diff options
Diffstat (limited to 'testing/opendmarc/config-defaults.patch')
-rw-r--r-- | testing/opendmarc/config-defaults.patch | 175 |
1 files changed, 175 insertions, 0 deletions
diff --git a/testing/opendmarc/config-defaults.patch b/testing/opendmarc/config-defaults.patch new file mode 100644 index 0000000000..65aa823e30 --- /dev/null +++ b/testing/opendmarc/config-defaults.patch @@ -0,0 +1,175 @@ +Change defaults based on Fedora and openSUSE packages. + +Also remove options for supervisor and options that need root privileges +(we use OpenRC for process supervising and dropping privileges). + +--- a/opendmarc/opendmarc.conf.sample ++++ b/opendmarc/opendmarc.conf.sample +@@ -24,7 +24,7 @@ + ## provided, the name of the host running the filter (as returned by the + ## gethostname(3) function) will be used. + # +-# AuthservID name ++AuthservID HOSTNAME + + ## AuthservIDWithJobID { true | false } + ## default "false" +@@ -35,46 +35,6 @@ + # + # AuthservIDWithJobID false + +-## AutoRestart { true | false } +-## default "false" +-## +-## Automatically re-start on failures. Use with caution; if the filter fails +-## instantly after it starts, this can cause a tight fork(2) loop. +-# +-# AutoRestart false +- +-## AutoRestartCount n +-## default 0 +-## +-## Sets the maximum automatic restart count. After this number of automatic +-## restarts, the filter will give up and terminate. A value of 0 implies no +-## limit. +-# +-# AutoRestartCount 0 +- +-## AutoRestartRate n/t[u] +-## default (no limit) +-## +-## Sets the maximum automatic restart rate. If the filter begins restarting +-## faster than the rate defined here, it will give up and terminate. This +-## is a string of the form n/t[u] where n is an integer limiting the count +-## of restarts in the given interval and t[u] defines the time interval +-## through which the rate is calculated; t is an integer and u defines the +-## units thus represented ("s" or "S" for seconds, the default; "m" or "M" +-## for minutes; "h" or "H" for hours; "d" or "D" for days). For example, a +-## value of "10/1h" limits the restarts to 10 in one hour. There is no +-## default, meaning restart rate is not limited. +-# +-# AutoRestartRate n/t[u] +- +-## Background { true | false } +-## default "true" +-## +-## Causes opendmarc to fork and exits immediately, leaving the service +-## running in the background. +-# +-# Background true +- + ## BaseDirectory (string) + ## default (none) + ## +@@ -84,18 +44,8 @@ + ## directory. It's also useful for arranging that any crash dumps will be + ## saved to a specific location. + # +-# BaseDirectory /var/run/opendmarc ++BaseDirectory /run/opendmarc + +-## ChangeRootDirectory (string) +-## default (none) +-## +-## Requests that the operating system change the effective root directory of +-## the process to the one specified here prior to beginning execution. +-## chroot(2) requires superuser access. A warning will be generated if +-## UserID is not also set. +-# +-# ChangeRootDirectory /var/chroot/opendmarc +- + ## CopyFailuresTo (string) + ## default (none) + ## +@@ -175,7 +125,7 @@ + ## rather periodically imported into a relational database from which the + ## aggregate reports can be extracted by a tool such as opendmarc-import(8). + # +-# HistoryFile /var/run/opendmarc.dat ++# HistoryFile /var/spool/opendmarc/opendmarc.dat + + ## IgnoreAuthenticatedClients { true | false } + ## default "false" +@@ -193,7 +143,7 @@ + ## connections are to be ignored by the filter. If not specified, defaults + ## to "127.0.0.1" only. + # +-# IgnoreHosts /usr/local/etc/opendmarc/ignore.hosts ++# IgnoreHosts /etc/opendmarc/ignore.hosts + + ## IgnoreMailFrom domain[,...] + ## default (none) +@@ -212,14 +162,6 @@ + # + # MilterDebug 0 + +-## PidFile path +-## default (none) +-## +-## Specifies the path to a file that should be created at process start +-## containing the process ID. +-# +-# PidFile /var/run/opendmarc.pid +- + ## PublicSuffixList path + ## default (none) + ## +@@ -284,7 +226,7 @@ + ## either in the configuration file or on the command line. If an IP + ## address is used, it must be enclosed in square brackets. + # +-# Socket inet:8893@localhost ++Socket inet:8893@localhost + + ## SoftwareHeader { true | false } + ## default "false" +@@ -294,7 +236,7 @@ + ## delivery. The product's name, version, and the job ID are included in + ## the header field's contents. + # +-# SoftwareHeader false ++SoftwareHeader true + + ## SPFIgnoreResults { true | false } + ## default "false" +@@ -303,7 +245,7 @@ + ## message. This is useful if you want the filter to perfrom SPF checks + ## itself, or because you don't trust the arriving header. + # +-# SPFIgnoreResults false ++SPFIgnoreResults true + + ## SPFSelfValidate { true | false } + ## default false +@@ -316,14 +258,14 @@ + ## is also set, it never looks for SPF results in headers and + ## always performs the SPF check itself when this is set. + # +-# SPFSelfValidate false ++SPFSelfValidate true + + ## Syslog { true | false } + ## default "false" + ## + ## Log via calls to syslog(3) any interesting activity. + # +-# Syslog false ++Syslog true + + ## SyslogFacility facility-name + ## default "mail" +@@ -354,13 +296,4 @@ + ## specific file mode on creation regardless of the process umask. See + ## umask(2) for more information. + # +-# UMask 077 +- +-## UserID user[:group] +-## default (none) +-## +-## Attempts to become the specified userid before starting operations. +-## The process will be assigned all of the groups and primary group ID of +-## the named userid unless an alternate group is specified. +-# +-# UserID opendmarc ++UMask 007 |