Auto sync2gitlab import of cyrus-imapd-3.0.7-23.el8.src.rpm
This commit is contained in:
parent
e402678412
commit
aacfa4e807
3
.gitignore
vendored
Normal file
3
.gitignore
vendored
Normal file
@ -0,0 +1,3 @@
|
||||
/cassandane-00bfe01.tar.gz
|
||||
/cassandane-testdata-20170523.tar.gz
|
||||
/cyrus-imapd-3.0.7.tar.gz
|
1111
CHANGES.rpm
Normal file
1111
CHANGES.rpm
Normal file
File diff suppressed because it is too large
Load Diff
34
README.rpm
Normal file
34
README.rpm
Normal file
@ -0,0 +1,34 @@
|
||||
---------------
|
||||
Cyrus IMAPd RPM
|
||||
---------------
|
||||
|
||||
This is a _very_ 'quick and dirty' install howto.
|
||||
|
||||
The following steps should lead you to a running Cyrus IMAP server:
|
||||
|
||||
1) Install on a distribution which is supported by this RPM. Don't install
|
||||
on a dirty system, where you have previously installed from source.
|
||||
2) Don't install if you have a previous Cyrus IMAPd installation <=2.1.x on
|
||||
your box. Upgrading any Invoca rpm based installation should be fine.
|
||||
3) Make sure you understand that this RPM installs in FHS compliant
|
||||
directories, like /var/lib/imap and /var/spool/imap
|
||||
4) Make sure cyrus-sasl is installed.
|
||||
5) Make sure saslauthd is running. If not, edit /etc/sysconfig/saslauthd as
|
||||
needed and do 'chkconfig saslauthd on ; service saslauthd start'
|
||||
6) Install the cyrus-imapd RPMs.
|
||||
7) If it's your first install of Cyrus IMAPd, then set a password for the
|
||||
cyrus user in whatever database you are using to authenticate. When
|
||||
using a local account, this should be 'passwd cyrus'.
|
||||
8) Make sure your MTA delivers to Cyrus IMAPd, I recommend LMTP for this.
|
||||
9) Start Cyrus IMAPd with 'service cyrus-imapd start'
|
||||
10) Run cyradm and create a user. Usually it's something like this:
|
||||
'cyradm --user=cyrus --auth=login localhost'
|
||||
11) If you're using sendmail, be aware that cyrusv2.m4 included in standard
|
||||
sendmail distribution uses socket /var/imap/socket/lmtp while this rpm
|
||||
uses /var/lib/imap/socket/lmtp.
|
||||
12) Check your syslog configuration. This RPM uses the mail facility to log
|
||||
messages. On busy sites you may want to limit the mail facility to the
|
||||
info priority with something like 'mail.info /var/log/maillog' in
|
||||
/etc/syslog.conf.
|
||||
|
||||
Enjoy!
|
56
cassandane.ini
Normal file
56
cassandane.ini
Normal file
@ -0,0 +1,56 @@
|
||||
# A basic cassandane.ini file for running cassandane as part of the Fedora
|
||||
# package build process.
|
||||
|
||||
# The idea here is to run tests on the just-compiled version of cyrus-imapd.
|
||||
# However, many of the build locations are just random temporary directories, and
|
||||
# so this requires some finesse.
|
||||
|
||||
[cassandane]
|
||||
rootdir = CASSDIR/work
|
||||
pwcheck = alwaystrue # This is enabled in Fedora builds
|
||||
cleanup = no
|
||||
maxworkers = 1
|
||||
base_port = 19100
|
||||
|
||||
#[valgrind]
|
||||
#enabled = no
|
||||
|
||||
# The installed copy
|
||||
[cyrus default]
|
||||
prefix = /usr
|
||||
destdir = BUILDROOT
|
||||
quota = cyr_quota
|
||||
|
||||
# Replication testing disabled
|
||||
# [cyrus replica]
|
||||
# [cyrus murder]
|
||||
|
||||
# Don't enable any of the gdb options but leave them here in case someone ever
|
||||
# needs to do so
|
||||
#[gdb]
|
||||
# imapd = yes
|
||||
# sync_server = yes
|
||||
# lntpd = yes
|
||||
# timsieved = yes
|
||||
# backupd = yes
|
||||
|
||||
[config]
|
||||
altnamespace = no
|
||||
unixhierarchysep = no
|
||||
client_timeout = 60
|
||||
|
||||
#[caldavtalk]
|
||||
#basedir = CASSDIR/cassandane/testdata
|
||||
|
||||
[imaptest]
|
||||
# Cassandane wants this to not be installed. Don't know why. To use it we
|
||||
# have to make a directory and link things into it.
|
||||
basedir = imaptest
|
||||
|
||||
# [jmaptester]
|
||||
# basedir = JMAP-Tester
|
||||
# The JMAP modules end up needing JSON-Typist (which I could bundle) and CryptX (which is a bit too much to bundle)
|
||||
|
||||
# [caldavtester]
|
||||
# XXX Would need to include the source in the cyrus package just as cassandane is, and get it built before running tests
|
||||
# basedir = ...
|
205
cyrus-imapd-3.0-CVE-2021-33582.patch
Normal file
205
cyrus-imapd-3.0-CVE-2021-33582.patch
Normal file
@ -0,0 +1,205 @@
|
||||
diff --git a/imap/http_dav.c b/imap/http_dav.c
|
||||
index 91bbc28b6b..a6fa5c8345 100644
|
||||
--- a/imap/http_dav.c
|
||||
+++ b/imap/http_dav.c
|
||||
@@ -5494,7 +5494,7 @@ EXPORTED int meth_propfind(struct transaction_t *txn, void *params)
|
||||
xmlDocPtr indoc = NULL, outdoc = NULL;
|
||||
xmlNodePtr root, cur = NULL, props = NULL;
|
||||
xmlNsPtr ns[NUM_NAMESPACE];
|
||||
- struct hash_table ns_table = { 0, NULL, NULL };
|
||||
+ struct hash_table ns_table = HASH_TABLE_INITIALIZER;
|
||||
struct propfind_ctx fctx;
|
||||
struct propfind_entry_list *elist = NULL;
|
||||
|
||||
@@ -7900,7 +7900,7 @@ int meth_report(struct transaction_t *txn, void *params)
|
||||
xmlNodePtr inroot = NULL, outroot = NULL, cur, prop = NULL, props = NULL;
|
||||
const struct report_type_t *report = NULL;
|
||||
xmlNsPtr ns[NUM_NAMESPACE];
|
||||
- struct hash_table ns_table = { 0, NULL, NULL };
|
||||
+ struct hash_table ns_table = HASH_TABLE_INITIALIZER;
|
||||
struct propfind_ctx fctx;
|
||||
struct propfind_entry_list *elist = NULL;
|
||||
|
||||
diff --git a/lib/hash.c b/lib/hash.c
|
||||
index 9703142c3b..84f2e80d28 100644
|
||||
--- a/lib/hash.c
|
||||
+++ b/lib/hash.c
|
||||
@@ -43,10 +43,11 @@ EXPORTED hash_table *construct_hash_table(hash_table *table, size_t size, int us
|
||||
assert(table);
|
||||
assert(size);
|
||||
|
||||
- table->size = size;
|
||||
+ table->size = size;
|
||||
+ table->seed = rand(); /* might be zero, that's okay */
|
||||
|
||||
/* Allocate the table -- different for using memory pools and not */
|
||||
- if(use_mpool) {
|
||||
+ if (use_mpool) {
|
||||
/* Allocate an initial memory pool for 32 byte keys + the hash table
|
||||
* + the buckets themselves */
|
||||
table->pool =
|
||||
@@ -72,7 +73,7 @@ EXPORTED hash_table *construct_hash_table(hash_table *table, size_t size, int us
|
||||
|
||||
EXPORTED void *hash_insert(const char *key, void *data, hash_table *table)
|
||||
{
|
||||
- unsigned val = strhash(key) % table->size;
|
||||
+ unsigned val = strhash_seeded(table->seed, key) % table->size;
|
||||
bucket *ptr, *newptr;
|
||||
bucket **prev;
|
||||
|
||||
@@ -153,9 +154,14 @@ EXPORTED void *hash_insert(const char *key, void *data, hash_table *table)
|
||||
|
||||
EXPORTED void *hash_lookup(const char *key, hash_table *table)
|
||||
{
|
||||
- unsigned val = strhash(key) % table->size;
|
||||
+ unsigned val;
|
||||
bucket *ptr;
|
||||
|
||||
+ if (!table->size)
|
||||
+ return NULL;
|
||||
+
|
||||
+ val = strhash_seeded(table->seed, key) % table->size;
|
||||
+
|
||||
if (!(table->table)[val])
|
||||
return NULL;
|
||||
|
||||
@@ -178,8 +184,7 @@ EXPORTED void *hash_lookup(const char *key, hash_table *table)
|
||||
* since it will leak memory until you get rid of the entire hash table */
|
||||
EXPORTED void *hash_del(const char *key, hash_table *table)
|
||||
{
|
||||
- unsigned val = strhash(key) % table->size;
|
||||
- void *data;
|
||||
+ unsigned val = strhash_seeded(table->seed, key) % table->size;
|
||||
bucket *ptr, *last = NULL;
|
||||
|
||||
if (!(table->table)[val])
|
||||
@@ -200,15 +205,10 @@ EXPORTED void *hash_del(const char *key, hash_table *table)
|
||||
int cmpresult = strcmp(key, ptr->key);
|
||||
if (!cmpresult)
|
||||
{
|
||||
+ void *data = ptr->data;
|
||||
if (last != NULL )
|
||||
{
|
||||
- data = ptr -> data;
|
||||
last -> next = ptr -> next;
|
||||
- if(!table->pool) {
|
||||
- free(ptr->key);
|
||||
- free(ptr);
|
||||
- }
|
||||
- return data;
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -221,15 +221,15 @@ EXPORTED void *hash_del(const char *key, hash_table *table)
|
||||
|
||||
else
|
||||
{
|
||||
- data = ptr->data;
|
||||
(table->table)[val] = ptr->next;
|
||||
- if(!table->pool) {
|
||||
- free(ptr->key);
|
||||
- free(ptr);
|
||||
- }
|
||||
- return data;
|
||||
}
|
||||
- } else if (cmpresult < 0) {
|
||||
+ if(!table->pool) {
|
||||
+ free(ptr->key);
|
||||
+ free(ptr);
|
||||
+ }
|
||||
+ return data;
|
||||
+ }
|
||||
+ if (cmpresult < 0) {
|
||||
/* its not here! */
|
||||
return NULL;
|
||||
}
|
||||
diff --git a/lib/hash.h b/lib/hash.h
|
||||
index 8051ac1760..cfa7da1ffa 100644
|
||||
--- a/lib/hash.h
|
||||
+++ b/lib/hash.h
|
||||
@@ -3,10 +3,11 @@
|
||||
#define HASH__H
|
||||
|
||||
#include <stddef.h> /* For size_t */
|
||||
+#include <stdint.h>
|
||||
#include "mpool.h"
|
||||
#include "strarray.h"
|
||||
|
||||
-#define HASH_TABLE_INITIALIZER {0, NULL, NULL}
|
||||
+#define HASH_TABLE_INITIALIZER {0, 0, NULL, NULL}
|
||||
|
||||
/*
|
||||
** A hash table consists of an array of these buckets. Each bucket
|
||||
@@ -32,6 +33,7 @@ typedef struct bucket {
|
||||
|
||||
typedef struct hash_table {
|
||||
size_t size;
|
||||
+ uint32_t seed;
|
||||
bucket **table;
|
||||
struct mpool *pool;
|
||||
} hash_table;
|
||||
diff --git a/lib/strhash.c b/lib/strhash.c
|
||||
index d7c1741d2a..1b3251db73 100644
|
||||
--- a/lib/strhash.c
|
||||
+++ b/lib/strhash.c
|
||||
@@ -42,17 +42,32 @@
|
||||
|
||||
#include "config.h"
|
||||
|
||||
-EXPORTED unsigned strhash(const char *string)
|
||||
+#include "lib/strhash.h"
|
||||
+
|
||||
+/* The well-known djb2 algorithm (e.g. http://www.cse.yorku.ca/~oz/hash.html),
|
||||
+ * with the addition of an optional seed to limit predictability.
|
||||
+ *
|
||||
+ * XXX return type 'unsigned' for back-compat to previous version, but
|
||||
+ * XXX ought to be 'uint32_t'
|
||||
+ */
|
||||
+EXPORTED unsigned strhash_seeded_djb2(uint32_t seed, const char *string)
|
||||
{
|
||||
- unsigned ret_val = 0;
|
||||
- int i;
|
||||
+ const unsigned char *ustr = (const unsigned char *) string;
|
||||
+ unsigned hash = 5381;
|
||||
+ int c;
|
||||
|
||||
- while (*string)
|
||||
- {
|
||||
- i = (int) *string;
|
||||
- ret_val ^= i;
|
||||
- ret_val <<= 1;
|
||||
- string ++;
|
||||
- }
|
||||
- return ret_val;
|
||||
+ if (seed) {
|
||||
+ /* treat the bytes of the seed as a prefix to the string */
|
||||
+ unsigned i;
|
||||
+ for (i = 0; i < sizeof seed; i++) {
|
||||
+ c = seed & 0xff;
|
||||
+ hash = ((hash << 5) + hash) ^ c;
|
||||
+ seed >>= 8;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ while ((c = *ustr++))
|
||||
+ hash = ((hash << 5) + hash) ^ c;
|
||||
+
|
||||
+ return hash;
|
||||
}
|
||||
diff --git a/lib/strhash.h b/lib/strhash.h
|
||||
index 34533fdffa..27339bb288 100644
|
||||
--- a/lib/strhash.h
|
||||
+++ b/lib/strhash.h
|
||||
@@ -41,7 +41,11 @@
|
||||
*/
|
||||
|
||||
#ifndef _STRHASH_H_
|
||||
+#include <stdint.h>
|
||||
|
||||
-unsigned strhash(const char *string);
|
||||
+unsigned strhash_seeded_djb2(uint32_t seed, const char *string);
|
||||
+
|
||||
+#define strhash(in) strhash_seeded_djb2((0), (in))
|
||||
+#define strhash_seeded(sd, in) strhash_seeded_djb2((sd), (in))
|
||||
|
||||
#endif /* _STRHASH_H_ */
|
30
cyrus-imapd-CVE-2019-18928.patch
Normal file
30
cyrus-imapd-CVE-2019-18928.patch
Normal file
@ -0,0 +1,30 @@
|
||||
diff --git a/imap/httpd.c b/imap/httpd.c
|
||||
index 5dcf38dc4..d2fdeb945 100644
|
||||
--- a/imap/httpd.c
|
||||
+++ b/imap/httpd.c
|
||||
@@ -1729,6 +1729,25 @@ static int examine_request(struct transaction_t *txn)
|
||||
txn->auth_chal.scheme = NULL;
|
||||
}
|
||||
|
||||
+ /* Drop auth credentials, if not a backend in a Murder */
|
||||
+ else if (!config_mupdate_server || !config_getstring(IMAPOPT_PROXYSERVERS)) {
|
||||
+ syslog(LOG_DEBUG, "drop auth creds");
|
||||
+
|
||||
+ free(httpd_userid);
|
||||
+ httpd_userid = NULL;
|
||||
+
|
||||
+ free(httpd_extrafolder);
|
||||
+ httpd_extrafolder = NULL;
|
||||
+
|
||||
+ free(httpd_extradomain);
|
||||
+ httpd_extradomain = NULL;
|
||||
+
|
||||
+ if (httpd_authstate) {
|
||||
+ auth_freestate(httpd_authstate);
|
||||
+ httpd_authstate = NULL;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
/* Perform proxy authorization, if necessary */
|
||||
else if (saslprops.authid &&
|
||||
(hdr = spool_getheader(txn->req_hdrs, "Authorize-As")) &&
|
13
cyrus-imapd-CVE-2019-19783.patch
Normal file
13
cyrus-imapd-CVE-2019-19783.patch
Normal file
@ -0,0 +1,13 @@
|
||||
diff --git a/imap/lmtp_sieve.c b/imap/lmtp_sieve.c
|
||||
index 4c3bbc3..d0abdd3 100644
|
||||
--- a/imap/lmtp_sieve.c
|
||||
+++ b/imap/lmtp_sieve.c
|
||||
@@ -999,7 +999,7 @@ static int autosieve_createfolder(const char *userid, const struct auth_state *a
|
||||
if (createsievefolder) {
|
||||
/* Folder is already in internal namespace format */
|
||||
r = mboxlist_createmailbox(internalname, 0, NULL,
|
||||
- 1, userid, auth_state, 0, 0, 0, 1, NULL);
|
||||
+ 0, userid, auth_state, 0, 0, 0, 1, NULL);
|
||||
if (!r) {
|
||||
mboxlist_changesub(internalname, userid, auth_state, 1, 1, 1);
|
||||
syslog(LOG_DEBUG, "autosievefolder: User %s, folder %s creation succeeded",
|
23
cyrus-imapd-close_backup_fd_on_error.patch
Normal file
23
cyrus-imapd-close_backup_fd_on_error.patch
Normal file
@ -0,0 +1,23 @@
|
||||
From 725e1efbd923c6d15ba639e17bfd0baabc619daa Mon Sep 17 00:00:00 2001
|
||||
From: Pavel Zhukov <pzhukov@redhat.com>
|
||||
Date: Mon, 1 Oct 2018 15:55:35 +0200
|
||||
Subject: [PATCH] Close file descriptior in case of error
|
||||
|
||||
Make static code analizers happy.
|
||||
If stat() failed for some reason it may lead backup fd unclosed.
|
||||
---
|
||||
backup/lcb.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/backup/lcb.c b/backup/lcb.c
|
||||
index 8c4a0e31a..9a04b08f2 100644
|
||||
--- a/backup/lcb.c
|
||||
+++ b/backup/lcb.c
|
||||
@@ -182,6 +182,7 @@ HIDDEN int backup_real_open(struct backup **backupp,
|
||||
if (r) {
|
||||
syslog(LOG_ERR, "IOERROR: (f)stat %s: %m", backup->data_fname);
|
||||
r = IMAP_IOERROR;
|
||||
+ close(fd);
|
||||
goto error;
|
||||
}
|
||||
|
38
cyrus-imapd-close_backup_on_failure.patch
Normal file
38
cyrus-imapd-close_backup_on_failure.patch
Normal file
@ -0,0 +1,38 @@
|
||||
From 5d00f649b4d2a599905d1b9290c91a769909741d Mon Sep 17 00:00:00 2001
|
||||
From: Pavel Zhukov <pzhukov@redhat.com>
|
||||
Date: Mon, 24 Sep 2018 17:24:48 +0200
|
||||
Subject: [PATCH] Close backup on failure.
|
||||
|
||||
Static analizers report this as memory leak issue.
|
||||
---
|
||||
backup/ctl_backups.c | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/backup/ctl_backups.c b/backup/ctl_backups.c
|
||||
index 3d817e743..e532eedb7 100644
|
||||
--- a/backup/ctl_backups.c
|
||||
+++ b/backup/ctl_backups.c
|
||||
@@ -955,6 +955,7 @@ static int lock_run_pipe(const char *userid, const char *fname,
|
||||
|
||||
if (r) {
|
||||
printf("NO failed (%s)\n", error_message(r));
|
||||
+ r = backup_close(&backup);
|
||||
return EC_SOFTWARE; // FIXME would something else be more appropriate?
|
||||
}
|
||||
|
||||
@@ -993,6 +994,7 @@ static int lock_run_sqlite(const char *userid, const char *fname,
|
||||
fprintf(stderr, "unable to lock %s: %s\n",
|
||||
userid ? userid : fname,
|
||||
error_message(r));
|
||||
+ r = backup_close(&backup);
|
||||
return EC_SOFTWARE;
|
||||
}
|
||||
|
||||
@@ -1053,6 +1055,7 @@ static int lock_run_exec(const char *userid, const char *fname,
|
||||
fprintf(stderr, "unable to lock %s: %s\n",
|
||||
userid ? userid : fname,
|
||||
error_message(r));
|
||||
+ r = backup_close(&backup);
|
||||
return EC_SOFTWARE;
|
||||
}
|
||||
|
26
cyrus-imapd-cve_2019_11356.patch
Normal file
26
cyrus-imapd-cve_2019_11356.patch
Normal file
@ -0,0 +1,26 @@
|
||||
diff --git a/imap/httpd.c b/imap/httpd.c
|
||||
index dc53f8c..24b65e5 100644
|
||||
--- a/imap/httpd.c
|
||||
+++ b/imap/httpd.c
|
||||
@@ -2202,7 +2202,7 @@ EXPORTED time_t calc_compile_time(const char *time, const char *date)
|
||||
memset(&tm, 0, sizeof(struct tm));
|
||||
tm.tm_isdst = -1;
|
||||
sscanf(time, "%02d:%02d:%02d", &tm.tm_hour, &tm.tm_min, &tm.tm_sec);
|
||||
- sscanf(date, "%s %2d %4d", month, &tm.tm_mday, &tm.tm_year);
|
||||
+ sscanf(date, "%3s %2d %4d", month, &tm.tm_mday, &tm.tm_year);
|
||||
tm.tm_year -= 1900;
|
||||
for (tm.tm_mon = 0; tm.tm_mon < 12; tm.tm_mon++) {
|
||||
if (!strcmp(month, monthname[tm.tm_mon])) break;
|
||||
diff --git a/imap/ical_support.c b/imap/ical_support.c
|
||||
index 1d7550a..e1bda50 100644
|
||||
--- a/imap/ical_support.c
|
||||
+++ b/imap/ical_support.c
|
||||
@@ -458,7 +458,7 @@ const char *get_icalcomponent_errstr(icalcomponent *ical)
|
||||
|
||||
/* Check if this is an empty property error */
|
||||
if (sscanf(errstr,
|
||||
- "No value for %s property", propname) == 1) {
|
||||
+ "No value for %255s property", propname) == 1) {
|
||||
/* Empty LOCATION is OK */
|
||||
if (!strcasecmp(propname, "LOCATION")) continue;
|
||||
if (!strcasecmp(propname, "COMMENT")) continue;
|
12
cyrus-imapd-init.service
Normal file
12
cyrus-imapd-init.service
Normal file
@ -0,0 +1,12 @@
|
||||
[Unit]
|
||||
Description=One-time configuration for cyrus-imapd
|
||||
|
||||
ConditionPathExists=!/etc/pki/cyrus-imapd/cyrus-imapd.pem
|
||||
ConditionPathExists=!/etc/pki/cyrus-imapd/cyrus-imapd-key.pem
|
||||
ConditionPathExists=!/etc/pki/cyrus-imapd/cyrus-imapd-ca.pem
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
Group=mail
|
||||
RemainAfterExit=no
|
||||
ExecStart=/usr/bin/sscg --package cyrus-imapd --cert-file /etc/pki/cyrus-imapd/cyrus-imapd.pem --cert-key-file /etc/pki/cyrus-imapd/cyrus-imapd-key.pem --ca-file /etc/pki/cyrus-imapd/cyrus-imapd-ca.pem --cert-key-mode=0640
|
66
cyrus-imapd-master_rename.patch
Normal file
66
cyrus-imapd-master_rename.patch
Normal file
@ -0,0 +1,66 @@
|
||||
diff --git a/Cassandane/Instance.pm b/cassandane/Cassandane/Instance.pm
|
||||
index 1561143..c60396e 100644
|
||||
--- a/Cassandane/Instance.pm
|
||||
+++ b/Cassandane/Instance.pm
|
||||
@@ -166,7 +166,7 @@ sub get_version
|
||||
my $cyrus_master;
|
||||
foreach my $d (qw( bin sbin libexec libexec/cyrus-imapd lib cyrus/bin ))
|
||||
{
|
||||
- my $try = "$cyrus_destdir$cyrus_prefix/$d/master";
|
||||
+ my $try = "$cyrus_destdir$cyrus_prefix/$d/cyrus-master";
|
||||
if (-x $try) {
|
||||
$cyrus_master = $try;
|
||||
last;
|
||||
diff --git a/Cassandane/Instance.pm b/Cassandane/Instance.pm
|
||||
index c60396e..7b2883a 100644
|
||||
--- a/Cassandane/Instance.pm
|
||||
+++ b/Cassandane/Instance.pm
|
||||
@@ -546,7 +546,7 @@ sub _pid_file
|
||||
{
|
||||
my ($self, $name) = @_;
|
||||
|
||||
- $name ||= 'master';
|
||||
+ $name ||= 'cyrus-master';
|
||||
|
||||
return $self->{basedir} . "/run/$name.pid";
|
||||
}
|
||||
@@ -569,7 +569,7 @@ sub _list_pid_files
|
||||
closedir(RUNDIR);
|
||||
|
||||
@pidfiles = sort { $a cmp $b } @pidfiles;
|
||||
- @pidfiles = ( 'master', grep { $_ ne 'master' } @pidfiles );
|
||||
+ @pidfiles = ( 'cyrus-master', grep { $_ ne 'cyrus-master' } @pidfiles );
|
||||
|
||||
return @pidfiles;
|
||||
}
|
||||
@@ -877,7 +877,7 @@ sub _start_master
|
||||
# Now start the master process.
|
||||
my @cmd =
|
||||
(
|
||||
- 'master',
|
||||
+ 'cyrus-master',
|
||||
# The following is added automatically by _fork_command:
|
||||
# '-C', $self->_imapd_conf(),
|
||||
'-l', '255',
|
||||
@@ -886,7 +886,7 @@ sub _start_master
|
||||
'-M', $self->_master_conf(),
|
||||
);
|
||||
if (get_verbose) {
|
||||
- my $logfile = $self->{basedir} . '/conf/master.log';
|
||||
+ my $logfile = $self->{basedir} . '/conf/cyrus-master.log';
|
||||
xlog "_start_master: logging to $logfile";
|
||||
push(@cmd, '-L', $logfile);
|
||||
}
|
||||
diff --git a/Cassandane/Instance.pm b/Cassandane/Instance.pm
|
||||
index 7b2883a..0c1e5fb 100644
|
||||
--- a/Cassandane/Instance.pm
|
||||
+++ b/Cassandane/Instance.pm
|
||||
@@ -1301,7 +1301,7 @@ sub send_sighup
|
||||
return if ($self->{_stopped});
|
||||
xlog "sighup";
|
||||
|
||||
- my $pid = $self->_read_pid_file('master') or return;
|
||||
+ my $pid = $self->_read_pid_file('cyrus-master') or return;
|
||||
kill(SIGHUP, $pid) or die "Can't send signal SIGHUP to pid $pid: $!";
|
||||
return 1;
|
||||
}
|
73
cyrus-imapd-memory_leak_on_cleanup.patch
Normal file
73
cyrus-imapd-memory_leak_on_cleanup.patch
Normal file
@ -0,0 +1,73 @@
|
||||
From acfc393638ad1b81a4234173b060bb63907ee52c Mon Sep 17 00:00:00 2001
|
||||
From: Pavel Zhukov <pzhukov@redhat.com>
|
||||
Date: Mon, 1 Oct 2018 15:51:01 +0200
|
||||
Subject: [PATCH] Replace simple return with cleanup flow
|
||||
|
||||
Make cleanup more consistence to prevent leaks of memory pointed by
|
||||
filter/base/res
|
||||
---
|
||||
ptclient/ldap.c | 17 ++++++++++-------
|
||||
1 file changed, 10 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/ptclient/ldap.c b/ptclient/ldap.c
|
||||
index 0b82d2c6b..65bae7bd6 100644
|
||||
--- a/ptclient/ldap.c
|
||||
+++ b/ptclient/ldap.c
|
||||
@@ -1388,13 +1388,14 @@ static int ptsmodule_make_authstate_group(
|
||||
|
||||
if (strncmp(canon_id, "group:", 6)) { // Sanity check
|
||||
*reply = "not a group identifier";
|
||||
- return PTSM_FAIL;
|
||||
+ rc = PTSM_FAIL;
|
||||
+ goto done;
|
||||
}
|
||||
|
||||
rc = ptsmodule_connect();
|
||||
if (rc != PTSM_OK) {
|
||||
*reply = "ptsmodule_connect() failed";
|
||||
- return rc;
|
||||
+ goto done;;
|
||||
}
|
||||
|
||||
rc = ptsmodule_expand_tokens(ptsm->group_filter, canon_id+6, NULL, &filter);
|
||||
@@ -1425,17 +1426,19 @@ static int ptsmodule_make_authstate_group(
|
||||
|
||||
if (rc != LDAP_SUCCESS) {
|
||||
syslog(LOG_DEBUG, "(groups) Result from domain query not OK");
|
||||
- return rc;
|
||||
+ goto done;
|
||||
} else {
|
||||
syslog(LOG_DEBUG, "(groups) Result from domain query OK");
|
||||
}
|
||||
|
||||
if (ldap_count_entries(ptsm->ld, res) < 1) {
|
||||
syslog(LOG_ERR, "(groups) No domain %s found", domain);
|
||||
- return PTSM_FAIL;
|
||||
+ rc = PTSM_FAIL;
|
||||
+ goto done;
|
||||
} else if (ldap_count_entries(ptsm->ld, res) > 1) {
|
||||
syslog(LOG_ERR, "(groups) Multiple domains %s found", domain);
|
||||
- return PTSM_FAIL;
|
||||
+ rc = PTSM_FAIL;
|
||||
+ goto done;
|
||||
} else {
|
||||
syslog(LOG_DEBUG, "(groups) Domain %s found", domain);
|
||||
if ((entry = ldap_first_entry(ptsm->ld, res)) != NULL) {
|
||||
@@ -1452,7 +1455,7 @@ static int ptsmodule_make_authstate_group(
|
||||
}
|
||||
|
||||
if (rc != PTSM_OK) {
|
||||
- return rc;
|
||||
+ goto done;
|
||||
} else {
|
||||
base = xstrdup(ptsm->group_base);
|
||||
syslog(LOG_DEBUG, "Continuing with ptsm->group_base: %s", ptsm->group_base);
|
||||
@@ -1462,7 +1465,7 @@ static int ptsmodule_make_authstate_group(
|
||||
} else {
|
||||
rc = ptsmodule_expand_tokens(ptsm->group_base, canon_id, NULL, &base);
|
||||
if (rc != PTSM_OK)
|
||||
- return rc;
|
||||
+ goto done;
|
||||
}
|
||||
|
||||
syslog(LOG_DEBUG, "(groups) about to search %s for %s", base, filter);
|
102
cyrus-imapd-memory_leak_on_cleanup_2.patch
Normal file
102
cyrus-imapd-memory_leak_on_cleanup_2.patch
Normal file
@ -0,0 +1,102 @@
|
||||
diff --git a/ptclient/ldap.c b/ptclient/ldap.c
|
||||
index 7e48879..dafa724 100644
|
||||
--- a/ptclient/ldap.c
|
||||
+++ b/ptclient/ldap.c
|
||||
@@ -932,7 +932,7 @@ static int ptsmodule_get_dn(
|
||||
{
|
||||
rc = ptsmodule_expand_tokens(ptsm->filter, canon_id, NULL, &filter);
|
||||
if (rc != PTSM_OK)
|
||||
- return rc;
|
||||
+ goto done;
|
||||
|
||||
if (ptsm->domain_base_dn && ptsm->domain_base_dn[0] != '\0' && (strrchr(canon_id, '@') != NULL)) {
|
||||
syslog(LOG_DEBUG, "Attempting to get domain for %s from %s", canon_id, ptsm->domain_base_dn);
|
||||
@@ -955,19 +955,23 @@ static int ptsmodule_get_dn(
|
||||
ldap_unbind(ptsm->ld);
|
||||
ptsm->ld = NULL;
|
||||
syslog(LOG_ERR, "LDAP not available: %s", ldap_err2string(rc));
|
||||
- return PTSM_RETRY;
|
||||
+ rc = PTSM_RETRY;
|
||||
+ goto done;
|
||||
}
|
||||
|
||||
syslog(LOG_ERR, "LDAP search for domain failed: %s", ldap_err2string(rc));
|
||||
- return PTSM_FAIL;
|
||||
+ rc = PTSM_FAIL;
|
||||
+ goto done;
|
||||
}
|
||||
|
||||
if (ldap_count_entries(ptsm->ld, res) < 1) {
|
||||
syslog(LOG_ERR, "No domain %s found", domain);
|
||||
- return PTSM_FAIL;
|
||||
+ rc = PTSM_FAIL;
|
||||
+ goto done;
|
||||
} else if (ldap_count_entries(ptsm->ld, res) > 1) {
|
||||
syslog(LOG_ERR, "Multiple domains %s found", domain);
|
||||
- return PTSM_FAIL;
|
||||
+ rc = PTSM_FAIL;
|
||||
+ goto done;
|
||||
} else {
|
||||
if ((entry = ldap_first_entry(ptsm->ld, res)) != NULL) {
|
||||
if ((vals = ldap_get_values(ptsm->ld, entry, ptsm->domain_result_attribute)) != NULL) {
|
||||
@@ -982,7 +986,7 @@ static int ptsmodule_get_dn(
|
||||
}
|
||||
|
||||
if (rc != PTSM_OK) {
|
||||
- return rc;
|
||||
+ goto done;
|
||||
} else {
|
||||
base = xstrdup(ptsm->base);
|
||||
syslog(LOG_DEBUG, "Continuing with ptsm->base: %s", ptsm->base);
|
||||
@@ -993,23 +997,23 @@ static int ptsmodule_get_dn(
|
||||
} else {
|
||||
rc = ptsmodule_expand_tokens(ptsm->base, canon_id, NULL, &base);
|
||||
if (rc != PTSM_OK)
|
||||
- return rc;
|
||||
+ goto done;
|
||||
}
|
||||
|
||||
rc = ldap_search_st(ptsm->ld, base, ptsm->scope, filter, attrs, 0, &(ptsm->timeout), &res);
|
||||
|
||||
if (rc != LDAP_SUCCESS) {
|
||||
syslog(LOG_DEBUG, "Searching %s with %s failed", base, base);
|
||||
- free(filter);
|
||||
- free(base);
|
||||
|
||||
if (rc == LDAP_SERVER_DOWN) {
|
||||
ldap_unbind(ptsm->ld);
|
||||
ptsm->ld = NULL;
|
||||
- return PTSM_RETRY;
|
||||
+ rc = PTSM_RETRY;
|
||||
+ goto done;
|
||||
}
|
||||
|
||||
- return PTSM_FAIL;
|
||||
+ rc = PTSM_FAIL;
|
||||
+ goto done;
|
||||
}
|
||||
|
||||
free(filter);
|
||||
@@ -1035,6 +1039,13 @@ static int ptsmodule_get_dn(
|
||||
}
|
||||
|
||||
return (*ret ? PTSM_OK : PTSM_FAIL);
|
||||
+
|
||||
+ done:
|
||||
+ if (filter)
|
||||
+ free(filter);
|
||||
+ if (base)
|
||||
+ free(base);
|
||||
+ return rc;
|
||||
}
|
||||
|
||||
|
||||
@@ -1344,7 +1355,7 @@ static int ptsmodule_make_authstate_group(
|
||||
rc = ptsmodule_connect();
|
||||
if (rc != PTSM_OK) {
|
||||
*reply = "ptsmodule_connect() failed";
|
||||
- goto done;;
|
||||
+ goto done;
|
||||
}
|
||||
|
||||
rc = ptsmodule_expand_tokens(ptsm->group_filter, canon_id+6, NULL, &filter);
|
68
cyrus-imapd-use_system_ciphers.patch
Normal file
68
cyrus-imapd-use_system_ciphers.patch
Normal file
@ -0,0 +1,68 @@
|
||||
diff --git a/lib/imapoptions b/lib/imapoptions
|
||||
index 37f8371..898b943 100644
|
||||
--- a/lib/imapoptions
|
||||
+++ b/lib/imapoptions
|
||||
@@ -2207,12 +2207,12 @@ product version in the capabilities
|
||||
{ "tls_cert_file", NULL, STRING, "2.5.0", "tls_server_cert" }
|
||||
/* Deprecated in favor of \fItls_server_cert\fR. */
|
||||
|
||||
-{ "tls_cipher_list", "DEFAULT", STRING, "2.5.0", "tls_ciphers" }
|
||||
+{ "tls_cipher_list", "PROFILE=SYSTEM", STRING, "2.5.0", "tls_ciphers" }
|
||||
/* Deprecated in favor of \fItls_ciphers\fR. */
|
||||
|
||||
-{ "tls_ciphers", "DEFAULT", STRING }
|
||||
+{ "tls_ciphers", "PROFILE=SYSTEM", STRING }
|
||||
/* The list of SSL/TLS ciphers to allow. The format of the string
|
||||
- (and definition of "DEFAULT") is described in \fBciphers(1)\fR.
|
||||
+ (and definition of "PROFILE=SYSTEM") is described in \fBciphers(1)\fR.
|
||||
.PP
|
||||
See also Mozilla's server-side TLS recommendations:
|
||||
.PP
|
||||
diff --git a/doc/html/_sources/imap/reference/manpages/configs/imapd.conf.txt b/doc/html/_sources/imap/reference/manpages/configs/imapd.conf.txt
|
||||
index c45d94b..495a2c7 100644
|
||||
--- a/doc/html/_sources/imap/reference/manpages/configs/imapd.conf.txt
|
||||
+++ b/doc/html/_sources/imap/reference/manpages/configs/imapd.conf.txt
|
||||
@@ -4298,7 +4298,7 @@ FIELD DESCRIPTIONS
|
||||
|
||||
.. startblob tls_cipher_list
|
||||
|
||||
- ``tls_cipher_list:`` DEFAULT
|
||||
+ ``tls_cipher_list:`` PROFILE=SYSTEM
|
||||
|
||||
Deprecated in favor of *tls_ciphers*.
|
||||
|
||||
@@ -4307,10 +4307,10 @@ FIELD DESCRIPTIONS
|
||||
|
||||
.. startblob tls_ciphers
|
||||
|
||||
- ``tls_ciphers:`` DEFAULT
|
||||
+ ``tls_ciphers:`` PROFILE=SYSTEM
|
||||
|
||||
The list of SSL/TLS ciphers to allow. The format of the string
|
||||
- (and definition of "DEFAULT") is described in **ciphers(1)**.
|
||||
+ (and definition of "PROFILE=SYSTEM") is described in **ciphers(1)**.
|
||||
|
||||
See also Mozilla's server-side TLS recommendations:
|
||||
|
||||
diff --git a/doc/text/imap/reference/manpages/configs/imapd.conf.txt b/doc/text/imap/reference/manpages/configs/imapd.conf.txt
|
||||
index 1801cd7..7c77154 100644
|
||||
--- a/doc/text/imap/reference/manpages/configs/imapd.conf.txt
|
||||
+++ b/doc/text/imap/reference/manpages/configs/imapd.conf.txt
|
||||
@@ -2675,14 +2675,14 @@ FIELD DESCRIPTIONS
|
||||
|
||||
Deprecated in favor of *tls_server_cert*.
|
||||
|
||||
- "tls_cipher_list:" DEFAULT
|
||||
+ "tls_cipher_list:" PROFILE=SYSTEM
|
||||
|
||||
Deprecated in favor of *tls_ciphers*.
|
||||
|
||||
- "tls_ciphers:" DEFAULT
|
||||
+ "tls_ciphers:" PROFILE=SYSTEM
|
||||
|
||||
The list of SSL/TLS ciphers to allow. The format of the string
|
||||
- (and definition of "DEFAULT") is described in **ciphers(1)**.
|
||||
+ (and definition of "PROFILE=SYSTEM") is described in **ciphers(1)**.
|
||||
|
||||
See also Mozilla's server-side TLS recommendations:
|
||||
|
36
cyrus-imapd.cron-daily
Normal file
36
cyrus-imapd.cron-daily
Normal file
@ -0,0 +1,36 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# This file is run on a daily basis to perform a backup of your
|
||||
# mailbox list which can be used to recreate mailboxes.db from backup.
|
||||
# Restore is done using ctl_mboxlist after uncompressing the file.
|
||||
|
||||
BACKDIR="/var/lib/imap/backup"
|
||||
MBOXLIST="${BACKDIR}/mboxlist"
|
||||
ROTATE=6
|
||||
|
||||
# fallback to su if runuser not available
|
||||
if [ -x /sbin/runuser ]; then
|
||||
RUNUSER=runuser
|
||||
else
|
||||
RUNUSER=su
|
||||
fi
|
||||
|
||||
# source custom configuration
|
||||
if [ -f /etc/sysconfig/cyrus-imapd ]; then
|
||||
. /etc/sysconfig/cyrus-imapd
|
||||
fi
|
||||
|
||||
[ -x /usr/sbin/ctl_mboxlist ] || exit 0
|
||||
[ -f /var/lib/imap/db/skipstamp ] || exit 0
|
||||
|
||||
# rotate mailbox lists
|
||||
seq $[ $ROTATE - 1 ] -1 1 | while read i; do
|
||||
[ -f ${MBOXLIST}.${i}.gz ] && mv -f ${MBOXLIST}.${i}.gz ${MBOXLIST}.$[ $i + 1 ].gz
|
||||
done
|
||||
[ -f ${MBOXLIST}.gz ] && mv -f ${MBOXLIST}.gz ${MBOXLIST}.1.gz
|
||||
|
||||
# export mailboxes.db
|
||||
$RUNUSER - cyrus -s /bin/sh -c "umask 077 < /dev/null ; /usr/sbin/ctl_mboxlist -d | gzip > ${MBOXLIST}.gz"
|
||||
|
||||
exit 0
|
||||
# EOF
|
409
cyrus-imapd.cvt_cyrusdb_all
Normal file
409
cyrus-imapd.cvt_cyrusdb_all
Normal file
@ -0,0 +1,409 @@
|
||||
#!/bin/bash
|
||||
|
||||
# This program is free software; you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation; either version 2 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, write to the Free Software
|
||||
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
|
||||
# This script converts all db files of a cyrus installation from their
|
||||
# existing format to the format required by the current installation.
|
||||
# The format of current db files is determined using the 'file' command
|
||||
# with a magic file added for skiplist db, the new format is read from
|
||||
# a config file usually in /usr/share/cyrus-imapd/rpm/db.cfg, which is
|
||||
# created while compiling. After converting, the db.cfg file is
|
||||
# copied to a cache file usually at /var/lib/imap/rpm/db.cfg.cache to
|
||||
# allow bypassing this converting script if both files are identical.
|
||||
# While this is a bit less secure, it may be useful on big server where
|
||||
# db converting is done automatically.
|
||||
#
|
||||
# This script can safely be run as root, it will reexec itself as user
|
||||
# cyrus if needed.
|
||||
#
|
||||
# author: Simon Matter, Invoca Systems <simon.matter@invoca.ch>
|
||||
|
||||
# changelog
|
||||
# v1.0.1, Oct 22 2002 Simon Matter <simon.matter@invoca.ch>
|
||||
# - added two-step conversion method
|
||||
#
|
||||
# v1.0.2, Jan 10 2003 Simon Matter <simon.matter@invoca.ch>
|
||||
# - fixed a bug where cvt_cyrusdb was called to convert empty or
|
||||
# nonexistent files
|
||||
#
|
||||
# v1.0.3, Mar 14 2003 Simon Matter <simon.matter@invoca.ch>
|
||||
# - fixed a problem with new versions of the file command
|
||||
#
|
||||
# v1.0.4
|
||||
# - added GPL license
|
||||
#
|
||||
# v1.0.5, May 02 2003 Simon Matter <simon.matter@invoca.ch>
|
||||
# - modified exec path
|
||||
#
|
||||
# v1.0.6, Jul 18 2003 Simon Matter <simon.matter@invoca.ch>
|
||||
# - changed db3 to berkeley
|
||||
# - added new db backends for 2.2
|
||||
#
|
||||
# v1.0.7, Jan 23 2004 Simon Matter <simon.matter@invoca.ch>
|
||||
# - included some modifications from Luca Olivetti <luca@olivetti.cjb.net>
|
||||
# - added masssievec functionality
|
||||
#
|
||||
# v1.0.8, Jan 28 2004 Simon Matter <simon.matter@invoca.ch>
|
||||
# - convert sieve scripts to UTF-8 before calling masssievec
|
||||
#
|
||||
# v1.0.9, Jan 29 2004 Simon Matter <simon.matter@invoca.ch>
|
||||
# - convert sieve scripts to UTF-8 only if sievec failed before
|
||||
#
|
||||
# v1.0.10, Feb 24 2004 Simon Matter <simon.matter@invoca.ch>
|
||||
# - change su within init script to get input from
|
||||
# /dev/null, this prevents hang when running in SELinux
|
||||
#
|
||||
# v1.0.11, Mar 02 2004 Simon Matter <simon.matter@invoca.ch>
|
||||
# - fixed SELinux fix
|
||||
#
|
||||
# v1.0.12, Dec 16 2004 Simon Matter <simon.matter@invoca.ch>
|
||||
# - use runuser instead of su if available
|
||||
#
|
||||
# v1.0.13, Jul 15 2005 Simon Matter <simon.matter@invoca.ch>
|
||||
# - don't use flat in the two step conversion, use skiplist instead
|
||||
#
|
||||
# v1.0.14, Jul 18 2005 Simon Matter <simon.matter@invoca.ch>
|
||||
# - replace the order of the magic files in the file call to make
|
||||
# sure skiplist is detected correctly.
|
||||
#
|
||||
# v1.0.15, Aug 17 2005 Simon Matter <simon.matter@invoca.ch>
|
||||
# - add functionality to export all berkeley db files to skiplist
|
||||
#
|
||||
# v1.1.0, Aug 18 2005 Simon Matter <simon.matter@invoca.ch>
|
||||
# - fix export functionality, try to recover Berkeley databases
|
||||
# as much as possible before any conversion.
|
||||
#
|
||||
# v1.1.1, Dec 05 2005 Simon Matter <simon.matter@invoca.ch>
|
||||
# - run db_checkpoint in background with a timeout to prevent
|
||||
# that cyrus-imapd doesn't start at all if it hangs.
|
||||
#
|
||||
# v1.1.2, Dec 06 2005 Simon Matter <simon.matter@invoca.ch>
|
||||
# - make handling of db_checkpoint more robust
|
||||
#
|
||||
# v1.2.0, Jan 12 2006 Simon Matter <simon.matter@invoca.ch>
|
||||
# - adopt for cyrus-imapd-2.3
|
||||
#
|
||||
# v1.2.1, Jan 13 2006 Simon Matter <simon.matter@invoca.ch>
|
||||
# - code cleanup
|
||||
#
|
||||
# v1.2.2, Nov 29 2007 Simon Matter <simon.matter@invoca.ch>
|
||||
# - add ability to handle "@include" options in imapd.conf, patch
|
||||
# provided by Tim Bannister
|
||||
#
|
||||
# v1.2.3, Feb 07 2008 Simon Matter <simon.matter@invoca.ch>
|
||||
# - add ability to handle tabs in imapd.conf, patch provided
|
||||
# by Franz Knipp
|
||||
# - disable default values for some config options like sievedir
|
||||
#
|
||||
# v1.2.4, Apr 23 2008 Simon Matter <simon.matter@invoca.ch>
|
||||
# - add support for statuscache.db
|
||||
#
|
||||
# v1.3.0, Sep 29 2008 Simon Matter <simon.matter@invoca.ch>
|
||||
# - add multi-instance support
|
||||
#
|
||||
# v1.3.1, Oct 09 2008 Simon Matter <simon.matter@invoca.ch>
|
||||
# - improve variable handling
|
||||
#
|
||||
# v1.3.2, May 26 2009 Simon Matter <simon.matter@invoca.ch>
|
||||
# - add some sanity checks to multi-instance support
|
||||
#
|
||||
# v1.3.3, May 27 2009 Simon Matter <simon.matter@invoca.ch>
|
||||
# - make some cosmetic changes
|
||||
#
|
||||
# v1.3.4, Dec 22 2009 Simon Matter <simon.matter@invoca.ch>
|
||||
# - add support for user_deny.db
|
||||
|
||||
VERSION=1.3.4
|
||||
|
||||
PIDFILE=/var/run/cyrus-master${INSTANCE}.pid
|
||||
|
||||
# instance config
|
||||
CYRUSCONF=/etc/cyrus${INSTANCE}.conf
|
||||
IMAPDCONF=/etc/imapd${INSTANCE}.conf
|
||||
|
||||
# make sure what we have is a valid instance
|
||||
# and that config files are present
|
||||
if [ -n "$INSTANCE" ]; then
|
||||
[ -L /etc/rc.d/init.d/${BASENAME} ] || exit 0
|
||||
fi
|
||||
[ -f $CYRUSCONF ] || exit 0
|
||||
[ -f $IMAPDCONF ] || exit 0
|
||||
|
||||
if [ -f $PIDFILE ]; then
|
||||
read CYRUS_PID < $PIDFILE
|
||||
if [ -n "$CYRUS_PID" ]; then
|
||||
if ps -p $CYRUS_PID > /dev/null 2>&1; then
|
||||
echo "ERROR: cyrus-master is running, unable to convert mailboxes!"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ ! -f $IMAPDCONF ]; then
|
||||
echo "ERROR: configuration file '${IMAPDCONF}' not found, exiting!"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# fallback to su if runuser not available
|
||||
if [ -x /sbin/runuser ]; then
|
||||
RUNUSER=runuser
|
||||
else
|
||||
RUNUSER=su
|
||||
fi
|
||||
|
||||
# force cyrus user for security reasons
|
||||
if [ ! $(whoami) = "cyrus" ]; then
|
||||
exec $RUNUSER - cyrus -c "cd $PWD < /dev/null ; INSTANCE=$INSTANCE $0 $*"
|
||||
fi
|
||||
|
||||
# special function for migration
|
||||
EXPORT=$1
|
||||
|
||||
# files get mode 0600
|
||||
umask 166
|
||||
|
||||
# show version info in log files
|
||||
echo "cvt_cyrusdb_all version: $VERSION"
|
||||
|
||||
# expand_config <path>
|
||||
# handle "@include" sections from imapd style config file
|
||||
expand_config() {
|
||||
while read line; do
|
||||
if printf "%s\n" "${line}" | grep -q '^@include:'; then
|
||||
expand_config "$( printf "%s\n" "${line}" | cut -d : -f 2- | sed -e 's/^[\t ]*//' )"
|
||||
else
|
||||
printf "%s\n" "${line}"
|
||||
fi
|
||||
done < $1
|
||||
}
|
||||
|
||||
# get_config <config> [<default>]
|
||||
# extracts config option from config file
|
||||
get_config() {
|
||||
searchstr=$1
|
||||
if config="$(expand_config $IMAPDCONF | egrep "^${searchstr}:")"; then
|
||||
CFGVAL="$(printf "%s\n" "$config" | cut -d : -f 2- | sed -e 's/^[\t ]*//')"
|
||||
else
|
||||
if [ -z "$2" ]; then
|
||||
echo "ERROR: config option '$1' not found in ${IMAPDCONF}, exiting!" 1>&2
|
||||
return 1
|
||||
fi
|
||||
CFGVAL="$2"
|
||||
fi
|
||||
echo "get_config ${1}: $CFGVAL" 1>&2
|
||||
echo "$CFGVAL"
|
||||
}
|
||||
|
||||
# where to find files and directories
|
||||
data_dir=/usr/share/cyrus-imapd/rpm
|
||||
lib_dir=/usr/lib/cyrus-imapd
|
||||
system_magic=$(file --version | awk '/magic file/ {print $4}')
|
||||
cyrus_magic=${data_dir}/magic
|
||||
cvt_cyrusdb=${lib_dir}/cvt_cyrusdb
|
||||
sievec=${lib_dir}/sievec
|
||||
masssievec=${lib_dir}/masssievec
|
||||
imap_prefix=$(get_config configdirectory) || exit 1
|
||||
sieve_dir=$(get_config sievedir) || exit 1
|
||||
db_cfg=${data_dir}/db.cfg
|
||||
db_current=${imap_prefix}/rpm/db.cfg.current
|
||||
db_cache=${imap_prefix}/rpm/db.cfg.cache
|
||||
|
||||
# source default db backend config
|
||||
. $db_cfg
|
||||
|
||||
# get configured db backend config
|
||||
duplicate_db=$(get_config duplicate_db $duplicate_db) || exit 1
|
||||
mboxlist_db=$(get_config mboxlist_db $mboxlist_db) || exit 1
|
||||
seenstate_db=$(get_config seenstate_db $seenstate_db) || exit 1
|
||||
subscription_db=$(get_config subscription_db $subscription_db) || exit 1
|
||||
tlscache_db=$(get_config tlscache_db $tlscache_db) || exit 1
|
||||
annotation_db=$(get_config annotation_db $annotation_db) || exit 1
|
||||
mboxkey_db=$(get_config mboxkey_db $mboxkey_db) || exit 1
|
||||
ptscache_db=$(get_config ptscache_db $ptscache_db) || exit 1
|
||||
quota_db=$(get_config quota_db $quota_db) || exit 1
|
||||
statuscache_db=$(get_config statuscache_db $statuscache_db) || exit 1
|
||||
userdeny_db=$(get_config userdeny_db $userdeny_db) || exit 1
|
||||
|
||||
# remember current db backend config
|
||||
{
|
||||
echo "duplicate_db=${duplicate_db}"
|
||||
echo "mboxlist_db=${mboxlist_db}"
|
||||
echo "seenstate_db=${seenstate_db}"
|
||||
echo "subscription_db=${subscription_db}"
|
||||
echo "tlscache_db=${tlscache_db}"
|
||||
echo "annotation_db=${annotation_db}"
|
||||
echo "mboxkey_db=${mboxkey_db}"
|
||||
echo "ptscache_db=${ptscache_db}"
|
||||
echo "quota_db=${quota_db}"
|
||||
echo "statuscache_db=${statuscache_db}"
|
||||
echo "userdeny_db=${userdeny_db}"
|
||||
echo "sieve_version=${sieve_version}"
|
||||
} | sort > $db_current
|
||||
|
||||
# file_type <file>
|
||||
file_type() {
|
||||
this_type=$(file -b -m "${cyrus_magic}:${system_magic}" "$1" 2> /dev/null)
|
||||
if echo "$this_type" | grep -qi skip > /dev/null 2>&1; then
|
||||
echo skiplist
|
||||
elif echo "$this_type" | grep -qi text > /dev/null 2>&1; then
|
||||
echo flat
|
||||
else
|
||||
echo berkeley
|
||||
fi
|
||||
}
|
||||
|
||||
# cvt_file <file> <db>
|
||||
cvt_file() {
|
||||
target="$1"
|
||||
new_db="$2"
|
||||
if [ -s "$target" ]; then
|
||||
old_db=$(file_type "$target")
|
||||
if [ ! "$old_db" = "$new_db" ]; then
|
||||
# The two-step conversion is paranoia against the filenames being encoded
|
||||
# inside the database or logfiles (berkeley does this, for example).
|
||||
rm -f "${target}.skiplist"
|
||||
if [ "$old_db" = "skiplist" ]; then
|
||||
cp -a "$target" "${target}.skiplist"
|
||||
else
|
||||
$cvt_cyrusdb -C $IMAPDCONF "$target" "$old_db" "${target}.skiplist" skiplist
|
||||
fi
|
||||
RETVAL=$?
|
||||
ERRVAL=$(( $ERRVAL + $RETVAL ))
|
||||
if [ $RETVAL -eq 0 ]; then
|
||||
rm -f "$target"
|
||||
if [ -s "${target}.skiplist" ]; then
|
||||
if [ "$new_db" = "skiplist" ]; then
|
||||
cp -a "${target}.skiplist" "$target"
|
||||
else
|
||||
$cvt_cyrusdb -C $IMAPDCONF "${target}.skiplist" skiplist "$target" "$new_db"
|
||||
fi
|
||||
fi
|
||||
RETVAL=$?
|
||||
ERRVAL=$(( $ERRVAL + $RETVAL ))
|
||||
if [ $RETVAL -eq 0 ]; then
|
||||
rm -f "${target}.skiplist"
|
||||
else
|
||||
echo "ERROR: unable to convert ${target}.skiplist from skiplist to $new_db"
|
||||
fi
|
||||
else
|
||||
echo "ERROR: unable to convert $target from $old_db to skiplist"
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
# cvt_to_utf8 <file>
|
||||
cvt_to_utf8() {
|
||||
target="$1"
|
||||
if [ -s "$target" ]; then
|
||||
if ! $sievec -C $IMAPDCONF "$target" "${target}.sievec"; then
|
||||
iconv --from-code=ISO-8859-1 --to-code=UTF-8 --output="${target}.UTF-8" "$target"
|
||||
if [ -s "${target}.UTF-8" ]; then
|
||||
# preserve timestamp
|
||||
touch --reference="${target}" "${target}.UTF-8"
|
||||
mv -f "${target}.UTF-8" "$target"
|
||||
else
|
||||
ERRVAL=$(( $ERRVAL + 1 ))
|
||||
fi
|
||||
fi
|
||||
rm -f "${target}.sievec"
|
||||
fi
|
||||
}
|
||||
|
||||
ERRVAL=0
|
||||
|
||||
# make sure our Berkeley databases are in a sane state
|
||||
# wait for db_checkpoint to end successfully or kill it after a timeout
|
||||
db_checkpoint -v -1 -h ${imap_prefix}/db &
|
||||
DB_CHECK_PID=$!
|
||||
CNT=0
|
||||
while [ $CNT -lt 60 ]; do
|
||||
if ! kill -0 $DB_CHECK_PID > /dev/null 2>&1; then
|
||||
break
|
||||
fi
|
||||
sleep 1
|
||||
let CNT+=1
|
||||
done
|
||||
if kill -0 $DB_CHECK_PID > /dev/null 2>&1; then
|
||||
kill -USR1 $DB_CHECK_PID > /dev/null 2>&1
|
||||
sleep 1
|
||||
kill -KILL $DB_CHECK_PID > /dev/null 2>&1
|
||||
wait $DB_CHECK_PID > /dev/null 2>&1
|
||||
fi
|
||||
|
||||
# do a normal recovery
|
||||
db_recover -v -h ${imap_prefix}/db
|
||||
RETVAL=$?
|
||||
if [ $RETVAL -ne 0 ]; then
|
||||
# try a catastrophic recovery instead of normal recovery
|
||||
db_recover -v -c -h ${imap_prefix}/db
|
||||
RETVAL=$?
|
||||
ERRVAL=$(( $ERRVAL + $RETVAL ))
|
||||
if [ $RETVAL -ne 0 ]; then
|
||||
echo "ERROR: catastrophic recovery of Berkeley databases failed"
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ "$EXPORT" = "export" ]; then
|
||||
# convert all db files to portable format for migration
|
||||
# TODO: quota_db, we don't touch it for now
|
||||
cvt_file ${imap_prefix}/deliver.db "skiplist"
|
||||
cvt_file ${imap_prefix}/mailboxes.db "skiplist"
|
||||
cvt_file ${imap_prefix}/tls_sessions.db "skiplist"
|
||||
cvt_file ${imap_prefix}/annotations.db "skiplist"
|
||||
cvt_file ${imap_prefix}/ptclient/ptscache.db "skiplist"
|
||||
cvt_file ${imap_prefix}/statuscache.db "skiplist"
|
||||
cvt_file ${imap_prefix}/user_deny.db "flat"
|
||||
rm -vf ${imap_prefix}/db/log.*
|
||||
rm -vf ${imap_prefix}/db/__db.*
|
||||
else
|
||||
# always convert db files which have been converted to skiplist
|
||||
# TODO: quota_db, we don't touch it for now
|
||||
cvt_file ${imap_prefix}/deliver.db "$duplicate_db"
|
||||
cvt_file ${imap_prefix}/mailboxes.db "$mboxlist_db"
|
||||
cvt_file ${imap_prefix}/tls_sessions.db "$tlscache_db"
|
||||
cvt_file ${imap_prefix}/annotations.db "$annotation_db"
|
||||
cvt_file ${imap_prefix}/ptclient/ptscache.db "$ptscache_db"
|
||||
cvt_file ${imap_prefix}/statuscache.db "$statuscache_db"
|
||||
cvt_file ${imap_prefix}/user_deny.db "$userdeny_db"
|
||||
# do we have to convert all databases?
|
||||
if ! cmp -s $db_current $db_cache; then
|
||||
# we treat sieve scripts the same way like db files
|
||||
find ${sieve_dir}/ -name "*.script" -type f | while read db_file trash; do
|
||||
cvt_to_utf8 "$db_file"
|
||||
done
|
||||
$masssievec $sievec $IMAPDCONF
|
||||
# convert all db files left
|
||||
find ${imap_prefix}/user/ -name "*.seen" -type f | while read db_file trash; do
|
||||
cvt_file "$db_file" "$seenstate_db"
|
||||
done
|
||||
find ${imap_prefix}/user/ -name "*.sub" -type f | while read db_file trash; do
|
||||
cvt_file "$db_file" "$subscription_db"
|
||||
done
|
||||
find ${imap_prefix}/user/ -name "*.mboxkey" -type f | while read db_file trash; do
|
||||
cvt_file "$db_file" "$mboxkey_db"
|
||||
done
|
||||
fi
|
||||
fi
|
||||
|
||||
# update the config cache file so we can check whether something has changed
|
||||
if [ $ERRVAL -eq 0 ]; then
|
||||
mv -f $db_current $db_cache
|
||||
else
|
||||
rm -f $db_cache
|
||||
rm -f $db_current
|
||||
fi
|
||||
|
||||
exit $ERRVAL
|
7
cyrus-imapd.logrotate
Normal file
7
cyrus-imapd.logrotate
Normal file
@ -0,0 +1,7 @@
|
||||
/var/log/imapd.log /var/log/auth.log {
|
||||
missingok
|
||||
sharedscripts
|
||||
postrotate
|
||||
/bin/kill -HUP `cat /var/run/rsyslogd.pid 2> /dev/null` 2> /dev/null || true
|
||||
endscript
|
||||
}
|
9
cyrus-imapd.magic
Normal file
9
cyrus-imapd.magic
Normal file
@ -0,0 +1,9 @@
|
||||
# Magic
|
||||
# Magic data for file(1) command.
|
||||
# Format is described in magic(files), where:
|
||||
# files is 5 on V7 and BSD, 4 on SV, and ?? in the SVID.
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# skiplist: file(1) magic Cyrus skiplist DB
|
||||
#
|
||||
0 string \241\002\213\015skiplist\ file\0\0\0 Cyrus skiplist DB
|
5
cyrus-imapd.pam-config
Normal file
5
cyrus-imapd.pam-config
Normal file
@ -0,0 +1,5 @@
|
||||
#%PAM-1.0
|
||||
auth required pam_nologin.so
|
||||
auth include password-auth
|
||||
account include password-auth
|
||||
session include password-auth
|
21
cyrus-imapd.service
Normal file
21
cyrus-imapd.service
Normal file
@ -0,0 +1,21 @@
|
||||
[Unit]
|
||||
Description=Cyrus-imapd IMAP/POP3 email server
|
||||
After=local-fs.target network.target
|
||||
|
||||
Requires=cyrus-imapd-init.service
|
||||
After=cyrus-imapd-init.service
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
EnvironmentFile=/etc/sysconfig/cyrus-imapd
|
||||
ExecStart=/usr/libexec/cyrus-imapd/cyrus-master $CYRUSOPTIONS
|
||||
PrivateTmp=true
|
||||
|
||||
# Cyrus may spawn many processes in normal operation. These figures are higher
|
||||
# than the defaults, but may still need to be tuned for your local
|
||||
# configuration.
|
||||
TasksMax=2048
|
||||
LimitNOFILE=16384
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
950
cyrus-imapd.spec
Normal file
950
cyrus-imapd.spec
Normal file
@ -0,0 +1,950 @@
|
||||
%define scmt(l:) %(c=%1; echo ${c:0:%{-l:%{-l*}}%{!-l:7}})
|
||||
|
||||
# Cassandane commit hash. Cassandane doesn't have releases often, but it
|
||||
# receives constant development. This was fetched on 20180518.
|
||||
%global cocas 00bfe0109f80437ed09154aca9fbd53eef8f1b09
|
||||
|
||||
# Cassandane run by default. '--without cassandane' disables.
|
||||
%bcond_without cassandane
|
||||
|
||||
Name: cyrus-imapd
|
||||
Version: 3.0.7
|
||||
Release: 23%{?dist}
|
||||
|
||||
%define ssl_pem_file_prefix /etc/pki/%name/%name
|
||||
|
||||
# UID/GID 76 have long been reserved for Cyrus
|
||||
%define uid 76
|
||||
%define gid 76
|
||||
|
||||
%define cyrususer cyrus
|
||||
%define cyrusgroup mail
|
||||
%define cyrexecdir %_libexecdir/%name
|
||||
|
||||
Summary: A high-performance email, contacts and calendar server
|
||||
License: BSD
|
||||
URL: http://www.cyrusimap.org/
|
||||
Source0: http://www.cyrusimap.org/releases/%name-%version.tar.gz
|
||||
Source1: CHANGES.rpm
|
||||
|
||||
# Adapt a timeout to handle our slower builders
|
||||
Patch0: patch-cyrus-testsuite-timeout
|
||||
|
||||
# Upstream https://github.com/cyrusimap/cyrus-imapd/issues/2026
|
||||
Patch1: patch-cyrus-managesieve-linking
|
||||
|
||||
# Fedora-specific patch for the default configuration file
|
||||
Patch2: patch-cyrus-default-configs
|
||||
|
||||
# vzic uses an old makefile that needs hacks to use the proper flags
|
||||
Patch3: patch-vzic-proper-cflags
|
||||
|
||||
Patch4: cyrus-imapd-close_backup_on_failure.patch
|
||||
Patch5: cyrus-imapd-memory_leak_on_cleanup.patch
|
||||
Patch6: cyrus-imapd-memory_leak_on_cleanup_2.patch
|
||||
Patch7: cyrus-imapd-close_backup_fd_on_error.patch
|
||||
Patch8: cyrus-imapd-cve_2019_11356.patch
|
||||
Patch9: cyrus-imapd-CVE-2019-19783.patch
|
||||
Patch10: cyrus-imapd-CVE-2019-18928.patch
|
||||
Patch11: cyrus-imapd-use_system_ciphers.patch
|
||||
Patch12: cyrus-imapd-3.0-CVE-2021-33582.patch
|
||||
|
||||
Source10: cyrus-imapd.logrotate
|
||||
Source11: cyrus-imapd.pam-config
|
||||
Source12: cyrus-imapd.sysconfig
|
||||
Source13: cyrus-imapd.cvt_cyrusdb_all
|
||||
Source14: cyrus-imapd.magic
|
||||
# XXX A systemd timer would probably be better
|
||||
Source15: cyrus-imapd.cron-daily
|
||||
Source16: README.rpm
|
||||
Source17: cyrus-imapd.service
|
||||
Source18: cyrus-imapd-init.service
|
||||
Source19: cyrus-imapd.tmpfiles.conf
|
||||
|
||||
|
||||
|
||||
# Source files for running the Cassandane test suite at build time.
|
||||
Source80: https://github.com/cyrusimap/cassandane/archive/%cocas.tar.gz#/cassandane-%{scmt %cocas}.tar.gz
|
||||
|
||||
# The CPAN version, and hence the Fedora-packaged version, of Net::CalDAVTalk
|
||||
# doesn't include the testdata directory. Cassandane can use it for testing
|
||||
# calendaring, so it's included here.
|
||||
# This archive was generated by running:
|
||||
# svn export https://github.com/brong/Net-CalDAVTalk/trunk/testdata
|
||||
# tar cfz cassandane-testdata-20170523.tar.gz testdata
|
||||
# Note that this changes very rarely. See
|
||||
# https://github.com/brong/Net-CalDAVTalk/tree/master/testdata
|
||||
Source81: cassandane-testdata-20170523.tar.gz
|
||||
|
||||
# A template config file for cassandane; we will substitute in varions values.
|
||||
Source82: cassandane.ini
|
||||
|
||||
# These are source files and not patches because you can't use autosetup to
|
||||
# apply patches to secondary unpacked source files.
|
||||
|
||||
# Prevent cassandane from trying to syslog things
|
||||
Source91: patch-cassandane-no-syslog
|
||||
|
||||
# Tell the annotator script to run as the current user/group
|
||||
# Upstream ticket https://github.com/cyrusimap/cyrus-imapd/issues/1995
|
||||
Source92: patch-cassandane-fix-annotator
|
||||
|
||||
Source93: cyrus-imapd-master_rename.patch
|
||||
|
||||
BuildRequires: autoconf automake bison flex gcc gcc-c++ git groff libtool
|
||||
BuildRequires: pkgconfig systemd transfig
|
||||
|
||||
BuildRequires: perl-devel perl-generators perl(ExtUtils::MakeMaker)
|
||||
BuildRequires: perl(Pod::Html)
|
||||
|
||||
BuildRequires: CUnit-devel cyrus-sasl-devel glib2-devel
|
||||
BuildRequires: jansson-devel krb5-devel libical-devel libicu-devel
|
||||
BuildRequires: libnghttp2-devel libxml2-devel mariadb-devel net-snmp-devel
|
||||
BuildRequires: openldap-devel openssl-devel postgresql-devel
|
||||
BuildRequires: sqlite-devel
|
||||
BuildRequires: xapian-core-devel
|
||||
|
||||
# Miscellaneous modules needed for 'make check' to function:
|
||||
BuildRequires: cyrus-sasl-plain cyrus-sasl-md5
|
||||
|
||||
%if %{with cassandane}
|
||||
# Additional packages required for cassandane to function
|
||||
BuildRequires: imaptest net-tools words
|
||||
BuildRequires: perl(AnyEvent) perl(BSD::Resource) perl(Clone)
|
||||
BuildRequires: perl(experimental) perl(File::chdir) perl(File::Slurp)
|
||||
BuildRequires: perl(IO::Socket::INET6) perl(Mail::IMAPTalk)
|
||||
BuildRequires: perl(Config::IniFiles) perl(Mail::JMAPTalk) perl(Math::Int64)
|
||||
BuildRequires: perl(Net::CalDAVTalk) perl(Net::CardDAVTalk)
|
||||
BuildRequires: perl(Net::Server) perl(News::NNTPClient) perl(Path::Tiny)
|
||||
BuildRequires: perl(String::CRC32) perl(Sys::Syslog)
|
||||
BuildRequires: perl(Test::Unit::TestRunner) perl(Time::HiRes)
|
||||
BuildRequires: perl(Unix::Syslog) perl(XML::DOM) perl(XML::Generator)
|
||||
|
||||
# For tls tests
|
||||
BuildRequires: sscg
|
||||
|
||||
# These were only for JMAP-Tester
|
||||
# perl(Moo), perl(Moose), perl(MooseX::Role::Parameterized) perl(Throwable), perl(Safe::Isa)
|
||||
%endif
|
||||
|
||||
Requires(pre): shadow-utils
|
||||
Requires(post): /sbin/ldconfig
|
||||
Requires(postun): /sbin/ldconfig
|
||||
%{?systemd_requires}
|
||||
|
||||
Requires: %name-utils = %version-%release
|
||||
Recommends: %name-vzic = %version-%release
|
||||
Requires: file libdb-utils sscg
|
||||
Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version))
|
||||
Requires: cyrus-imapd = %{version}-%{release}
|
||||
|
||||
%{?perl_default_filter}
|
||||
|
||||
%description
|
||||
The Cyrus IMAP (Internet Message Access Protocol) server provides access to
|
||||
personal mail, system-wide bulletin boards, news-feeds, calendar and contacts
|
||||
through the IMAP, JMAP, NNTP, CalDAV and CardDAV protocols. The Cyrus IMAP
|
||||
server is a scalable enterprise groupware system designed for use from small to
|
||||
large enterprise environments using technologies based on well-established Open
|
||||
Standards.
|
||||
|
||||
A full Cyrus IMAP implementation allows a seamless mail and bulletin board
|
||||
environment to be set up across one or more nodes. It differs from other IMAP
|
||||
server implementations in that it is run on sealed nodes, where users are not
|
||||
normally permitted to log in. The mailbox database is stored in parts of the
|
||||
filesystem that are private to the Cyrus IMAP system. All user access to mail
|
||||
is through software using the IMAP, IMAPS, JMAP, POP3, POP3S, KPOP, CalDAV
|
||||
and/or CardDAV protocols.
|
||||
|
||||
The private mailbox database design gives the Cyrus IMAP server large
|
||||
advantages in efficiency, scalability, and administratability. Multiple
|
||||
concurrent read/write connections to the same mailbox are permitted. The server
|
||||
supports access control lists on mailboxes and storage quotas on mailbox
|
||||
hierarchies.
|
||||
|
||||
|
||||
%package devel
|
||||
Summary: Cyrus IMAP server development files
|
||||
Requires: %name%{?_isa} = %version-%release
|
||||
Requires: pkgconfig
|
||||
|
||||
%description devel
|
||||
The %name-devel package contains header files and libraries
|
||||
necessary for developing applications which use the imclient library.
|
||||
|
||||
|
||||
%package doc-extra
|
||||
Summary: Extra documentation for the Cyrus IMAP server
|
||||
BuildArch: noarch
|
||||
|
||||
%description doc-extra
|
||||
This package contains the HTML documentation for the Cyrus IMAP server, as well
|
||||
as some legacy and internal documentation not useful for normal operation of
|
||||
the server.
|
||||
|
||||
|
||||
%package utils
|
||||
Summary: Cyrus IMAP server administration utilities
|
||||
|
||||
%description utils
|
||||
The cyrus-imapd-utils package contains administrative tools for the
|
||||
Cyrus IMAP server. It can be installed on systems other than the
|
||||
one running the server.
|
||||
|
||||
|
||||
%package vzic
|
||||
Summary: Utilities to convert timezone database files
|
||||
License: GPLv2+
|
||||
Requires: %name = %version-%release
|
||||
# Contains a lightly forked version of vzic. This seems to have been bundled
|
||||
# into various other things and it's old, so I'm not sure where the upstream
|
||||
# is. Here are a couple of possible upstreams:
|
||||
# https://github.com/libical/vzic
|
||||
# https://sourceforge.net/projects/vzic/
|
||||
# It is probably a good idea to split it out and package it separately, but the
|
||||
# code here definitely differs from that at the second link above.
|
||||
Provides: bundled(vzic) = 1.3
|
||||
|
||||
%description vzic
|
||||
vzic is a program to convert the Olson timezone database files into VTIMEZONE
|
||||
files compatible with the iCalendar specification (RFC2445).
|
||||
|
||||
This package contains a forked version of vzic for internal use by the Cyrus
|
||||
IMAP server.
|
||||
|
||||
# Build dir is either $PWD, $(pwd) or %
|
||||
|
||||
%prep
|
||||
%autosetup -p1 -S git
|
||||
echo %version > VERSION
|
||||
|
||||
# Install the Fedora-specific documentation file
|
||||
install -m 644 %SOURCE1 doc/
|
||||
install -m 644 %SOURCE16 doc/
|
||||
|
||||
# Unpack and prepare cassandane
|
||||
tar xf %SOURCE80
|
||||
ln -s cassandane-%cocas cassandane
|
||||
pushd cassandane
|
||||
mkdir work
|
||||
tar xf %SOURCE81
|
||||
|
||||
patch -p1 < %SOURCE91
|
||||
patch -p1 < %SOURCE92
|
||||
patch -p1 < %SOURCE93
|
||||
|
||||
cp %SOURCE82 cassandane.ini
|
||||
# RF rpm-buildroot-usage
|
||||
sed -i \
|
||||
-e "s!CASSDIR!$(pwd)!" \
|
||||
-e "s!BUILDROOT!%buildroot!" \
|
||||
cassandane.ini
|
||||
|
||||
popd
|
||||
|
||||
# Drop expired certificates and generate new ones
|
||||
pushd cunit
|
||||
rm -rf *pem
|
||||
%{_bindir}/sscg --package %{name} --cert-file cert.pem --cert-key-file key.pem --ca-file cacert.pem
|
||||
popd
|
||||
|
||||
## Modify docs master --> cyrus-master
|
||||
#%{__perl} -pi -e "s@master\(8\)@cyrus-master(8)@" man/*5 man/*8 lib/imapoptions
|
||||
#sed -i -e 's|\([^-]\)master|\1cyrus-master|g;s|^master|cyrus-master|g;s|Master|Cyrus-master|g;s|MASTER|CYRUS-MASTER|g' \
|
||||
# man/master.8 doc/man.html
|
||||
|
||||
|
||||
%build
|
||||
# This is the test suite, which doesn't build much but does verify its dependencies.
|
||||
# If this is done after the configure call, the one thing it does build fails
|
||||
# because the configure macro puts some hardening flags into the environment.
|
||||
%if %{with cassandane}
|
||||
pushd cassandane
|
||||
make
|
||||
popd
|
||||
%endif
|
||||
|
||||
# Notes about configure options:
|
||||
# --enable-objectstore
|
||||
# It's experimental, and it doesn't appear that either openio or caringo are
|
||||
# in Fedora.
|
||||
# --with-cyrus-prefix and --with-service-path went away; use --with-libexecdir=
|
||||
# instead.
|
||||
|
||||
# Needed because of Patch4.
|
||||
autoreconf -vi
|
||||
|
||||
%configure \
|
||||
--disable-silent-rules \
|
||||
\
|
||||
--libexecdir=%cyrexecdir \
|
||||
--with-extraident="%release Fedora" \
|
||||
--with-krbimpl=mit \
|
||||
--with-ldap=/usr \
|
||||
--with-libwrap=no \
|
||||
--with-mysql \
|
||||
--with-pgsql \
|
||||
--with-perl=%__perl \
|
||||
--with-snmp \
|
||||
--with-syslogfacility=MAIL \
|
||||
\
|
||||
--enable-autocreate \
|
||||
--enable-backup \
|
||||
--enable-calalarmd \
|
||||
--enable-http \
|
||||
--enable-idled \
|
||||
--enable-jmap \
|
||||
--enable-murder \
|
||||
--enable-nntp \
|
||||
--enable-replication \
|
||||
--enable-unit-tests \
|
||||
--enable-xapian \
|
||||
%if 0%{?fedora} && 0%{?fedora} >= 0
|
||||
--with-clamav \
|
||||
%endif
|
||||
#
|
||||
|
||||
# The configure script will set up the Perl makefiles, but not in the way
|
||||
# Fedora needs them. So regenerate them manually.
|
||||
for i in perl/annotator perl/imap perl/sieve/managesieve; do
|
||||
pushd $i
|
||||
rm -f Makefile
|
||||
perl Makefile.PL INSTALLDIRS=vendor # NO_PERLOCAL=1 NO_PACKLIST=1
|
||||
popd
|
||||
done
|
||||
|
||||
%make_build
|
||||
|
||||
# This isn't built by default, but this package has always installed it.
|
||||
make notifyd/notifytest
|
||||
|
||||
# Also not built by default, but the tools are needed for serving timezone info
|
||||
make -C tools/vzic
|
||||
|
||||
# Modify docs master --> cyrus-master
|
||||
%{__perl} -pi -e "s@master\(8\)@cyrus-master(8)@" man/*5 man/*8 lib/imapoptions
|
||||
sed -i -e 's|\([^-]\)master|\1cyrus-master|g;s|^master|cyrus-master|g;s|Master|Cyrus-master|g;s|MASTER|CYRUS-MASTER|g' \
|
||||
man/master.8 doc/legacy/man.html
|
||||
|
||||
%install
|
||||
make install DESTDIR=%buildroot
|
||||
|
||||
# Create directories
|
||||
install -d \
|
||||
%buildroot/etc/{rc.d/init.d,logrotate.d,pam.d,sysconfig,cron.daily} \
|
||||
%buildroot/%_libdir/sasl \
|
||||
%buildroot/var/spool/imap \
|
||||
%buildroot/var/lib/imap/{user,quota,proc,log,msg,socket,db,sieve,sync,md5,rpm,backup,meta} \
|
||||
%buildroot/var/lib/imap/ptclient \
|
||||
%buildroot/%_datadir/%name/rpm \
|
||||
%buildroot/%cyrexecdir \
|
||||
%buildroot/etc/pki/%name
|
||||
|
||||
install -d -m 0750 \
|
||||
%buildroot/run/cyrus \
|
||||
%buildroot/run/cyrus/socket
|
||||
|
||||
install -d -m 0700 \
|
||||
%buildroot/run/cyrus/db \
|
||||
%buildroot/run/cyrus/lock \
|
||||
%buildroot/run/cyrus/proc
|
||||
|
||||
# Some tools which aren't installed by the makefile which we have always installed
|
||||
install -m 755 notifyd/notifytest %buildroot%_bindir/
|
||||
install -m 755 perl/imap/cyradm %buildroot%_bindir/
|
||||
for i in arbitronsort.pl masssievec mkimap mknewsgroups rehash translatesieve; do
|
||||
install -m 755 tools/$i %buildroot/%cyrexecdir/
|
||||
done
|
||||
|
||||
for i in vzic vzic-test.pl vzic-merge.pl vzic-dump.pl; do
|
||||
install -m 755 tools/vzic/$i %buildroot/%cyrexecdir/
|
||||
done
|
||||
|
||||
# Install additional files
|
||||
install -p -m 644 %SOURCE10 %buildroot/etc/logrotate.d/%name
|
||||
install -p -m 644 %SOURCE11 %buildroot/etc/pam.d/pop
|
||||
install -p -m 644 %SOURCE11 %buildroot/etc/pam.d/imap
|
||||
install -p -m 644 %SOURCE11 %buildroot/etc/pam.d/sieve
|
||||
install -p -m 644 %SOURCE11 %buildroot/etc/pam.d/mupdate
|
||||
install -p -m 644 %SOURCE11 %buildroot/etc/pam.d/lmtp
|
||||
install -p -m 644 %SOURCE11 %buildroot/etc/pam.d/nntp
|
||||
install -p -m 644 %SOURCE11 %buildroot/etc/pam.d/csync
|
||||
install -p -m 644 %SOURCE12 %buildroot/etc/sysconfig/%name
|
||||
install -p -m 755 %SOURCE13 %buildroot/%cyrexecdir/cvt_cyrusdb_all
|
||||
install -p -m 644 %SOURCE14 %buildroot/%_datadir/%name/rpm/magic
|
||||
install -p -m 755 %SOURCE15 %buildroot/etc/cron.daily/%name
|
||||
install -p -m 644 doc/examples/cyrus_conf/prefork.conf %buildroot/etc/cyrus.conf
|
||||
install -p -m 644 doc/examples/imapd_conf/normal.conf %buildroot/etc/imapd.conf
|
||||
install -p -D -m 644 %SOURCE17 %buildroot/%_unitdir/cyrus-imapd.service
|
||||
install -p -D -m 644 %SOURCE18 %buildroot/%_unitdir/cyrus-imapd-init.service
|
||||
install -p -D -m 644 %SOURCE19 %buildroot/%_tmpfilesdir/cyrus-imapd.conf
|
||||
|
||||
# Rename 'master' binary and manpage to avoid clash with postfix
|
||||
mv -f %{buildroot}%{cyrexecdir}/master %{buildroot}%{cyrexecdir}/cyrus-master
|
||||
|
||||
# mv -f %{buildroot}%{_mandir}/man8/master.8 %{buildroot}%{_mandir}/man8/cyrus-master.8
|
||||
|
||||
# Rename 'fetchnews' binary and manpage to avoid clash with leafnode
|
||||
#mv -f %{buildroot}%{cyrexecdir}/fetchnews %{buildroot}%{cyrexecdir}/cyrfetchnews
|
||||
#mv -f %{buildroot}%{_mandir}/man8/fetchnews.8 %{buildroot}%{_mandir}/man8/cyrfetchnews.8
|
||||
#%{__perl} -pi -e 's|fetchnews|cyrfetchnews|g;s|Fetchnews|Cyrfetchnews|g;s/FETCHNEWS/CYRFETCHNEWS/g' \
|
||||
# %{buildroot}%{_mandir}/man8/cyrfetchnews.8
|
||||
|
||||
#remove executable bit from docs
|
||||
for ddir in doc perl/imap/examples
|
||||
do
|
||||
find $ddir -type f -exec chmod -x {} \;
|
||||
done
|
||||
|
||||
|
||||
# Cleanup of doc dir
|
||||
find doc perl -name CVS -type d -prune -exec rm -rf {} \;
|
||||
find doc perl -name .cvsignore -type f -exec rm -f {} \;
|
||||
rm -f doc/Makefile.dist*
|
||||
rm -f doc/text/htmlstrip.c
|
||||
rm -f doc/text/Makefile
|
||||
rm -rf doc/man
|
||||
|
||||
# fix permissions on perl .so files
|
||||
find %buildroot/%_libdir/perl5/ -type f -name "*.so" -exec chmod 755 {} \;
|
||||
|
||||
# Generate db config file
|
||||
# XXX Is this still necessary?
|
||||
( grep '^{' lib/imapoptions | grep _db | cut -d'"' -f 2,4 | \
|
||||
sed -e 's/^ *//' -e 's/-nosync//' -e 's/ *$//' -e 's/"/=/'
|
||||
echo sieve_version=2.2.3 ) | sort > %buildroot/%_datadir/%name/rpm/db.cfg
|
||||
|
||||
# Cyrus has various files with extremely conflicting names. Some of these are
|
||||
# not unexpected ("imapd" itself) but some like "httpd" are rather surprising.
|
||||
|
||||
# Where there are only conflicting manpages, they have been moved to a "8cyrus"
|
||||
# section. If the binary was renamed, then the manpages are renamed to match
|
||||
# but a internal replacement has not been done. This may lead to more
|
||||
# confusion but involves modifying fewer upstream files.
|
||||
|
||||
# Actual binary conflicts
|
||||
# Rename 'fetchnews' binary and manpage to avoid clash with leafnode
|
||||
mv %buildroot/%_sbindir/fetchnews %buildroot/%_sbindir/cyr_fetchnews
|
||||
mv %buildroot/%_mandir/man8/fetchnews.8 %buildroot/%_mandir/man8/cyr_fetchnews.8
|
||||
|
||||
# Fix conflict with dump
|
||||
mv %buildroot/%_sbindir/restore %buildroot/%_sbindir/cyr_restore
|
||||
mv %buildroot/%_mandir/man8/restore.8 %buildroot/%_mandir/man8/cyr_restore.8
|
||||
|
||||
# Fix conceptual conflict with quota
|
||||
mv %buildroot/%_sbindir/quota %buildroot/%_sbindir/cyr_quota
|
||||
mv %buildroot/%_mandir/man8/quota.8 %buildroot/%_mandir/man8/cyr_quota.8
|
||||
|
||||
# fix conflicts with uw-imap
|
||||
mv %buildroot/%_mandir/man8/imapd.8 %buildroot/%_mandir/man8/imapd.8cyrus
|
||||
mv %buildroot/%_mandir/man8/pop3d.8 %buildroot/%_mandir/man8/pop3d.8cyrus
|
||||
|
||||
# Rename 'master' manpage
|
||||
mv %buildroot/%_mandir/man8/master.8 %buildroot/%_mandir/man8/master.8cyrus
|
||||
|
||||
# Rename 'httpd' manpage to avoid clash with Apache
|
||||
mv %buildroot/%_mandir/man8/httpd.8 %buildroot/%_mandir/man8/httpd.8cyrus
|
||||
|
||||
# Old cyrus packages used to keep some executables in /usr/lib/cyrus-imapd
|
||||
# RF hardcoded-library-path in %%buildroot/usr/lib/cyrus-imapd
|
||||
mkdir %buildroot/usr/lib/cyrus-imapd
|
||||
pushd %buildroot/usr/lib/cyrus-imapd
|
||||
ln -s ../../sbin/deliver
|
||||
popd
|
||||
|
||||
#remove executable bit from docs
|
||||
for ddir in doc perl/imap/examples
|
||||
do
|
||||
find $ddir -type f -exec chmod -x {} \;
|
||||
done
|
||||
|
||||
# Remove pointless libtool archives
|
||||
rm %buildroot/%_libdir/*.la
|
||||
|
||||
# Remove installed but not packaged files
|
||||
rm %buildroot/%cyrexecdir/pop3proxyd
|
||||
find %buildroot -name "perllocal.pod" -exec rm {} \;
|
||||
find %buildroot -name ".packlist" -exec rm {} \;
|
||||
|
||||
|
||||
%check
|
||||
## First of all check if imaptest is functional at all
|
||||
imaptest -h 2>&1 > /dev/null || (echo "Imaptest is not functional" && exit 1)
|
||||
make %{?_smp_mflags} check || exit 1
|
||||
|
||||
%ifarch ppc64le %ix86
|
||||
exit 0
|
||||
%endif
|
||||
|
||||
%if %{without cassandane}
|
||||
exit 0
|
||||
%endif
|
||||
|
||||
# Run the Cassandane test suite. This will exhaustively test the various
|
||||
# server components, but running it in a mock chroot is rather an exercise.
|
||||
pushd cassandane
|
||||
|
||||
mkdir -p imaptest/src
|
||||
ln -s /usr/bin/imaptest imaptest/src
|
||||
ln -s /usr/share/imaptest/tests imaptest/src
|
||||
|
||||
export LD_LIBRARY_PATH=%buildroot/%_libdir
|
||||
export CYRUS_USER=$USER
|
||||
|
||||
# Construct the set of excluded tests to pass to Cassandane
|
||||
# ---------------------------------------------------------
|
||||
exclude+=("!Master.maxforkrate") # Some builders are too slow to complete this test properly
|
||||
tests=(
|
||||
# This is more a test of system performance and according to upstream won't
|
||||
# be reliable on shared hardware like our builders.
|
||||
Metronome
|
||||
|
||||
# This tests coredumping and won't work on a machine where systemd
|
||||
# intercepts coredumps, which includes our builders.
|
||||
Cassandane::Test::Core
|
||||
|
||||
# Upstream recommends disabling this because it has an internal race and
|
||||
# will fail randomly. https://github.com/cyrusimap/cassandane/issues/17
|
||||
Master.sighup_recycling
|
||||
|
||||
# Fails because our Xapian is too old for proper CJK support. 1.5 will be
|
||||
# OK, but it is not yet released. The alternative is to bundle.
|
||||
SearchFuzzy.cjk_words
|
||||
|
||||
# These additionaly fail because Cyrus 3.0.7 no longer enables
|
||||
# SNIPPET_EMPTY_WITHOUT_MATCH when the Cyrus-patched Xapian is not in use.
|
||||
# https://github.com/cyrusimap/cyrus-imapd/commit/f008060cb53b3286fcedf7b8b4dd12c1980d665f
|
||||
SearchFuzzy.normalize_snippets
|
||||
SearchFuzzy.snippet_wildcard
|
||||
SearchFuzzy.snippets_termcover
|
||||
SearchFuzzy.snippets_escapehtml
|
||||
SearchFuzzy.stem_verbs
|
||||
|
||||
# As of yet unexplained
|
||||
# https://github.com/cyrusimap/cyrus-imapd/issues/2047
|
||||
Admin.imap_admins
|
||||
|
||||
# Upstream on IRC indicates that these two are expected to fail on 3.0.
|
||||
Carddav.sharing_contactpaths
|
||||
Metadata.set_specialuse_twice
|
||||
|
||||
# This one needs a patch to xapian.
|
||||
# https://github.com/cyrusimap/cyrus-imapd/issues/2348
|
||||
SearchFuzzy.search_subjectsnippet
|
||||
|
||||
# this one is not working on builder machines
|
||||
Conversations.xconvfetch
|
||||
)
|
||||
for i in ${tests[@]}; do exclude+=("!$i"); done
|
||||
|
||||
%if 0%{?fedora} <= 28
|
||||
# imaptest on F28 has bugs which make some additional tests fail
|
||||
tests=(
|
||||
# Three new failures with imaptest 20170719
|
||||
# https://github.com/cyrusimap/cyrus-imapd/issues/2087
|
||||
ImapTest.append-binary
|
||||
ImapTest.fetch-binary-mime
|
||||
ImapTest.urlauth-binary
|
||||
|
||||
# This one seems to fail randomly.
|
||||
ImapTest.urlauth2
|
||||
)
|
||||
for i in ${tests[@]}; do exclude+=("!$i"); done
|
||||
%endif
|
||||
|
||||
%if 0%{?fedora} <= 26
|
||||
# Some F26-specific test exclusions
|
||||
tests=(
|
||||
# These all fail because F26 perl doesn't support quad types in unpack.
|
||||
Metadata.expunge_messages
|
||||
Metadata.msg_replication_new_mas_partial_wwd
|
||||
Metadata.msg_replication_new_rep
|
||||
Metadata.msg_replication_new_mas
|
||||
Metadata.msg_replication_exp_bot
|
||||
Metadata.msg_replication_new_mas_partial_wwsw
|
||||
Metadata.msg_replication_exp_mas
|
||||
Metadata.msg_replication_mod_mas
|
||||
Metadata.msg_replication_exp_rep
|
||||
Metadata.msg_replication_mod_bot_msl
|
||||
Metadata.msg_replication_new_bot_mse_gul
|
||||
Metadata.msg_replication_mod_bot_msh
|
||||
Metadata.msg_replication_new_bot_mse_guh
|
||||
Metadata.msg_replication_mod_rep
|
||||
)
|
||||
for i in ${tests[@]}; do exclude+=("!$i"); done
|
||||
%endif
|
||||
|
||||
# Add -vvv for too much output
|
||||
./testrunner.pl %{?_smp_mflags} -v -f pretty ${exclude[@]} 2>&1
|
||||
|
||||
|
||||
%pre
|
||||
# Create 'cyrus' user on target host
|
||||
getent group saslauth >/dev/null || /usr/sbin/groupadd -g %gid -r saslauth
|
||||
getent passwd cyrus >/dev/null || /usr/sbin/useradd -c "Cyrus IMAP Server" -d /var/lib/imap -g %cyrusgroup \
|
||||
-G saslauth -s /sbin/nologin -u %uid -r %cyrususer
|
||||
|
||||
%post
|
||||
/sbin/ldconfig
|
||||
%systemd_post cyrus-imapd.service
|
||||
|
||||
%preun
|
||||
%systemd_preun cyrus-imapd.service
|
||||
|
||||
%postun
|
||||
/sbin/ldconfig
|
||||
%systemd_postun_with_restart cyrus-imapd.service
|
||||
|
||||
|
||||
%files
|
||||
%license COPYING
|
||||
%doc README.md doc/README.* doc/examples doc/text doc/CHANGES.rpm
|
||||
|
||||
%_datadir/cyrus-imapd
|
||||
%_libdir/libcyrus*.so.*
|
||||
%_mandir/man5/*
|
||||
%_mandir/man8/*
|
||||
|
||||
%dir /etc/pki/cyrus-imapd
|
||||
%attr(0644,root,%cyrusgroup) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %ssl_pem_file_prefix-ca.pem
|
||||
%attr(0644,root,%cyrusgroup) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %ssl_pem_file_prefix.pem
|
||||
%attr(0640,root,%cyrusgroup) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %ssl_pem_file_prefix-key.pem
|
||||
|
||||
%config(noreplace) /etc/cyrus.conf
|
||||
%config(noreplace) /etc/imapd.conf
|
||||
%config(noreplace) /etc/logrotate.d/cyrus-imapd
|
||||
%config(noreplace) /etc/sysconfig/cyrus-imapd
|
||||
%config(noreplace) /etc/pam.d/*
|
||||
|
||||
/etc/cron.daily/cyrus-imapd
|
||||
%_unitdir/cyrus-imapd.service
|
||||
%_unitdir/cyrus-imapd-init.service
|
||||
%_tmpfilesdir/cyrus-imapd.conf
|
||||
|
||||
%dir %cyrexecdir/
|
||||
%cyrexecdir/[a-uw-z]*
|
||||
|
||||
# This creates some directories which in the default configuration cyrus will
|
||||
# never use because they are placed under /run instead. However, old
|
||||
# configurations or setup advice from the 'net might reference them, and so
|
||||
# it's simpler to just leave them in the package.
|
||||
%attr(0750,%cyrususer,%cyrusgroup) %dir /var/lib/imap/
|
||||
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/backup/
|
||||
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/db/
|
||||
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/log/
|
||||
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/meta/
|
||||
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/md5/
|
||||
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/msg/
|
||||
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/proc/
|
||||
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/ptclient/
|
||||
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/quota/
|
||||
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/rpm/
|
||||
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/sieve/
|
||||
%attr(0750,%cyrususer,%cyrusgroup) /var/lib/imap/socket
|
||||
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/sync/
|
||||
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/user/
|
||||
%attr(0700,%cyrususer,%cyrusgroup) /var/spool/imap/
|
||||
|
||||
# The new locations
|
||||
%attr(0750,%cyrususer,%cyrusgroup) %dir /run/cyrus/
|
||||
%attr(0700,%cyrususer,%cyrusgroup) /run/cyrus/db/
|
||||
%attr(0700,%cyrususer,%cyrusgroup) /run/cyrus/lock/
|
||||
%attr(0700,%cyrususer,%cyrusgroup) /run/cyrus/proc/
|
||||
%attr(0750,%cyrususer,%cyrusgroup) /run/cyrus/socket/
|
||||
|
||||
|
||||
%files devel
|
||||
%_includedir/cyrus/
|
||||
%_libdir/libcyrus*.so
|
||||
%_libdir/pkgconfig/*.pc
|
||||
%_mandir/man3/imclient.3*
|
||||
|
||||
|
||||
%files doc-extra
|
||||
%doc doc/html doc/internal doc/legacy
|
||||
|
||||
|
||||
%files utils
|
||||
%license COPYING
|
||||
%doc perl/imap/README
|
||||
%doc perl/imap/Changes
|
||||
%doc perl/imap/examples
|
||||
%{_bindir}/*
|
||||
%{_sbindir}/*
|
||||
%{perl_vendorarch}/auto/Cyrus
|
||||
%{perl_vendorarch}/Cyrus
|
||||
%{perl_vendorlib}/Cyrus
|
||||
%{_mandir}/man3/*.3pm*
|
||||
%{_mandir}/man1/*
|
||||
# RF hardcoded-library-path in /usr/lib/cyrus-imapd
|
||||
/usr/lib/cyrus-imapd
|
||||
|
||||
|
||||
%files vzic
|
||||
%cyrexecdir/vzic*
|
||||
|
||||
|
||||
%changelog
|
||||
* Wed Sep 01 2021 Tomas Korbar <tkorbar@redhat.com> - 3.0.7-23
|
||||
- Fix CVE-2021-33582
|
||||
- Also disable unstable test
|
||||
- Resolves: CVE-2021-33582
|
||||
|
||||
* Thu May 27 2021 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-22
|
||||
- rebuild with xapian support
|
||||
|
||||
* Fri Nov 6 2020 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-20
|
||||
- Use PROFILE=SYSTEM as default configuration for tls_ciphers
|
||||
|
||||
* Thu Apr 23 2020 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-19
|
||||
- change ownership of pki files (#1710722)
|
||||
|
||||
* Thu Apr 23 2020 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-18
|
||||
- Move old changelog into separate file (#1671239)
|
||||
|
||||
* Tue Apr 21 2020 Pavel Zhukov <pavel@desktop.zhukoff.net> - 3.0.7-17
|
||||
- Add fix for CVE-2019-19783
|
||||
- Add fix for CVE-2019-18928
|
||||
|
||||
* Fri Jun 7 2019 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-16
|
||||
- Resolves: #1718195 - don't overrun buffer when parsing strings with sscanf()
|
||||
|
||||
* Mon Oct 8 2018 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-15
|
||||
- Related: #1602472 - Fix rpmdiff warnings
|
||||
|
||||
* Mon Oct 8 2018 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-14
|
||||
- Related: #1602472 - Fix misused syntax warning
|
||||
|
||||
* Tue Oct 2 2018 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-13
|
||||
- Related: #1602472 - Fix few covscan warnings
|
||||
|
||||
* Sun Aug 12 2018 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-12
|
||||
- Rename master -> cyrus-master in documentation
|
||||
|
||||
* Thu Aug 9 2018 Josef Ridky <jridky@redhat.com> - 3.0.7-11
|
||||
- Rebuild for Net-SNMP
|
||||
|
||||
* Wed Aug 8 2018 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-10
|
||||
- Rename master -> cyrus-master
|
||||
|
||||
* Wed Aug 8 2018 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-9
|
||||
- Load supported modules only
|
||||
|
||||
* Mon Aug 6 2018 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-7
|
||||
- Resolves: №1611713 - Generate SSl cerificates for starttls test
|
||||
|
||||
* Mon Jun 25 2018 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-6
|
||||
- Drop shapelib in RHEL
|
||||
|
||||
* Fri Jun 22 2018 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-5
|
||||
- Drop xapian support
|
||||
|
||||
* Tue May 22 2018 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-4
|
||||
- Disable clamav support for non Fedora's
|
||||
- Disable forktest due to builders slowness
|
||||
|
||||
* Fri May 18 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.7-2
|
||||
- Really enable mysql and clamav support.
|
||||
|
||||
* Fri May 18 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.7-1
|
||||
- Update to 3.0.7.
|
||||
- Update Cassandane checkout.
|
||||
- Update excluded Cassandane test list.
|
||||
|
||||
* Tue May 01 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.6-1
|
||||
- Update to 3.0.6.
|
||||
- Remove upstreamed patches and renumber the rest.
|
||||
- Disable one new failing test:
|
||||
https://github.com/cyrusimap/cyrus-imapd/issues/2332
|
||||
|
||||
* Mon Apr 30 2018 Pete Walter <pwalter@fedoraproject.org> - 3.0.5-15
|
||||
- Rebuild for ICU 61.1
|
||||
|
||||
* Tue Apr 17 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-14
|
||||
- Update Cassandane again, fixing a broken test.
|
||||
|
||||
* Fri Apr 13 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-13
|
||||
- Update Cassandane, fixing a few tests and a class of weird random build
|
||||
failures.
|
||||
|
||||
* Fri Apr 06 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-12
|
||||
- Update list of excluded tests.
|
||||
- Update Cassandane snapshot; use new base_port config setting. No need to
|
||||
patch that in now.
|
||||
- Add four new expected-to-fail tests from new Cassandane snapshot.
|
||||
- Add patch to collect extra Cassandane logging in case we hit some of those
|
||||
sporadic failures again.
|
||||
|
||||
* Tue Apr 03 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-11
|
||||
- Re-enable imaptest on >= F29.
|
||||
- F29's imaptest fixes several bugs, allowing all tests to be run there.
|
||||
- Relocate cassandane base port to hopefully work better in koji.
|
||||
|
||||
* Mon Apr 02 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-10
|
||||
- Update cassandane checkout to fix a test that was broken by DST.
|
||||
- Add patch to fix sieve scripts for usernames containing a dot.
|
||||
- Disable imaptest in cassandane until
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=1562970 is fixed.
|
||||
- Re-enable tests on s390; it seems to be better now.
|
||||
|
||||
* Thu Mar 15 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-9
|
||||
- Re-enable clamav on ppc64.
|
||||
|
||||
* Thu Mar 01 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-8
|
||||
- Bump client_timeout value in test suite.
|
||||
|
||||
* Thu Mar 01 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-7
|
||||
- Add patch to fix imtest (rhbz#1543481).
|
||||
- Fix vzic makefile to use proper cflags (rhbz#1550543).
|
||||
|
||||
* Mon Feb 26 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-6
|
||||
- Update cassandane checkout.
|
||||
- Add two new build dependencies.
|
||||
- Remove all JMAP-related tests from the exclusion lists, since cassandane no
|
||||
longer runs any JMAP tests on cyrus 3.0.
|
||||
- Collapse unused test skip lists.
|
||||
- Add ten additional skipped tests, after consultation with upstream.
|
||||
|
||||
* Mon Feb 26 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-5
|
||||
- Add patch to fix segfaults in squatter.
|
||||
- Exclude one test on all releases instead of just F28+.
|
||||
- Remove --cleanup from cassandane invocation.
|
||||
|
||||
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.5-4
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
||||
|
||||
* Tue Jan 09 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-3
|
||||
- Re-enable clamav and mariadb support as those are now built with openssl 1.1.
|
||||
- But no clamav on ppc64 because of
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=1534071
|
||||
|
||||
* Thu Jan 04 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-2
|
||||
- Reorganize some test exclusions so things build on all releases.
|
||||
|
||||
* Thu Jan 04 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-1
|
||||
- Update to 3.0.5.
|
||||
- Add one new failing test.
|
||||
- Remove one now-passing test on rawhide.
|
||||
|
||||
* Mon Dec 18 2017 Pavel Zhukov <pzhukov@redhat.com> - 3.0.4-6
|
||||
- Rebuild with new net-snmp
|
||||
|
||||
* Thu Nov 30 2017 Pete Walter <pwalter@fedoraproject.org> - 3.0.4-5
|
||||
- Rebuild for ICU 60.1
|
||||
|
||||
* Wed Nov 29 2017 Pavel Zhukov <pzhukov@redhat.com> - 3.0.4-4
|
||||
- Do not require tcp_wrappers (#1518759)
|
||||
|
||||
* Tue Nov 14 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.4-3
|
||||
- Rebuild for new libical.
|
||||
- Add patch to fix compilation error with new libical.
|
||||
- Disable two tests which fail due to the new libical.
|
||||
|
||||
* Tue Oct 24 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.4-2
|
||||
- Fix typo in default config;
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=1506000
|
||||
|
||||
* Tue Sep 05 2017 Pavel Zhukov <landgraf@fedoraproject.org> - 3.0.4-1
|
||||
- Update to 3.0.4
|
||||
- Patched cassandane for new behaviour. It should be updated idealy.
|
||||
- Disable ImapTest.urlauth2 test; it seems to fail randomly regardless of
|
||||
architecture.
|
||||
|
||||
* Fri Aug 11 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.3-1
|
||||
- Update to 3.0.3, which contains an important security fix. The fix is not
|
||||
embargoed but no CVE has been assigned yet.
|
||||
- Drop patches merged upstream.
|
||||
- An update of imaptest has resulted in three additional cassandane failures,
|
||||
reported upstream as https://github.com/cyrusimap/cyrus-imapd/issues/2087.
|
||||
In order to get the security fix out without delay, those three tests have been
|
||||
disabled.
|
||||
|
||||
* Fri Aug 11 2017 Igor Gnatenko <ignatenko@redhat.com> - 3.0.2-9
|
||||
- Rebuilt after RPM update (№ 3)
|
||||
|
||||
* Thu Aug 10 2017 Igor Gnatenko <ignatenko@redhat.com> - 3.0.2-8
|
||||
- Rebuilt for RPM soname bump
|
||||
|
||||
* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.2-7
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
|
||||
|
||||
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.2-6
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
|
||||
|
||||
* Fri Jun 30 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.2-5
|
||||
- Add two patches from upstream which fix JMAPCalendars issues on 32-bit and
|
||||
big-endian architectures.
|
||||
- Clean up test invocation and exclusion list. More tests pass now.
|
||||
|
||||
* Wed Jun 28 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.2-4
|
||||
- Explicitly set specialusealways: 1 in the default config.
|
||||
|
||||
* Tue Jun 27 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.2-3
|
||||
- Patch the provided imapd.conf and cyrus.conf to more closely match previous
|
||||
Fedora defaults and directories included in this package and to enable
|
||||
features which are supported by the Fedora build.
|
||||
- Add tmpfiles.d configuration file for directories in /run.
|
||||
|
||||
* Tue Jun 27 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.2-2
|
||||
- Exclude one more test from 32-bit arches. Looks like this failure crept in
|
||||
with the Cassandane update.
|
||||
|
||||
* Thu Jun 22 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.2-1
|
||||
- Update to 3.0.2.
|
||||
- New Cassandane snapshot, with more tests (all of which are passing).
|
||||
|
||||
* Tue Jun 20 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.1-7
|
||||
- Add old /usr/lib/cyrus-imapd directory to the utils package and add a symlink
|
||||
there to the deliver binary. This should help a bit with migrations.
|
||||
- Add upstream patch to fix reconstruct failures on 32-bit architectures.
|
||||
Re-enable those five Cassandane tests.
|
||||
|
||||
* Thu Jun 15 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.1-6
|
||||
- Rename two commands: quota -> cyr_quota, restore -> cyr_restore.
|
||||
- Fix Cassandane to handle those renames.
|
||||
- Fix location of cyr_fetchnews.
|
||||
- Fix Perl 5.26-related module linking issue which caused a test failure.
|
||||
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1461669
|
||||
|
||||
* Tue Jun 06 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.1-5
|
||||
- Use proper path to ctl_mboxlist in cron file.
|
||||
- Add patch to increase individual test timeout. Sometimes armv7hl can't
|
||||
complete a single test in 20 seconds.
|
||||
- Disable the Metronome tests; upstream says that they just won't reliably on
|
||||
shared hardware.
|
||||
- Don't bother running Cassandane on s390x for now. The machines are simply
|
||||
too slow.
|
||||
|
||||
* Tue Jun 06 2017 Jitka Plesnikova <jplesnik@redhat.com> - 3.0.1-4
|
||||
- Perl 5.26 rebuild
|
||||
|
||||
* Fri Jun 02 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.1-3
|
||||
- Remove clamav from build requirements.
|
||||
- Add --cleanup to Cassandane call to hopefully reduce build disk usage.
|
||||
- Disable maxforkrate test on s390x; our builders are too slow to run it.
|
||||
|
||||
* Fri Jun 02 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.1-2
|
||||
- Add patch to fix up some endianness issues.
|
||||
- Enable both test suites on all architectures.
|
||||
- Add arch-specific excludes for a few Cassandane tests.
|
||||
|
||||
* Thu Apr 20 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.1-1
|
||||
- Initial attempt at importing 3.0. Many new dependencies.
|
||||
- Use a stock sample imapd.conf file instead of a Fedora-provided one.
|
||||
|
||||
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.5.10-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
|
||||
|
||||
* Mon Jan 09 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 2.5.10-2
|
||||
- Rename httpd manpage to "cyrhttpd" to avoid conflict with the httpd package.
|
||||
|
||||
* Wed Nov 23 2016 Jason L Tibbitts III <tibbs@math.uh.edu> - 2.5.10-1
|
||||
- Initial update to the 2.5 series.
|
||||
- Significant spec cleanups.
|
||||
- Add sscg dep and follow
|
||||
https://fedoraproject.org/wiki/Packaging:Initial_Service_Setup for initial
|
||||
cert generation.
|
||||
- Change default conf to use the system crypto policy.
|
||||
|
||||
* Sat Jan 01 2000 Pavel Zhukov <pzhukov@redhat.com> - 0.0.1-1
|
||||
- See /usr/share/doc/cyrus-imapd/CHANGELOG.rpm for more history
|
5
cyrus-imapd.sysconfig
Normal file
5
cyrus-imapd.sysconfig
Normal file
@ -0,0 +1,5 @@
|
||||
# Options to cyrus-master
|
||||
CYRUSOPTIONS=""
|
||||
|
||||
# Mailbox list dumps are rotated n times via cron.daily
|
||||
#ROTATE=6
|
5
cyrus-imapd.tmpfiles.conf
Normal file
5
cyrus-imapd.tmpfiles.conf
Normal file
@ -0,0 +1,5 @@
|
||||
d /run/cyrus 0750 cyrus mail -
|
||||
d /run/cyrus/db 0700 cyrus mail -
|
||||
d /run/cyrus/lock 0700 cyrus mail -
|
||||
d /run/cyrus/proc 0700 cyrus mail -
|
||||
d /run/cyrus/socket 0750 cyrus mail -
|
14
patch-cassandane-fix-annotator
Normal file
14
patch-cassandane-fix-annotator
Normal file
@ -0,0 +1,14 @@
|
||||
diff --git a/utils/annotator.pl b/utils/annotator.pl
|
||||
index 94b84a2..0208831 100755
|
||||
--- a/utils/annotator.pl
|
||||
+++ b/utils/annotator.pl
|
||||
@@ -140,6 +140,8 @@ GetOptions(
|
||||
xlog "annotator $$ starting";
|
||||
Cassandane::AnnotatorDaemon->run(
|
||||
pid_file => $pidfile,
|
||||
- port => $port
|
||||
+ port => $port,
|
||||
+ user => (getpwuid($<))[0],
|
||||
+ group => (getgrgid($())[0],
|
||||
);
|
||||
xlog "annotator $$ exiting";
|
21
patch-cassandane-no-syslog
Normal file
21
patch-cassandane-no-syslog
Normal file
@ -0,0 +1,21 @@
|
||||
diff --git a/Cassandane/Util/Log.pm b/Cassandane/Util/Log.pm
|
||||
index 9cd93d5..8d3b3c1 100644
|
||||
--- a/Cassandane/Util/Log.pm
|
||||
+++ b/Cassandane/Util/Log.pm
|
||||
@@ -52,16 +52,12 @@ our @EXPORT = qw(
|
||||
|
||||
my $verbose = 0;
|
||||
|
||||
-openlog('cassandane', '', LOG_LOCAL6)
|
||||
- or die "Cannot openlog";
|
||||
-
|
||||
sub xlog
|
||||
{
|
||||
my ($pkg, $file, $line) = caller;
|
||||
$pkg =~ s/^Cassandane:://;
|
||||
my $msg = "=====> " . $pkg . "[" . $line . "] " . join(' ', @_);
|
||||
print STDERR "$msg\n";
|
||||
- syslog(LOG_ERR, "$msg");
|
||||
}
|
||||
|
||||
sub set_verbose
|
114
patch-cyrus-default-configs
Normal file
114
patch-cyrus-default-configs
Normal file
@ -0,0 +1,114 @@
|
||||
diff --git a/doc/examples/cyrus_conf/prefork.conf b/doc/examples/cyrus_conf/prefork.conf
|
||||
index 4ce2c0f..3b1e6d7 100644
|
||||
--- a/doc/examples/cyrus_conf/prefork.conf
|
||||
+++ b/doc/examples/cyrus_conf/prefork.conf
|
||||
@@ -19,15 +19,15 @@ SERVICES {
|
||||
# nntps cmd="nntpd -s" listen="nntps" prefork=1
|
||||
|
||||
# these are only necessary if using HTTP for CalDAV, CardDAV, or RSS
|
||||
-# http cmd="httpd" listen="http" prefork=3
|
||||
-# https cmd="httpd -s" listen="https" prefork=1
|
||||
+ http cmd="httpd" listen="http" prefork=3
|
||||
+ https cmd="httpd -s" listen="https" prefork=1
|
||||
|
||||
# at least one LMTP is required for delivery
|
||||
# lmtp cmd="lmtpd" listen="lmtp" prefork=0
|
||||
- lmtpunix cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=1
|
||||
+ lmtpunix cmd="lmtpd" listen="/run/cyrus/socket/lmtp" prefork=1
|
||||
|
||||
# this is only necessary if using notifications
|
||||
-# notify cmd="notifyd" listen="/var/imap/socket/notify" proto="udp" prefork=1
|
||||
+# notify cmd="notifyd" listen="/run/cyrus/socket/notify" proto="udp" prefork=1
|
||||
}
|
||||
|
||||
EVENTS {
|
||||
diff --git a/doc/examples/imapd_conf/normal.conf b/doc/examples/imapd_conf/normal.conf
|
||||
index 95b54e9..3935b77 100644
|
||||
--- a/doc/examples/imapd_conf/normal.conf
|
||||
+++ b/doc/examples/imapd_conf/normal.conf
|
||||
@@ -10,7 +10,7 @@ admins: cyrus
|
||||
###################################################################
|
||||
|
||||
# Configuration directory
|
||||
-configdirectory: /var/lib/cyrus
|
||||
+configdirectory: /var/lib/imap
|
||||
|
||||
# Directories for proc and lock files
|
||||
proc_path: /run/cyrus/proc
|
||||
@@ -19,18 +19,18 @@ mboxname_lockpath: /run/cyrus/lock
|
||||
# Locations for DB files
|
||||
# The following DB are recreated upon initialization, so should live in
|
||||
# ephemeral storage for best performance.
|
||||
-duplicate_db_path: /run/cyrus/deliver.db
|
||||
-ptscache_db_path: /run/cyrus/ptscache.db
|
||||
-statuscache_db_path: /run/cyrus/statuscache.db
|
||||
-tls_sessions_db_path: /run/cyrus/tls_sessions.db
|
||||
+duplicate_db_path: /run/cyrus/db/deliver.db
|
||||
+ptscache_db_path: /run/cyrus/db/ptscache.db
|
||||
+statuscache_db_path: /run/cyrus/db/statuscache.db
|
||||
+tls_sessions_db_path: /run/cyrus/db/tls_sessions.db
|
||||
|
||||
# Which partition to use for default mailboxes
|
||||
defaultpartition: default
|
||||
-partition-default: /var/spool/cyrus/mail
|
||||
+partition-default: /var/spool/imap
|
||||
|
||||
# If sieveusehomedir is false (the default), this directory is searched
|
||||
# for Sieve scripts.
|
||||
-sievedir: /var/spool/sieve
|
||||
+sievedir: /var/lib/imap/sieve
|
||||
|
||||
###################################################################
|
||||
## Important: KEEP THESE IN SYNC WITH cyrus.conf
|
||||
@@ -51,19 +51,16 @@ syslog_prefix: cyrus
|
||||
# Space-separated list of HTTP modules that will be enabled in
|
||||
# httpd(8). This option has no effect on modules that are disabled at
|
||||
# compile time due to missing dependencies (e.g. libical).
|
||||
-#
|
||||
-# Allowed values: caldav, carddav, domainkey, ischedule, rss
|
||||
-httpmodules: caldav carddav
|
||||
+# Enable supported modules
|
||||
+httpmodules: caldav carddav
|
||||
|
||||
# If enabled, the partitions will also be hashed, in addition to the
|
||||
# hashing done on configuration directories. This is recommended if one
|
||||
# partition has a very bushy mailbox tree.
|
||||
hashimapspool: true
|
||||
|
||||
-# Enable virtual domains
|
||||
-# and set default domain to localhost
|
||||
-virtdomains: yes
|
||||
-defaultdomain: localhost
|
||||
+# Disable virtual domains by default
|
||||
+virtdomains: off
|
||||
|
||||
###################################################################
|
||||
## User experience settings
|
||||
@@ -72,6 +69,14 @@ defaultdomain: localhost
|
||||
# Minimum time between POP mail fetches in minutes
|
||||
popminpoll: 1
|
||||
|
||||
+# Conversation support is required for jmap
|
||||
+conversations: 1
|
||||
+conversations_db: twoskip
|
||||
+
|
||||
+# This will default to on in 3.1, and improves compatibility with some Apple
|
||||
+# devices. Upstream https://github.com/cyrusimap/cyrus-imapd/issues/1556
|
||||
+specialusealways: 1
|
||||
+
|
||||
###################################################################
|
||||
## User Authentication settings
|
||||
###################################################################
|
||||
@@ -99,6 +104,12 @@ sasl_auto_transition: no
|
||||
## SSL/TLS Options
|
||||
###################################################################
|
||||
|
||||
+# These three files will automatically be generated by the systemd unit when
|
||||
+# the service starts for the first time.
|
||||
+tls_server_cert: /etc/pki/cyrus-imapd/cyrus-imapd.pem
|
||||
+tls_server_key: /etc/pki/cyrus-imapd/cyrus-imapd-key.pem
|
||||
+tls_client_ca_file: /etc/pki/cyrus-imapd/cyrus-imapd-ca.pem
|
||||
+
|
||||
# File containing the global certificate used for ALL services (imap,
|
||||
# pop3, lmtp, sieve)
|
||||
#tls_server_cert: /etc/ssl/certs/ssl-cert-snakeoil.pem
|
13
patch-cyrus-managesieve-linking
Normal file
13
patch-cyrus-managesieve-linking
Normal file
@ -0,0 +1,13 @@
|
||||
diff --git a/perl/sieve/managesieve/Makefile.PL.in b/perl/sieve/managesieve/Makefile.PL.in
|
||||
index 2bb715d..422504d 100644
|
||||
--- a/perl/sieve/managesieve/Makefile.PL.in
|
||||
+++ b/perl/sieve/managesieve/Makefile.PL.in
|
||||
@@ -69,7 +69,7 @@ WriteMakefile(
|
||||
'ABSTRACT' => 'Cyrus Sieve management interface',
|
||||
'VERSION_FROM' => "@top_srcdir@/perl/sieve/managesieve/managesieve.pm", # finds $VERSION
|
||||
'MYEXTLIB' => '../lib/.libs/libisieve.a @top_builddir@/perl/.libs/libcyrus.a @top_builddir@/perl/.libs/libcyrus_min.a',
|
||||
- 'LIBS' => ["$LIB_SASL @SSL_LIBS@ @LIB_UUID@ @ZLIB@"],
|
||||
+ 'LIBS' => ["$LIB_SASL @SSL_LIBS@ @LIB_UUID@ @ZLIB@ -lsqlite3 -lpq -lmariadb"],
|
||||
'CCFLAGS' => '@GCOV_CFLAGS@',
|
||||
'DEFINE' => '-DPERL_POLLUTE', # e.g., '-DHAVE_SOMETHING'
|
||||
'INC' => "-I@top_srcdir@/lib -I@top_srcdir@/perl/sieve -I@top_srcdir@/perl/sieve/lib @SASLFLAGS@ @SSL_CPPFLAGS@",
|
13
patch-cyrus-testsuite-timeout
Normal file
13
patch-cyrus-testsuite-timeout
Normal file
@ -0,0 +1,13 @@
|
||||
diff --git a/cunit/unit.c b/cunit/unit.c
|
||||
index 46dc358..ca37f22 100644
|
||||
--- a/cunit/unit.c
|
||||
+++ b/cunit/unit.c
|
||||
@@ -97,7 +97,7 @@ EXPORTED void fatal(const char *s, int code)
|
||||
}
|
||||
|
||||
/* Each test gets a maximum of 20 seconds. */
|
||||
-#define TEST_TIMEOUT_MS (20*1000)
|
||||
+#define TEST_TIMEOUT_MS (30*1000)
|
||||
|
||||
static jmp_buf jbuf;
|
||||
static const char *code;
|
25
patch-vzic-proper-cflags
Normal file
25
patch-vzic-proper-cflags
Normal file
@ -0,0 +1,25 @@
|
||||
diff --git a/tools/vzic/Makefile b/tools/vzic/Makefile
|
||||
index 8ae6afa..3882998 100644
|
||||
--- a/tools/vzic/Makefile
|
||||
+++ b/tools/vzic/Makefile
|
||||
@@ -45,17 +45,17 @@ LIBICAL_LDADD = -lical
|
||||
GLIB_CFLAGS = `pkg-config --cflags glib-2.0`
|
||||
GLIB_LDADD = `pkg-config --libs glib-2.0`
|
||||
|
||||
-CFLAGS = -g -I../.. -DOLSON_DIR=\"$(OLSON_DIR)\" -DPRODUCT_ID='"$(PRODUCT_ID)"' -DTZID_PREFIX='"$(TZID_PREFIX)"' $(GLIB_CFLAGS) $(LIBICAL_CFLAGS)
|
||||
+CFLAGS += -I../.. -DOLSON_DIR=\"$(OLSON_DIR)\" -DPRODUCT_ID='"$(PRODUCT_ID)"' -DTZID_PREFIX='"$(TZID_PREFIX)"' $(GLIB_CFLAGS) $(LIBICAL_CFLAGS)
|
||||
|
||||
OBJECTS = vzic.o vzic-parse.o vzic-dump.o vzic-output.o
|
||||
|
||||
all: vzic
|
||||
|
||||
vzic: $(OBJECTS)
|
||||
- $(CC) $(OBJECTS) $(GLIB_LDADD) -o vzic
|
||||
+ $(CC) $(LDFLAGS) $(OBJECTS) $(GLIB_LDADD) -o vzic
|
||||
|
||||
test-vzic: test-vzic.o
|
||||
- $(CC) test-vzic.o $(LIBICAL_LDADD) -o test-vzic
|
||||
+ $(CC) $(LDFLAGS) test-vzic.o $(LIBICAL_LDADD) -o test-vzic
|
||||
|
||||
# Dependencies.
|
||||
$(OBJECTS): vzic.h
|
3
sources
Normal file
3
sources
Normal file
@ -0,0 +1,3 @@
|
||||
SHA512 (cassandane-00bfe01.tar.gz) = 96f2ca6cbf36c8f9df2b4762ca572b5ba597ca305408f992d6671cba2845f990c8d3cf35ae91ea44da9ea825c9b4c6b1e5fb314b27c31cf4c63805699ab46ab6
|
||||
SHA512 (cassandane-testdata-20170523.tar.gz) = 705f5af6a31fe3b8d6e8027bbddbedb2f64d65997f8a06620ec07fcd30a95d98ac3f3fbef7af5080684ee21be1c5b8bcad2374b2749f0571099e780355a04420
|
||||
SHA512 (cyrus-imapd-3.0.7.tar.gz) = 6f9af658df6ae6e4463bb52c672c7e8d49482c8e5542985825f099ea8b76291d1598a2a5c92711ae642b0d053c5168792f1832eeb15d1fdeb4b8d2efcfb4d9b9
|
Loading…
Reference in New Issue
Block a user