1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
|
# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
inherit systemd perl-module
DESCRIPTION="High-performance interface between the MTA and content checkers"
HOMEPAGE="https://gitlab.com/amavis/amavis"
SRC_URI="https://gitlab.com/amavis/amavis/-/archive/v${PV}/amavis-v${PV}.tar.bz2"
LICENSE="GPL-2 BSD-2"
SLOT="0"
KEYWORDS="~amd64 ~x86"
IUSE="clamav dkim ldap mysql postgres razor rspamd rspamd-https selinux snmp spamassassin test"
RESTRICT="!test? ( test )"
REQUIRED_USE="test? ( spamassassin )"
MY_RSPAMD_DEPEND="dev-perl/HTTP-Message
dev-perl/JSON
dev-perl/LWP-UserAgent-Determined"
DEPEND="acct-user/amavis"
RDEPEND="${DEPEND}
app-arch/arc
app-arch/bzip2
app-arch/cabextract
app-alternatives/cpio
app-arch/gzip
app-arch/lha
app-arch/lrzip
app-arch/lzop
app-arch/p7zip
app-arch/pax
app-arch/arj
app-arch/unrar
app-arch/xz-utils
app-arch/zoo
dev-lang/perl:*
dev-perl/Archive-Zip
dev-perl/BerkeleyDB
dev-perl/Convert-BinHex
dev-perl/File-LibMagic
dev-perl/IO-Socket-SSL
dev-perl/IO-stringy
>=dev-perl/Mail-DKIM-0.31
>=dev-perl/MailTools-1.58
>=dev-perl/MIME-tools-5.415
dev-perl/Net-LibIDN2
>=dev-perl/Net-Server-0.91
dev-perl/Net-SSLeay
dev-perl/Unix-Syslog
net-mail/ripole
net-mail/tnef
>=sys-apps/coreutils-5.0-r3
>=sys-libs/db-4.4.20
virtual/mta
virtual/perl-Compress-Raw-Zlib
virtual/perl-Digest-MD5
virtual/perl-File-Temp
virtual/perl-IO-Compress
virtual/perl-IO-Socket-IP
virtual/perl-MIME-Base64
virtual/perl-Time-HiRes
clamav? ( app-antivirus/clamav )
ldap? ( >=dev-perl/perl-ldap-0.33 )
mysql? ( dev-perl/DBD-mysql )
postgres? ( dev-perl/DBD-Pg )
razor? ( mail-filter/razor )
rspamd? ( ${MY_RSPAMD_DEPEND} )
rspamd-https? ( ${MY_RSPAMD_DEPEND}
dev-perl/LWP-Protocol-https
dev-perl/Net-SSLeay )
selinux? ( sec-policy/selinux-amavis )
snmp? ( net-analyzer/net-snmp[perl] )
spamassassin? ( mail-filter/spamassassin dev-perl/Image-Info )"
BDEPEND="${RDEPEND}
dev-perl/Dist-Zilla
virtual/perl-ExtUtils-MakeMaker
test? (
virtual/perl-Test-Harness
dev-perl/Test-Class
dev-perl/DBI
dev-perl/perl-ldap
dev-perl/NetAddr-IP
dev-perl/Test-Most
)"
AMAVIS_ROOT="/var/lib/amavishome"
S="${WORKDIR}/amavis-v${PV}"
dzil_to_distdir() {
local dzil_root dest has_missing modname dzil_version
dzil_root="$1"
dest="$2"
cd "${dzil_root}" || die "Can't enter workdir '${dzil_root}'";
dzil_version="$(dzil version)" || die "Error invoking 'dzil version'"
einfo "Generating CPAN dist with ${dzil_version}"
has_missing=""
einfo "Checking dzil authordeps"
while IFS= read -d $'\n' -r modname; do
if [[ -z "${has_missing}" ]]; then
has_missing=1
eerror "'dzil authordeps' indicates missing build dependencies"
eerror "These will prevent building, please report a bug"
eerror "Missing:"
fi
S= eerror " ${modname}"
done < <( dzil authordeps --missing --versions )
[[ -z "${has_missing}" ]] || die "Satisfy all missing authordeps first"
einfo "Checking dzil build deps"
while IFS= read -d $'\n' -r modname; do
if [[ -z "${has_missing}" ]]; then
has_missing=1
ewarn "'dzil listdeps' indicates missing build dependencies"
ewarn "These may prevent building, please report a bug if they do"
ewarn "Missing:"
fi
ewarn " ${modname}"
done < <( dzil listdeps --missing --versions --author )
einfo "Generating release"
dzil build --notgz --in "${dest}" || die "Unable to build CPAN dist in '${dest}'"
}
src_prepare() {
# perl-module doesn't account for this being a directory
mv README_FILES READ_FILES || die
# We need to fix the daemon_user and daemon_group in amavis-mc even
# though we're going to run it in the foreground, because it calls
# "drop_priv" unconditionally and will crash if its user/group
# doesn't exist.
sed -i \
-e '/daemon/s/vscan/amavis/' \
-e "s:'/var/virusmails':\"\$MYHOME/quarantine\":" \
"${S}/conf/amavisd.conf" "${S}/bin/amavis-mc" || die "missing conf file"
if ! use dkim ; then
sed -i -e '/enable_dkim/s/1/0/' "${S}/conf/amavisd.conf" \
|| die "missing conf file - dkim"
fi
if ! use spamassassin ; then
sed -i -e \
"/^#[[:space:]]*@bypass_spam_checks_maps[[:space:]]*=[[:space:]]*(1)/s/^#//" \
"${S}/conf/amavisd.conf" || die "missing conf file - sa"
fi
# needs ZMQ::LibZMQ3 which only suports net-libs/zeromq-3*,
# long since removed from tree
perl_rm_files t/Amavis/ZMQTest.t
sed -e '/^ZMQ::LibZMQ3 =/d' \
-i dist.ini || die "Can't patch dist.ini"
rm bin/{amavis-services,amavis-mc,amavisd-snmp-subagent-zmq}
if ! use snmp ; then
rm bin/amavisd-snmp-subagent
fi
eapply_user
# prevent distdir-in-distdir
mv "${S}" "${T}" || die
dzil_to_distdir "${T}/amavis-v${PV}" "${S}"
perl-module_src_prepare
}
src_test() {
prove -lr t || die
}
src_install() {
perl-module_src_install
mkdir "${ED}"/usr/sbin
mv "${ED}"/usr/bin/amavisd "${ED}"/usr/sbin/amavisd || die
mv "${ED}"/usr/bin/amavisd-agent "${ED}"/usr/sbin/amavisd-agent || die
mv "${ED}"/usr/bin/amavisd-nanny "${ED}"/usr/sbin/amavisd-nanny || die
mv "${ED}"/usr/bin/amavisd-release "${ED}"/usr/sbin/amavisd-release || die
mv "${ED}"/usr/bin/amavisd-signer "${ED}"/usr/sbin/amavisd-signer || die
mv "${ED}"/usr/bin/amavisd-status "${ED}"/usr/sbin/amavisd-status || die
dobin contrib/p0f-analyzer.pl
if use snmp ; then
mv "${ED}"/usr/bin/amavisd-snmp-subagent "${ED}"/usr/sbin/amavisd-snmp-subagent || die
newinitd "${FILESDIR}/amavisd-snmp-subagent.initd" \
amavisd-snmp-subagent
dodoc AMAVIS-MIB.txt
fi
perl_fix_packlist
if use ldap ; then
insinto /etc/openldap/schema
newins contrib/LDAP.schema "${PN}.schema"
fi
# The config file should be root:amavis so that the amavis user can
# read (only) it after dropping privileges. And of course he should
# own everything in his home directory.
insinto /etc
insopts -m0640 -g amavis
doins conf/amavisd.conf
# Implementation detail? Keepdir calls dodir under the hood.
diropts -o amavis -g amavis
keepdir "${AMAVIS_ROOT}"/{,db,quarantine,tmp,var}
# BEWARE:
#
# Anything below this line is using the mangled insopts/diropts from
# above!
#
newinitd "${FILESDIR}/amavisd.initd-r2" amavisd
systemd_newunit "${FILESDIR}/amavisd.service-r1" amavisd.service
dodoc AAAREADME.first RELEASE_NOTES TODO \
conf/amavisd.conf-default conf/amavisd-custom.conf \
conf/amavisd-docker.conf
docinto README_FILES
dodoc READ_FILES/README*
dodoc -r READ_FILES/*.{html,css}
docinto README_FILES/images
dodoc READ_FILES/images/*.png
docinto README_FILES/images/callouts
dodoc READ_FILES/images/callouts/*.png
docinto test-messages
dodoc t/messages/README
dodoc t/messages/sample.tar.gz.compl
}
pkg_preinst() {
# TODO: the following is done as root, but should probably be done
# as the amavis user.
if use razor ; then
if [ ! -d "${ROOT}${AMAVIS_ROOT}/.razor" ] ; then
elog "Setting up initial razor config files..."
razor-admin -create -home="${D}/${AMAVIS_ROOT}/.razor"
sed -i -e "s:debuglevel\([ ]*\)= .:debuglevel\1= 0:g" \
"${D}/${AMAVIS_ROOT}/.razor/razor-agent.conf" || die
fi
fi
}
pkg_postinst() {
local d="/var/amavis"
if [ -d ${d} ]; then
elog "Existing data found. Please make sure to manually copy it to amavis' new"
elog "home directory by executing the following command as root from a shell:"
elog
elog " cp -a ${d}/* ${d}/.??* ${AMAVIS_ROOT}/ && rm -r ${d}"
elog
fi
}
|
GitWeb