OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /v/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 01-Nov-2006 15:55:48
Branch: HEAD Handle: 2006110114554800
Added files:
openpkg-src/sks sks-mail.c sks.txt
Modified files:
openpkg-src/sks rc.sks sks-load sks-setup sks.spec
Log:
improve configuration by using separate files; add support for mail
gateway
Summary:
Revision Changes Path
1.2 +0 -16 openpkg-src/sks/rc.sks
1.2 +7 -7 openpkg-src/sks/sks-load
1.1 +29 -0 openpkg-src/sks/sks-mail.c
1.2 +9 -3 openpkg-src/sks/sks-setup
1.2 +66 -12 openpkg-src/sks/sks.spec
1.1 +31 -0 openpkg-src/sks/sks.txt
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/sks/rc.sks
============================================================================
$ cvs diff -u -r1.1 -r1.2 rc.sks
--- openpkg-src/sks/rc.sks 1 Nov 2006 09:23:45 -0000 1.1
+++ openpkg-src/sks/rc.sks 1 Nov 2006 14:55:48 -0000 1.2
@@ -5,15 +5,7 @@
%config
sks_enable="$openpkg_rc_def"
- sks_db_hostname="keyserver.example.com"
- sks_db_bind="127.0.0.1"
- sks_db_port="11371"
- sks_db_debuglevel="5"
sks_db_flags=""
- sks_recon_hostname="keyserver.example.com"
- sks_recon_bind="127.0.0.1"
- sks_recon_port="11370"
- sks_recon_debuglevel="5"
sks_recon_flags=""
sks_log_prolog="true"
sks_log_epilog="true"
@@ -49,10 +41,6 @@
rcService sks active yes && exit 0
( cd $sks_db_rundir || exit $?
cmd="@l_prefix@/sbin/sks"
- cmd="$cmd -hostname \"$sks_db_hostname\""
- cmd="$cmd -hkp_address \"$sks_db_bind\""
- cmd="$cmd -hkp_port \"$sks_db_port\""
- cmd="$cmd -debug -debuglevel \"$sks_db_debuglevel\""
cmd="$cmd $sks_db_flags"
cmd="$cmd db"
eval "nohup $cmd </dev/null >/dev/null 2>&1 &"
@@ -61,10 +49,6 @@
sleep 1
( cd $sks_recon_rundir || exit $?
cmd="@l_prefix@/sbin/sks"
- cmd="$cmd -hostname \"$sks_recon_hostname\""
- cmd="$cmd -recon_address \"$sks_recon_bind\""
- cmd="$cmd -recon_port \"$sks_recon_port\""
- cmd="$cmd -debug -debuglevel \"$sks_recon_debuglevel\""
cmd="$cmd $sks_recon_flags"
cmd="$cmd recon"
eval "nohup $cmd </dev/null >/dev/null 2>&1 &"
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/sks/sks-load
============================================================================
$ cvs diff -u -r1.1 -r1.2 sks-load
--- openpkg-src/sks/sks-load 1 Nov 2006 09:23:45 -0000 1.1
+++ openpkg-src/sks/sks-load 1 Nov 2006 14:55:48 -0000 1.2
@@ -4,8 +4,8 @@
# other SKS commands work relatively to it
cd @l_prefix@/var/sks || exit $?
-# create dumps directory
-test -d dumps || mkdir dumps
+# create dump directory
+test -d dump || mkdir dump
# fetch and load the latest dumps
url_root="http://ftp.prato.linux.it/pub/keyring/dump-latest/";
@@ -14,19 +14,19 @@
dump_file=`printf "sks-dump-%04d.pgp" $i`
dump_url="$url_root$dump_file"
echo "++ downloading $dump_url"
- @l_prefix@/lib/openpkg/curl -s -k -R -o dumps/$dump_file $dump_url
+ @l_prefix@/lib/openpkg/curl -s -k -R -o dump/$dump_file $dump_url
if [ $# -ne 0 ]; then
- rm -f dumps/$dump_file*
+ rm -f dump/$dump_file*
exit 0
fi
echo "++ merging into KDB $dump_file"
- @l_prefix@/sbin/sks merge dumps/$dump_file
+ @l_prefix@/sbin/sks merge dump/$dump_file
if [ $# -ne 0 ]; then
echo "$0:ERROR: failed to merge dump file"
- rm -f dumps/$dump_file*
+ rm -f dump/$dump_file*
exit 1
fi
- rm -f dumps/$dump_file*
+ rm -f dump/$dump_file*
i=$[$i + 1]
done
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/sks/sks-mail.c
============================================================================
$ cvs diff -u -r0 -r1.1 sks-mail.c
--- /dev/null 2006-11-01 15:55:33 +0100
+++ sks-mail.c 2006-11-01 15:55:48 +0100
@@ -0,0 +1,29 @@
+
+#include <stdlib.h>
+#include <sys/types.h>
+#include <unistd.h>
+
+#define RUN_DIR L_PREFIX "/var/sks"
+#define RUN_SCRIPT L_PREFIX "/sbin/sks_add_mail"
+
+int main(int argc, char *argv[])
+{
+ static char *const exec_env[] = {
+ "PATH=/bin:/usr/bin:/sbin:/usr/sbin",
+ NULL
+ };
+ if (chdir(RUN_DIR) == -1) {
+ perror("chdir");
+ exit(1);
+ }
+ if (setuid(geteuid()) == -1) {
+ perror("setuid");
+ exit(1);
+ }
+ if (setgid(getegid()) == -1) {
+ perror("setgid");
+ exit(1);
+ }
+ execve(RUN_SCRIPT, argv, exec_env);
+}
+
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/sks/sks-setup
============================================================================
$ cvs diff -u -r1.1 -r1.2 sks-setup
--- openpkg-src/sks/sks-setup 1 Nov 2006 09:23:45 -0000 1.1
+++ openpkg-src/sks/sks-setup 1 Nov 2006 14:55:48 -0000 1.2
@@ -6,7 +6,7 @@
# create an initial SKS key database (KGB)
echo "++ creating initial SKS key database"
[EMAIL PROTECTED]@/sbin/sks fastbuild -n 10 -cache 100
[EMAIL PROTECTED]@/sbin/sks fastbuild -n 4 -cache 100
# import at least the OpenPKG OpenPGP keys
# into the key database as SKS cleandb and
@@ -33,7 +33,13 @@
rm -f fastbuild.log merge.log clean.log pbuild.log
# generate top-level web page
-echo "++ generating SKS top-level web form"
+echo "++ generating SKS top-level web form symlink"
mkdir web
-cp @l_prefix@/share/sks/sks.html web/index.html
+ln -s ../../../etc/sks/sks.html web/index.html
+
+# generate initial configuration files
+echo "++ generating SKS configuration file symlinks"
+for file in sksconf mailsync membership; do
+ ln -s ../../etc/sks/$file $file
+done
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/sks/sks.spec
============================================================================
$ cvs diff -u -r1.1 -r1.2 sks.spec
--- openpkg-src/sks/sks.spec 1 Nov 2006 09:23:45 -0000 1.1
+++ openpkg-src/sks/sks.spec 1 Nov 2006 14:55:48 -0000 1.2
@@ -40,14 +40,16 @@
Source1: rc.sks
Source2: sks-setup
Source3: sks-load
-Source4: sks.html
+Source4: sks-mail.c
+Source5: sks.html
+Source6: sks.txt
Patch0: sks.patch
# build information
Prefix: %{l_prefix}
BuildRoot: %{l_buildroot}
BuildPreReq: OpenPKG, openpkg >= 20040130, ocaml, gcc, make, perl
-PreReq: OpenPKG, openpkg >= 20040130
+PreReq: OpenPKG, openpkg >= 20040130, MTA
BuildPreReq: db
PreReq: db
AutoReq: no
@@ -82,21 +84,29 @@
%patch -p0
%build
+ # build main program
%{l_make} %{l_mflags} \
BDBINCLUDE="%{l_cppflags}" \
BDBLIB="%{l_ldflags}" \
LIBDB="-ldb" \
MANDIR="%{l_prefix}/man"
+ # build suid wrapper sks-mail
+ %{l_cc} %{l_cflags} %{l_ldflags} '-DL_PREFIX="%{l_prefix}"' \
+ -o sks-mail %{SOURCE sks-mail.c}
+
%install
+ # create installation hierarchy
rm -rf $RPM_BUILD_ROOT
%{l_shtool} mkdir -f -p -m 755 \
+ $RPM_BUILD_ROOT%{l_prefix}/etc/sks \
$RPM_BUILD_ROOT%{l_prefix}/etc/rc.d \
$RPM_BUILD_ROOT%{l_prefix}/sbin \
- $RPM_BUILD_ROOT%{l_prefix}/share/sks \
$RPM_BUILD_ROOT%{l_prefix}/var/sks
+
+ # install programs
%{l_shtool} install -c -s -m 755 \
- sks sks_add_mail $RPM_BUILD_ROOT%{l_prefix}/sbin/
+ sks sks_add_mail sks-mail $RPM_BUILD_ROOT%{l_prefix}/sbin/
%{l_shtool} install -c -m 755 %{l_value -s -a} \
%{SOURCE sks-setup} %{SOURCE sks-load} \
$RPM_BUILD_ROOT%{l_prefix}/sbin/
@@ -104,12 +114,27 @@
-e 's;/bin/bash;%{l_bash};g' \
-e 's; sks ; %{l_prefix}/sbin/sks ;g' \
sks_build.sh $RPM_BUILD_ROOT%{l_prefix}/sbin/sks_build
+
+ # install run-command script
%{l_shtool} install -c -m 755 %{l_value -s -a} \
%{SOURCE rc.sks} $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/
- %{l_shtool} install -c -m 755 %{l_value -s -a} \
- %{SOURCE sks.html} $RPM_BUILD_ROOT%{l_prefix}/share/sks/
+
+ # install default web form
+ %{l_shtool} install -c -m 644 %{l_value -s -a} \
+ %{SOURCE sks.html} $RPM_BUILD_ROOT%{l_prefix}/etc/sks/
+
+ for name in `grep "^<file" %{SOURCE sks.txt} | sed -e 's;^.*name=";;' -e
's;".*$;;'`; do
+ (echo ""; cat %{SOURCE sks.txt}; echo "") |\
+ sed -e "1,/^<file name=\"$name\">/d" -e "/<\/file>/,\$d" >$name
+ %{l_shtool} install -c -m 644 %{l_value -s -a} \
+ $name $RPM_BUILD_ROOT%{l_prefix}/etc/sks/
+ done
+
+ # determine installation files
%{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
%{l_files_std} \
+ '%config %{l_prefix}/etc/sks/*' \
+ '%attr(4755,%{l_rusr},%{l_mgrp}) %{l_prefix}/sbin/sks-mail' \
'%attr(-,%{l_rusr},%{l_rgrp}) %{l_prefix}/var/sks'
%files -f files
@@ -118,9 +143,27 @@
rm -rf $RPM_BUILD_ROOT
%post
- # on initial install, create database
if [ $1 -eq 1 ]; then
+ # create initial database
su %{l_rusr} -c "$RPM_INSTALL_PREFIX/sbin/sks-setup"
+
+ # activate in MTA configuration
+ aliases_file=`$RPM_INSTALL_PREFIX/etc/rc --query MTA_aliases_file`
+ aliases_update=`$RPM_INSTALL_PREFIX/etc/rc --query
MTA_aliases_update`
+ if [ ".$aliases_file" != . ]; then
+ ( echo "sks: pks-request"
+ echo "sks-request: \"|$RPM_INSTALL_PREFIX/sbin/sks-mail
$RPM_INSTALL_PREFIX/var/sks\""
+ echo "sks-daemon: MAILER-DAEMON"
+ echo "sks-admin: postmaster"
+ echo "pgp-public-keys: sks-request"
+ echo "pgp: sks-request"
+ ) | %{l_rpmtool} config -a -i "$RPM_INSTALL_PREFIX:sks"
$aliases_file
+ fi
+ if [ ".$aliases_update" != . ]; then
+ eval $aliases_update
+ fi
+
+ # display hint
( echo "SKS database initialized. Now you can startup SKS with"
echo " \$ $RPM_INSTALL_PREFIX/bin/openpkg rc sks start"
echo "and for instance lookup the OpenPKG OpenPGP keys under"
@@ -132,18 +175,29 @@
echo "merge all their latest dumps into your local database:"
echo " su %{l_rusr} -c $RPM_INSTALL_PREFIX/sbin/sks-load"
) | %{l_rpmtool} msg -b -t notice
+ elif [ $1 -eq 2 ]; then
+ # after upgrade, restart service
+ eval `%{l_rc} sks status 2>/dev/null`
+ [ ".$sks_active" = .yes ] && %{l_rc} sks restart
fi
-
- # after upgrade, restart service
- [ $1 -eq 2 ] || exit 0
- eval `%{l_rc} sks status 2>/dev/null`
- [ ".$sks_active" = .yes ] && %{l_rc} sks restart
exit 0
%preun
# before erase, stop service and remove log files
[ $1 -eq 0 ] || exit 0
%{l_rc} sks stop 2>/dev/null
+
+ # deactivate in MTA configuration
+ aliases_file=`$RPM_INSTALL_PREFIX/etc/rc --query MTA_aliases_file`
+ aliases_update=`$RPM_INSTALL_PREFIX/etc/rc --query MTA_aliases_update`
+ if [ ".$aliases_file" != . ]; then
+ %{l_rpmtool} config -r -i "$RPM_INSTALL_PREFIX:sks" $aliases_file
+ fi
+ if [ ".$aliases_update" != . ]; then
+ eval $aliases_update
+ fi
+
+ # remove database files
rm -rf $RPM_INSTALL_PREFIX/var/sks/* >/dev/null 2>&1 || true
exit 0
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/sks/sks.txt
============================================================================
$ cvs diff -u -r0 -r1.1 sks.txt
--- /dev/null 2006-11-01 15:55:33 +0100
+++ sks.txt 2006-11-01 15:55:48 +0100
@@ -0,0 +1,31 @@
+<file name="sksconf">
+##
+## sksconf -- SKS main configuration
+##
+
+debuglevel: 5
+hostname: keyserver.example.com
+hkp_address: 127.0.0.1
+hkp_port: 11371
+recon_address: 127.0.0.1
+recon_port: 11370
+from_addr: [EMAIL PROTECTED]
+sendmail_cmd: @l_prefix@/sbin/sendmail -t -oi
+
+</file>
+<file name="mailsync">
+##
+## mailsync -- SKS mail synchronization to PKS network
+##
+
[EMAIL PROTECTED]
+
+</file>
+<file name="membership">
+##
+## membership -- SKS reconciliation synchronization to SKS network
+##
+
+#keyserver2.example.com 11371
+
+</file>
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [email protected]
