cyrus_sasl icu ]; + buildInputs = [ makeWrapper gnused db openssl cyrus_sasl icu pcre ] + ++ lib.optional withPgSQL postgresql + ++ lib.optional withMySQL libmysql + ++ lib.optional withSQLite sqlite; - patches = [ ./postfix-script-shell.patch ]; + patches = [ ./postfix-script-shell.patch ./postfix-3.0-no-warnings.patch ]; preBuild = '' sed -e '/^PATH=/d' -i postfix-install export command_directory=$out/sbin export config_directory=/etc/postfix + export meta_directory=$out/etc/postfix export daemon_directory=$out/libexec/postfix - export data_directory=/var/lib/postfix + export data_directory=/var/lib/postfix/data export html_directory=$out/share/postfix/doc/html export mailq_path=$out/bin/mailq export manpage_directory=$out/share/man export newaliases_path=$out/bin/newaliases - export queue_directory=/var/spool/postfix + export queue_directory=/var/lib/postfix/queue export readme_directory=$out/share/postfix/doc export sendmail_path=$out/bin/sendmail - make makefiles \ - CCARGS='-DUSE_TLS -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I${cyrus_sasl}/include/sasl \ - -DHAS_DB_BYPASS_MAKEDEFS_CHECK \ - -fPIE -fstack-protector-all --param ssp-buffer-size=4 -O2 -D_FORTIFY_SOURCE=2' \ - AUXLIBS='-ldb -lnsl -lresolv -lsasl2 -lcrypto -lssl -pie -Wl,-z,relro,-z,now' + make makefiles CCARGS='${ccargs}' AUXLIBS='${auxlibs}' ''; installTargets = [ "non-interactive-package" ]; - installFlags = [ " install_root=installdir " ]; + installFlags = [ "install_root=installdir" ]; postInstall = '' mkdir -p $out @@ -57,9 +74,9 @@ stdenv.mkDerivation rec { meta = { homepage = "http://www.postfix.org/"; description = "A fast, easy to administer, and secure mail server"; - license = stdenv.lib.licenses.bsdOriginal; - platforms = stdenv.lib.platforms.linux; - maintainers = [ stdenv.lib.maintainers.rickynils ]; + license = lib.licenses.bsdOriginal; + platforms = lib.platforms.linux; + maintainers = [ lib.maintainers.rickynils ]; }; } diff --git a/pkgs/servers/mail/postfix/postfix-3.0-no-warnings.patch b/pkgs/servers/mail/postfix/postfix-3.0-no-warnings.patch new file mode 100644 index 000000000000..d93eaf0aaa0d --- /dev/null +++ b/pkgs/servers/mail/postfix/postfix-3.0-no-warnings.patch @@ -0,0 +1,86 @@ +diff -ru3 postfix-3.0.3/conf/postfix-script postfix-3.0.3-new/conf/postfix-script +--- postfix-3.0.3/conf/postfix-script 2014-06-27 18:05:15.000000000 +0400 ++++ postfix-3.0.3-new/conf/postfix-script 2016-01-09 17:51:38.545733631 +0300 +@@ -84,24 +84,6 @@ + exit 1 + } + +-# If this is a secondary instance, don't touch shared files. +- +-instances=`test ! -f $def_config_directory/main.cf || +- $command_directory/postconf -c $def_config_directory \ +- -h multi_instance_directories | sed 's/,/ /'` || { +- $FATAL cannot execute $command_directory/postconf! +- exit 1 +-} +- +-check_shared_files=1 +-for name in $instances +-do +- case "$name" in +- "$def_config_directory") ;; +- "$config_directory") check_shared_files=; break;; +- esac +-done +- + # + # Parse JCL + # +@@ -262,22 +244,6 @@ + -prune \( -perm -020 -o -perm -002 \) \ + -exec $WARN group or other writable: {} \; + +- # Check Postfix root-owned directory tree owner/permissions. +- +- todo="$config_directory/." +- test -n "$check_shared_files" && { +- todo="$daemon_directory/. $meta_directory/. $todo" +- test "$shlib_directory" = "no" || +- todo="$shlib_directory/. $todo" +- } +- todo=`echo "$todo" | tr ' ' '\12' | sort -u` +- +- find $todo ! -user root \ +- -exec $WARN not owned by root: {} \; +- +- find $todo \( -perm -020 -o -perm -002 \) \ +- -exec $WARN group or other writable: {} \; +- + # Check Postfix mail_owner-owned directory tree owner/permissions. + + find $data_directory/. ! -user $mail_owner \ +@@ -302,18 +268,11 @@ + # Check Postfix setgid_group-owned directory and file group/permissions. + + todo="$queue_directory/public $queue_directory/maildrop" +- test -n "$check_shared_files" && +- todo="$command_directory/postqueue $command_directory/postdrop $todo" + + find $todo \ + -prune ! -group $setgid_group \ + -exec $WARN not owned by group $setgid_group: {} \; + +- test -n "$check_shared_files" && +- find $command_directory/postqueue $command_directory/postdrop \ +- -prune ! -perm -02111 \ +- -exec $WARN not set-gid or not owner+group+world executable: {} \; +- + # Check non-Postfix root-owned directory tree owner/content. + + for dir in bin etc lib sbin usr +@@ -334,15 +293,6 @@ + + find corrupt -type f -exec $WARN damaged message: {} \; + +- # Check for non-Postfix MTA remnants. +- +- test -n "$check_shared_files" -a -f /usr/sbin/sendmail -a \ +- -f /usr/lib/sendmail && { +- cmp -s /usr/sbin/sendmail /usr/lib/sendmail || { +- $WARN /usr/lib/sendmail and /usr/sbin/sendmail differ +- $WARN Replace one by a symbolic link to the other +- } +- } + exit 0 + ;; + |