policyd is a policy server for postfix written in C which provides greylisting, sender (envelope, SASL or host/ip) based throttling (messages and/or volume per hour) and spamtraps by Cami Sardinha. It would be nice to have an ebuild for it. http://policyd.sourceforge.net/ Reproducible: Always Steps to Reproduce: 1. 2. 3.
Created attachment 73363 [details] my working policyd ebuild please stablize it, if i get more help i will doit
(In reply to comment #1) > Created an attachment (id=73363) [edit] > my working policyd ebuild > > please stablize it, if i get more help i will doit still need help :(
Created attachment 77157 [details] ebuild for 1.72 updated to 1.72
Created attachment 77158 [details] stats cron
Created attachment 77160 [details] cleanup cron
Created attachment 77161 [details] fixed init for gentoo
let me know if any troubles
First of all, all text attachments here should have type "text/plain", so they are easily viewable from within this bugzilla. Some issues: - RESTRICT="nomirror" is most likely unnecessary, since policyd is GPL-2 - the ebuild is too verbose, get rid of "foo start" "foo end" einfo messages - too many commented lines - decide whether you want them in the ebuild or not, and remove unused ones - with all epatch lines commented, src_unpack() can be omitted entirely, since "unpack ${A}; cd ${S}" is the default - typo in pkg_postinst(): "durig" - cosmetic issue: single pkg_postinst() messages could have one empty line between each, to improve readability Also, I sometimes had following build error when trying to merge policyd. Perhaps use emake -j1 to avoid this? [*] Building Objects: compiling -g -W -Wall -DMAXFDS=1023 policyd.c compiling -g -W -Wall -DMAXFDS=1023 sockets.c compiling -g -W -Wall -DMAXFDS=1023 cidr.c compiling -g -W -Wall -DMAXFDS=1023 greylist.c compiling -g -W -Wall -DMAXFDS=1023 throttle.c compiling -g -W -Wall -DMAXFDS=1023 spamtrap.c compiling -g -W -Wall -DMAXFDS=1023 blacklist.c compiling -g -W -Wall -DMAXFDS=1023 whitelist.c compiling -g -W -Wall -DMAXFDS=1023 blacklist_helo.c compiling -g -W -Wall -DMAXFDS=1023 throttle_from.c compiling -g -W -Wall -DMAXFDS=1023 throttle_host.c compiling -g -W -Wall -DMAXFDS=1023 throttle_sasl.c compiling -g -W -Wall -DMAXFDS=1023 throttle_rcpt.c compiling -g -W -Wall -DMAXFDS=1023 cleanup.c compiling -g -W -Wall -DMAXFDS=1023 mysql.c compiling -g -W -Wall -DMAXFDS=1023 stats.c compiling -g -W -Wall -DMAXFDS=1023 helo.c [*] Linking cleanup* gcc: mysql.o: Adres
First of all, all text attachments here should have type "text/plain", so they are easily viewable from within this bugzilla. Some issues: - RESTRICT="nomirror" is most likely unnecessary, since policyd is GPL-2 - the ebuild is too verbose, get rid of "foo start" "foo end" einfo messages - too many commented lines - decide whether you want them in the ebuild or not, and remove unused ones - with all epatch lines commented, src_unpack() can be omitted entirely, since "unpack ${A}; cd ${S}" is the default - typo in pkg_postinst(): "durig" - cosmetic issue: single pkg_postinst() messages could have one empty line between each, to improve readability Also, I sometimes had following build error when trying to merge policyd. Perhaps use emake -j1 to avoid this? [*] Building Objects: compiling -g -W -Wall -DMAXFDS=1023 policyd.c compiling -g -W -Wall -DMAXFDS=1023 sockets.c compiling -g -W -Wall -DMAXFDS=1023 cidr.c compiling -g -W -Wall -DMAXFDS=1023 greylist.c compiling -g -W -Wall -DMAXFDS=1023 throttle.c compiling -g -W -Wall -DMAXFDS=1023 spamtrap.c compiling -g -W -Wall -DMAXFDS=1023 blacklist.c compiling -g -W -Wall -DMAXFDS=1023 whitelist.c compiling -g -W -Wall -DMAXFDS=1023 blacklist_helo.c compiling -g -W -Wall -DMAXFDS=1023 throttle_from.c compiling -g -W -Wall -DMAXFDS=1023 throttle_host.c compiling -g -W -Wall -DMAXFDS=1023 throttle_sasl.c compiling -g -W -Wall -DMAXFDS=1023 throttle_rcpt.c compiling -g -W -Wall -DMAXFDS=1023 cleanup.c compiling -g -W -Wall -DMAXFDS=1023 mysql.c compiling -g -W -Wall -DMAXFDS=1023 stats.c compiling -g -W -Wall -DMAXFDS=1023 helo.c [*] Linking cleanup* gcc: mysql.o: Adresár alebo súbor neexistuje make: *** [cleanup] Error 1 make: *** Waiting for unfinished jobs.... mysql.c: In function `db_connect': mysql.c:444: warning: passing arg 3 of `mysql_options' makes pointer from integer without a cast !!! ERROR: net-mail/policyd-1.72 failed. Call stack: ebuild.sh, line 1909: Called dyn_compile ebuild.sh, line 956: Called src_compile !!! emake failed !!! If you need support, post the topmost build error, and the call stack if relevant.
Created attachment 78763 [details] emerge info where this ebuild fals
Created attachment 78764 [details] emerge info where this ebuild works
Created attachment 78766 [details] latest ebuild this is the latest ebuild i have that works on both of my opterons, still need to fix som errors, but it compiles here for a start
Created attachment 78770 [details] makefile dependice patch for 1.72 hmp :-)
Created attachment 78771 [details] fixed ebuild that should be working now
Created attachment 81669 [details, diff] make -j2 bugfix for 1.73
Created attachment 81670 [details] policyd 1.73 ebuild
Created attachment 88629 [details] policyd 1.75 ebuild latest 1.75 ebuild
for 1.76 use ebuild for 1.75
Created attachment 91212 [details] 1.79 this is the latest ebuild with does work in my overlay so hope its olso works for more then just me, i have changed MAXFDS in makefile to reflect what ulimit -n shows, can this be maked better ?
Created attachment 91977 [details] Updated ebuild 1.80 Updates the release, sets the keywords, fixes some typos and uses a better named init file.
Created attachment 91978 [details] init file for 1.80 ebuild Better naming and don't require starting of mysql, eg. when using mysql on a remote machine.
Comment on attachment 91977 [details] Updated ebuild 1.80 ># Copyright 1999-2006 Gentoo Foundation ># Distributed under the terms of the GNU General Public License v2 ># $Header$ > >inherit eutils > >DESCRIPTION="Policyd daemon for postfix" >HOMEPAGE="http://policyd.sf.net/" >SRC_URI="http://policyd.sourceforge.net/${PN}-v${PV}.tar.gz mirror://sourceforge/${PN}/${PN}-v${PV}.tar.gz" >LICENSE="GPL-2" >SLOT="0" >KEYWORDS="~x86 ~amd64" >IUSE="" >DEPEND=">=mail-mta/postfix-2.1.5 > >=dev-db/mysql-4.0.24 > >=dev-libs/openssl-0.9.7e-r1" > >S=${WORKDIR}/${PN}-v${PV} > >src_unpack() { > unpack ${A} > cd ${S} > # epatch ${FILESDIR}/${PV}-Makefile.patch || die "epatch Makefile.patch failed" > # cp ${FILESDIR}/${PV}-Makefile_new Makefile >} > >src_compile() { > cd ${S} > sed -i -e s/UID=0/UID=65534/ -e s/GID=0/GID=65534/ -e s/DAEMON=0/DAEMON=1/ -e s/DEBUG=3/DEBUG=0/ -e s/DATABASE_KEEPALIVE=0/DATABASE_KEEPALIVE=1/ policyd.conf > # emake build || die "emake failed" > emake policyd_start || die "emake start failed" > emake policyd || die "emake policyd failed" > emake cleanup || die "emake cleanup failed" > emake stats || die "emake stats failed" >} > >src_install() { > insopts -o root -g nobody -m 0750 > dosbin policyd cleanup stats > > insinto /etc > insopts -o root -g nobody -m 0640 > doins policyd.conf > > exeinto /etc/cron.hourly > insopts -o root -g nobody -m 0700 > newexe ${FILESDIR}/${PN}.gentoo.cron ${PN}.cron > > exeinto /etc/cron.daily > insopts -o root -g nobody -m 0700 > newexe ${FILESDIR}/${PN}-stats.cron ${PN}.stats.cron > > # we use the sql files under config > # dodoc Changelog.txt DATABASE.mysql License.txt README.txt doc/support.txt doc/blacklist_helo.sql doc/whitelist.sql > dodoc Changelog.txt DATABASE.mysql License.txt README.txt doc/support.txt > newinitd ${FILESDIR}/${PN}.init ${PN} >} > >pkg_postinst() { > einfo "To make use of policyd, please update your postfix config:" > einfo "Add \"check_policy_service inet:127.0.0.1:10031\" to" > einfo "smtpd_recipient restrictions setting in your /etc/postfix/main.cf" > einfo "and restart postfix." > einfo "Also remember to start the daemon at boot:" > einfo " rc-update add policyd default" > ewarn "Read the documentation for more info." > einfo "Follow the maillist please." >}
(In reply to comment #20) > Created an attachment (id=91978) [edit] > init file for 1.80 ebuild > > Better naming and don't require starting of mysql, eg. when using mysql on a > remote machine. > how is the maxfds handled in makefile ? was it wroung done in my comment #18 ?
Hi, Sune Foldager (cyanite) and I (eroyf) have created a fixed version of Benny Pedersen's ebuild for policyd. We have created a patch (policyd-cflags.patch) which makes the Makefile able to use the CFLAGS from the environment (make.conf). We have also created an updated version of the init script (policyd.rc) which uses a conf.d file (policyd.confd). We're both ready for some proxy maintaining if any developers will allow that and be our proxy maintainer. So if you're up for this please add cryo@cyanite.org and alex@stener.nu to the metadata.xml file. I'll attach the files to this bug now. Regards, Alexander H. F
Hi, Sune Foldager (cyanite) and I (eroyf) have created a fixed version of Benny Pedersen's ebuild for policyd. We have created a patch (policyd-cflags.patch) which makes the Makefile able to use the CFLAGS from the environment (make.conf). We have also created an updated version of the init script (policyd.rc) which uses a conf.d file (policyd.confd). We're both ready for some proxy maintaining if any developers will allow that and be our proxy maintainer. So if you're up for this please add cryo@cyanite.org and alex@stener.nu to the metadata.xml file. I'll attach the files to this bug now. Regards, Alexander H. Færøy (eroyf)
Created attachment 95874 [details] mail-filter/policyd updated ebuild. Updated ebuild for policyd-1.80 Regards, Alexander H. F
Created attachment 95874 [details] mail-filter/policyd updated ebuild. Updated ebuild for policyd-1.80 Regards, Alexander H. Færøy (eroyf)
Created attachment 95875 [details] mail-filter/policyd new conf.d file entry New conf.d/policyd file for use in the init.d script. Regards, Alexander H. F
Created attachment 95875 [details] mail-filter/policyd new conf.d file entry New conf.d/policyd file for use in the init.d script. Regards, Alexander H. Færøy (eroyf)
Created attachment 95876 [details] mail-filter/policyd new init.d file entry New init.d file policyd using start-stop-daemon. (Looks better than killall and friends). Regards, Alexander H. F
Created attachment 95876 [details] mail-filter/policyd new init.d file entry New init.d file policyd using start-stop-daemon. (Looks better than killall and friends). Regards, Alexander H. Færøy (eroyf)
Created attachment 95878 [details, diff] mail-filter/policyd new makefile patch for the cflags issue. Described above. A patch that fix an issue with the Makefile shipped by the policyd upstream. Regards, Alexander H. F... argh you know it...
Created attachment 95879 [details] mail-filter/policyd new cron file Cron file for the policyd ebuild. This is the last file from me. Regards Alexander
Comment on attachment 95878 [details, diff] mail-filter/policyd new makefile patch for the cflags issue. Makefile maked obsolete... New one comming up now. Regards, Alexander
Created attachment 95960 [details] Fixed version of policyd-cflags.patch This version takes care of the -DMAXFDS line in the Makefile. This is hardcoded from upstream to be 4096, but should be 1024 on Gentoo. However, we have used `ulimit -n` insteed if the users has changed that value. Regards, Alexander
Comment on attachment 95874 [details] mail-filter/policyd updated ebuild. Marked obsolete... Ready for new version. Coming soon. Regards, Alexander
Comment on attachment 95960 [details] Fixed version of policyd-cflags.patch Marked obsolete... Ready for new version. Coming soon. New things includes: - ${CC} now works - Removed the -O flags. Regards, Alexander
I've used this ebuild in my own overlay and I made 2 changes to the ebuid. "cleanup" and "stats" are way too generic names to let them go this way. In the src_install, I install them under new names, namely policyd_cleanup and policyd_stats which shouldn't conflict with any other existing tools. Of course, the cron jobs have been modified accordingly. It would be nice to include these modifications into the ebuid. --- policyd-1.80.ebuild 2006-09-17 11:30:23.000000000 +0200 +++ policyd-1.80.ebuild.new 2006-09-17 11:19:52.000000000 +0200 @@ -36,7 +36,15 @@ src_install() { insopts -o root -g nobody -m 0750 - dosbin policyd cleanup stats + dosbin policyd + + exeinto /usr/sbin + insopts -o root -g nobody -m 750 + newexe cleanup policyd_cleanup + + exeinto /usr/sbin + insopts -o root -g nobody -m 750 + newexe cleanup policyd_stats insinto /etc insopts -o root -g nobody -m 0640
(In reply to comment #33) > src_install, I install them under new names, namely policyd_cleanup and > policyd_stats which shouldn't conflict with any other existing tools. > > Of course, the cron jobs have been modified accordingly. > > It would be nice to include these modifications into the ebuid. Thanks a lot :) We have actually talked about prefixing this a while ago but forgot it again. We have changed some more bits and I am going to put the updates (including your patch) to bugzilla during the upcoming week. I will talk a bit with some ebuild maintainers about adding this to portage. Regards, Alexander
(In reply to comment #34) > We have changed some more bits and I am going to put the updates (including > your patch) to bugzilla during the upcoming week. > > I will talk a bit with some ebuild maintainers about adding this to portage. There's more to do! policyd should have a /etc/conf.d/policyd entry where we should specify at least CONFIG_FILE var and a check_config() function should be added to /etc/init.d/policyd to use conf.d config file. The init.d script should parse, in check_config(), the specified config file for the PIDFILE directive in order to properly close the right instance of policyd. Policyd provides a lot of services along with greylisting and some of them (namely throttling and SASL throttling) require 2 instances of policyd. One running BEFORE "permit_mynetworks/permit_sasl_authenticated" (for throttling) and one AFTER "check_recipient_access/check_policy_service" (greylisting). Currently, the "killall" command would kill all instances which quite unacceptable :-) For a good source of inspiration, have a look at mail-filter/dspam init.d script which does PIDFILE parsing.
Comment on attachment 91212 [details] 1.79 Marked obsolete.
Comment on attachment 91977 [details] Updated ebuild 1.80 Marked obsolete.
Comment on attachment 91978 [details] init file for 1.80 ebuild Marked obsolete.
Comment on attachment 77161 [details] fixed init for gentoo Marked obsolete.
Comment on attachment 77158 [details] stats cron Marked obsolete.
Comment on attachment 77160 [details] cleanup cron Marked obsolete.
Comment on attachment 95879 [details] mail-filter/policyd new cron file Marked obsolete.
Comment on attachment 95876 [details] mail-filter/policyd new init.d file entry Marked obsolete.
Created attachment 97921 [details] Fixed ebuild for policyd-1.80
Created attachment 97922 [details] Fixed policyd-cleanup cron script.
Created attachment 97923 [details] Fixed files/policyd-makefile.patch
Created attachment 97924 [details] Fixed init script Last comment added together with last file. Use old conf.d entry, there is no updates to that file now. Regards, Alexander
(In reply to comment #46) > Created an attachment (id=97921) [edit] > Fixed ebuild for policyd-1.80 > It's contain bugs. I'm attach correct version.
Created attachment 100205 [details] policyd-1.80.ebuild contain small fix.
Assigning to me.
reassigning to myself after talking to eroyf
in cvs, thanks for all contributions.