On Fri, Aug 26, 2011 at 7:07 AM, Todd Lyons <tlyons_at_ivenue.com> wrote:
> On Fri, Aug 26, 2011 at 12:27 AM, Daniel Black
> <daniel.subs_at_internode.on.net> wrote:
>> Question - where do you set AUTOCREATE_DKIM_KEYS=NO or DKIM_SELECTOR for the init script?
>
> Very good point, I never noticed that. Steve, it's typical for a
> package with an init script that requires some user customization of
> startup parameters to:
> 1. Create a %{sysconfdir}/sysconfig/%{name} file which will contain simply:
> # Uncomment the following line to disable automatic DKIM key creation
> # AUTOCREATE_DKIM_KEYS=NO
> #
> # Set the default selector
> # DKIM_SELECTOR=default
>
> 2. And then in the init script, after you set any default options,
> this will allow the sysadmin to override any of them (s)he needs:
> [ -f %{sysconfdir}/sysconfig/%{name} ] && \
> . %{sysconfdir}/sysconfig/%{name}
Yep. That's a great idea from Daniel. After 2.4.2-3 gets pushed out of
the testing repos to the stable ones (which should be within the week)
I'll add that in (I don't want to commit an update to a new package
until it's run through the entire new package process).
> 3. We set the DKIM_SELECTOR in the init script, but not the other one.
>> Might also watch this for selinux ideas.
>> https://bugzilla.redhat.com/show_bug.cgi?id=718219
>
> Ah, yeah, we need to handle selinux scenarios too. I hate SELinux. :-(
Coincidentally, I got this email two days ago:
"I saw your initial self-intro on the packaging list and was going to
reply then but I've been rather busy with various things and I never
got round to it. I see Matt D has sponsored you already but I still
may be able to offer some assistance: have you tried the milter with
SELinux enforcing, and if so, does it work? If not, that's definitely
something that should be sorted before the package goes anywhere but
Rawhide, and I can help with it.
"I maintain in Fedora spamass-milter and milter-regex, and I also have
local packages for smf-spf and smf-sav. I have SELinux policy for all
of these, and wrote the milter policy in SELinux reference policy,
which is what Fedora's SELinux policy is based on.
"Please let me know if I can be of help."
I'm an SELinux hater, too - I know nothing about it except how to
disable it, which is the absolute first thing I do on a new install.
I'll follow up with Paul to help us out with this.
SteveJ
Received on Fri Aug 26 2011 - 14:47:29 PST