diff options
Diffstat (limited to 'nixpkgs/pkgs/servers/mail/postfix')
8 files changed, 389 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/servers/mail/postfix/0001-Fix-build-with-unbound-1.6.1.patch b/nixpkgs/pkgs/servers/mail/postfix/0001-Fix-build-with-unbound-1.6.1.patch new file mode 100644 index 000000000000..5de22573ea33 --- /dev/null +++ b/nixpkgs/pkgs/servers/mail/postfix/0001-Fix-build-with-unbound-1.6.1.patch @@ -0,0 +1,54 @@ +From bf269dda3c81bb9eaa244b3015d426de38c85ccf Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Carles=20Pag=C3=A8s?= <page@ruiec.cat> +Date: Fri, 3 Mar 2017 09:59:09 +0100 +Subject: [PATCH] Fix build with unbound 1.6.1 + +From their changelog: Fix to rename ub_callback_t to ub_callback_type, because POSIX reserves _t typedefs +--- + postlicyd/dns.c | 2 +- + postlicyd/dns.h | 2 +- + postlicyd/spf-proto.c | 2 +- + 3 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/postlicyd/dns.c b/postlicyd/dns.c +index d8409c2..97f1c4d 100644 +--- a/postlicyd/dns.c ++++ b/postlicyd/dns.c +@@ -123,7 +123,7 @@ static int dns_handler(client_t *event, void *config) + } + + bool dns_resolve(const char *hostname, dns_rrtype_t type, +- ub_callback_t callback, void *data) ++ ub_callback_type callback, void *data) + { + if (_G.ctx == NULL) { + _G.ctx = ub_ctx_create(); +diff --git a/postlicyd/dns.h b/postlicyd/dns.h +index d84de3b..905b924 100644 +--- a/postlicyd/dns.h ++++ b/postlicyd/dns.h +@@ -89,7 +89,7 @@ typedef void (*dns_result_callback_f)(dns_result_t *result, void *data); + */ + __attribute__((nonnull(1,3,4))) + bool dns_resolve(const char *hostname, dns_rrtype_t type, +- ub_callback_t callback, void *data); ++ ub_callback_type callback, void *data); + + /** Fetch the DNS record of the given type. + */ +diff --git a/postlicyd/spf-proto.c b/postlicyd/spf-proto.c +index 31cb0a5..79a2d83 100644 +--- a/postlicyd/spf-proto.c ++++ b/postlicyd/spf-proto.c +@@ -279,7 +279,7 @@ static bool spf_validate_domain(const char* restrict domain) + } + + static bool spf_query(spf_t *spf, const char* query, dns_rrtype_t rtype, +- ub_callback_t cb) ++ ub_callback_type cb) + { + buffer_reset(&_G.query_buffer); + buffer_addstr(&_G.query_buffer, query); +-- +2.12.0 + diff --git a/nixpkgs/pkgs/servers/mail/postfix/default.nix b/nixpkgs/pkgs/servers/mail/postfix/default.nix new file mode 100644 index 000000000000..e2a78477bb63 --- /dev/null +++ b/nixpkgs/pkgs/servers/mail/postfix/default.nix @@ -0,0 +1,98 @@ +{ stdenv, lib, fetchurl, makeWrapper, gnused, db, openssl, cyrus_sasl, libnsl +, coreutils, findutils, gnugrep, gawk, icu, pcre, m4 +, withLDAP ? true, openldap +, withPgSQL ? false, postgresql +, withMySQL ? false, mysql +, withSQLite ? false, sqlite +}: + +let + ccargs = lib.concatStringsSep " " ([ + "-DUSE_TLS" "-DUSE_SASL_AUTH" "-DUSE_CYRUS_SASL" "-I${cyrus_sasl.dev}/include/sasl" + "-DHAS_DB_BYPASS_MAKEDEFS_CHECK" + ] ++ lib.optional withPgSQL "-DHAS_PGSQL" + ++ lib.optionals withMySQL [ "-DHAS_MYSQL" "-I${mysql.connector-c}/include/mysql" "-L${mysql.connector-c}/lib/mysql" ] + ++ lib.optional withSQLite "-DHAS_SQLITE" + ++ lib.optionals withLDAP ["-DHAS_LDAP" "-DUSE_LDAP_SASL"]); + auxlibs = lib.concatStringsSep " " ([ + "-ldb" "-lnsl" "-lresolv" "-lsasl2" "-lcrypto" "-lssl" + ] ++ lib.optional withPgSQL "-lpq" + ++ lib.optional withMySQL "-lmysqlclient" + ++ lib.optional withSQLite "-lsqlite3" + ++ lib.optional withLDAP "-lldap"); + +in stdenv.mkDerivation rec { + + name = "postfix-${version}"; + + version = "3.3.2"; + + src = fetchurl { + url = "ftp://ftp.cs.uu.nl/mirror/postfix/postfix-release/official/${name}.tar.gz"; + sha256 = "0nxkszdgs6fs86j6w1lf3vhxvjh1hw2jmrii5icqx9a9xqgg74rw"; + }; + + nativeBuildInputs = [ makeWrapper m4 ]; + buildInputs = [ db openssl cyrus_sasl icu libnsl pcre ] + ++ lib.optional withPgSQL postgresql + ++ lib.optional withMySQL mysql.connector-c + ++ lib.optional withSQLite sqlite + ++ lib.optional withLDAP openldap; + + hardeningDisable = [ "format" ]; + hardeningEnable = [ "pie" ]; + + patches = [ + ./postfix-script-shell.patch + ./postfix-3.0-no-warnings.patch + ./post-install-script.patch + ./relative-symlinks.patch + ]; + + preBuild = '' + sed -e '/^PATH=/d' -i postfix-install + sed -e "s|@PACKAGE@|$out|" -i conf/post-install + + # post-install need skip permissions check/set on all symlinks following to /nix/store + sed -e "s|@NIX_STORE@|$NIX_STORE|" -i conf/post-install + + export command_directory=$out/sbin + export config_directory=/etc/postfix + export meta_directory=$out/etc/postfix + export daemon_directory=$out/libexec/postfix + export data_directory=/var/lib/postfix/data + export html_directory=$out/share/postfix/doc/html + export mailq_path=$out/bin/mailq + export manpage_directory=$out/share/man + export newaliases_path=$out/bin/newaliases + export queue_directory=/var/lib/postfix/queue + export readme_directory=$out/share/postfix/doc + export sendmail_path=$out/bin/sendmail + + make makefiles CCARGS='${ccargs}' AUXLIBS='${auxlibs}' + ''; + + installTargets = [ "non-interactive-package" ]; + + installFlags = [ "install_root=installdir" ]; + + postInstall = '' + mkdir -p $out + mv -v installdir/$out/* $out/ + cp -rv installdir/etc $out + sed -e '/^PATH=/d' -i $out/libexec/postfix/post-install + wrapProgram $out/libexec/postfix/post-install \ + --prefix PATH ":" ${lib.makeBinPath [ coreutils findutils gnugrep ]} + wrapProgram $out/libexec/postfix/postfix-script \ + --prefix PATH ":" ${lib.makeBinPath [ coreutils findutils gnugrep gawk gnused ]} + ''; + + meta = { + homepage = http://www.postfix.org/; + description = "A fast, easy to administer, and secure mail server"; + license = with lib.licenses; [ ipl10 epl20 ]; + platforms = lib.platforms.linux; + maintainers = [ lib.maintainers.rickynils ]; + }; + +} diff --git a/nixpkgs/pkgs/servers/mail/postfix/pfixtools.nix b/nixpkgs/pkgs/servers/mail/postfix/pfixtools.nix new file mode 100644 index 000000000000..8c00bcdbee25 --- /dev/null +++ b/nixpkgs/pkgs/servers/mail/postfix/pfixtools.nix @@ -0,0 +1,55 @@ +{ stdenv, lib, fetchFromGitHub, git, gperf, pcre, unbound, libev, tokyocabinet, pkgconfig, bash, libsrs2 }: + +let + version = "0.9"; + + pfixtoolsSrc = fetchFromGitHub { + owner = "Fruneau"; + repo = "pfixtools"; + rev = "pfixtools-${version}"; + sha256 = "1vmbrw686f41n6xfjphfshn96vl07ynvnsyjdw9yfn9bfnldcjcq"; + }; + + srcRoot = pfixtoolsSrc.name; + + libCommonSrc = fetchFromGitHub { + owner = "Fruneau"; + repo = "libcommon"; + rev = "b07e6bdea3d24748e0d39783d7d817096d10cc67"; + sha256 = "14fxldp29j4vmfmhfgwwi37pj8cz0flm1aykkxlbgakz92d4pm35"; + }; + +in + +stdenv.mkDerivation { + name = "pfixtools-${version}"; + + src = pfixtoolsSrc; + + patches = [ ./0001-Fix-build-with-unbound-1.6.1.patch ]; + + nativeBuildInputs = [ pkgconfig ]; + buildInputs = [git gperf pcre unbound libev tokyocabinet bash libsrs2]; + + postUnpack = '' + cp -Rp ${libCommonSrc}/* ${srcRoot}/common; + chmod -R +w ${srcRoot}/common; + ''; + + postPatch = '' + substituteInPlace postlicyd/policy_tokens.sh \ + --replace /bin/bash ${bash}/bin/bash; + ''; + + NIX_CFLAGS_COMPILE = "-Wno-error=unused-result -Wno-error=nonnull-compare"; + + makeFlags = "DESTDIR=$(out) prefix="; + + meta = { + description = "A collection of postfix-related tools"; + license = with lib.licenses; [ bsd3 ]; + homepage = https://github.com/Fruneau/pfixtools; + platforms = stdenv.lib.platforms.linux; + maintainers = with lib.maintainers; [ jerith666 ]; + }; +} diff --git a/nixpkgs/pkgs/servers/mail/postfix/pflogsumm.nix b/nixpkgs/pkgs/servers/mail/postfix/pflogsumm.nix new file mode 100644 index 000000000000..821999380606 --- /dev/null +++ b/nixpkgs/pkgs/servers/mail/postfix/pflogsumm.nix @@ -0,0 +1,34 @@ +{ stdenv, fetchurl, perlPackages }: + +perlPackages.buildPerlPackage rec { + name = "pflogsumm-${version}"; + version = "1.1.3"; + + src = fetchurl { + url = "https://jimsun.linxnet.com/downloads/${name}.tar.gz"; + sha256 = "0hkim9s5f1yg5sfs5048jydhy3sbxafls496wcjk0cggxb113py4"; + }; + + outputs = [ "out" "man" ]; + buildInputs = [ perlPackages.DateCalc ]; + + preConfigure = '' + touch Makefile.PL + ''; + doCheck = false; + + installPhase = '' + mkdir -p "$out/bin" + mv "pflogsumm.pl" "$out/bin/pflogsumm" + + mkdir -p "$out/share/man/man1" + mv "pflogsumm.1" "$out/share/man/man1" + ''; + + meta = { + homepage = http://jimsun.linxnet.com/postfix_contrib.html; + maintainers = with stdenv.lib.maintainers; [ schneefux ]; + description = "Postfix activity overview"; + license = stdenv.lib.licenses.gpl2Plus; + }; +} diff --git a/nixpkgs/pkgs/servers/mail/postfix/post-install-script.patch b/nixpkgs/pkgs/servers/mail/postfix/post-install-script.patch new file mode 100644 index 000000000000..350fbf929b74 --- /dev/null +++ b/nixpkgs/pkgs/servers/mail/postfix/post-install-script.patch @@ -0,0 +1,28 @@ +--- a/conf/post-install 1970-01-01 03:00:01.000000000 +0300 ++++ b/conf/post-install 2016-01-20 13:25:18.382233172 +0200 +@@ -254,6 +254,8 @@ + } + + # Bootstrapping problem. ++meta_directory="@PACKAGE@/etc/postfix" ++command_directory="@PACKAGE@/bin" + + if [ -n "$command_directory" ] + then +@@ -528,7 +530,16 @@ + # Skip uninstalled files. + case $path in + no|no/*) continue;; ++ # Skip immutable files from package, correct permissions provided by Nix. ++ @PACKAGE@/*) continue; + esac ++ # Also skip symlinks following to /nix/store ++ if test -L $path; then ++ case "$(readlink $path)" in ++ @NIX_STORE@/*) continue; ++ esac ++ fi ++ + # Pick up the flags. + case $flags in *u*) upgrade_flag=1;; *) upgrade_flag=;; esac + case $flags in *c*) create_flag=1;; *) create_flag=;; esac diff --git a/nixpkgs/pkgs/servers/mail/postfix/postfix-3.0-no-warnings.patch b/nixpkgs/pkgs/servers/mail/postfix/postfix-3.0-no-warnings.patch new file mode 100644 index 000000000000..d93eaf0aaa0d --- /dev/null +++ b/nixpkgs/pkgs/servers/mail/postfix/postfix-3.0-no-warnings.patch @@ -0,0 +1,86 @@ +diff -ru3 postfix-3.0.3/conf/postfix-script postfix-3.0.3-new/conf/postfix-script +--- postfix-3.0.3/conf/postfix-script 2014-06-27 18:05:15.000000000 +0400 ++++ postfix-3.0.3-new/conf/postfix-script 2016-01-09 17:51:38.545733631 +0300 +@@ -84,24 +84,6 @@ + exit 1 + } + +-# If this is a secondary instance, don't touch shared files. +- +-instances=`test ! -f $def_config_directory/main.cf || +- $command_directory/postconf -c $def_config_directory \ +- -h multi_instance_directories | sed 's/,/ /'` || { +- $FATAL cannot execute $command_directory/postconf! +- exit 1 +-} +- +-check_shared_files=1 +-for name in $instances +-do +- case "$name" in +- "$def_config_directory") ;; +- "$config_directory") check_shared_files=; break;; +- esac +-done +- + # + # Parse JCL + # +@@ -262,22 +244,6 @@ + -prune \( -perm -020 -o -perm -002 \) \ + -exec $WARN group or other writable: {} \; + +- # Check Postfix root-owned directory tree owner/permissions. +- +- todo="$config_directory/." +- test -n "$check_shared_files" && { +- todo="$daemon_directory/. $meta_directory/. $todo" +- test "$shlib_directory" = "no" || +- todo="$shlib_directory/. $todo" +- } +- todo=`echo "$todo" | tr ' ' '\12' | sort -u` +- +- find $todo ! -user root \ +- -exec $WARN not owned by root: {} \; +- +- find $todo \( -perm -020 -o -perm -002 \) \ +- -exec $WARN group or other writable: {} \; +- + # Check Postfix mail_owner-owned directory tree owner/permissions. + + find $data_directory/. ! -user $mail_owner \ +@@ -302,18 +268,11 @@ + # Check Postfix setgid_group-owned directory and file group/permissions. + + todo="$queue_directory/public $queue_directory/maildrop" +- test -n "$check_shared_files" && +- todo="$command_directory/postqueue $command_directory/postdrop $todo" + + find $todo \ + -prune ! -group $setgid_group \ + -exec $WARN not owned by group $setgid_group: {} \; + +- test -n "$check_shared_files" && +- find $command_directory/postqueue $command_directory/postdrop \ +- -prune ! -perm -02111 \ +- -exec $WARN not set-gid or not owner+group+world executable: {} \; +- + # Check non-Postfix root-owned directory tree owner/content. + + for dir in bin etc lib sbin usr +@@ -334,15 +293,6 @@ + + find corrupt -type f -exec $WARN damaged message: {} \; + +- # Check for non-Postfix MTA remnants. +- +- test -n "$check_shared_files" -a -f /usr/sbin/sendmail -a \ +- -f /usr/lib/sendmail && { +- cmp -s /usr/sbin/sendmail /usr/lib/sendmail || { +- $WARN /usr/lib/sendmail and /usr/sbin/sendmail differ +- $WARN Replace one by a symbolic link to the other +- } +- } + exit 0 + ;; + diff --git a/nixpkgs/pkgs/servers/mail/postfix/postfix-script-shell.patch b/nixpkgs/pkgs/servers/mail/postfix/postfix-script-shell.patch new file mode 100644 index 000000000000..4f5d2f611110 --- /dev/null +++ b/nixpkgs/pkgs/servers/mail/postfix/postfix-script-shell.patch @@ -0,0 +1,21 @@ +diff --git a/conf/postfix-script b/conf/postfix-script +index 19088a6..04fae23 100755 +--- a/conf/postfix-script ++++ b/conf/postfix-script +@@ -43,7 +43,6 @@ FATAL="$LOGGER -p fatal" + PANIC="$LOGGER -p panic" + + umask 022 +-SHELL=/bin/sh + + # + # Can't do much without these in place. +@@ -229,7 +228,7 @@ status) + check-fatal) + # This command is NOT part of the public interface. + +- $SHELL $daemon_directory/post-install create-missing || { ++ $daemon_directory/post-install create-missing || { + $FATAL unable to create missing queue directories + exit 1 + } diff --git a/nixpkgs/pkgs/servers/mail/postfix/relative-symlinks.patch b/nixpkgs/pkgs/servers/mail/postfix/relative-symlinks.patch new file mode 100644 index 000000000000..f7a2078c0343 --- /dev/null +++ b/nixpkgs/pkgs/servers/mail/postfix/relative-symlinks.patch @@ -0,0 +1,13 @@ +diff --git a/postfix-install b/postfix/postfix-install +index 1662c3d..0f20ec0 100644 +--- a/postfix-install ++++ b/postfix-install +@@ -336,7 +336,7 @@ compare_or_symlink() { + # 2) we cannot use mv to replace a symlink-to-directory; + # 3) "ln -n" is not in POSIX, therefore it's not portable. + # rm+ln is less atomic but this affects compatibility symlinks only. +- rm -f $2 && ln -sf $link $2 || exit 1 ++ rm -f $2 && ln -rsf $link $2 || exit 1 + } + } + |