From 76785b6c24700a9cf8da76752a55ade066ba3204 Mon Sep 17 00:00:00 2001 From: Michal Hlavinka Date: Tue, 8 Dec 2015 19:07:07 +0100 Subject: [PATCH] move ssl initialization from %post to dovecot-init.service --- dovecot-2.2.20-initbysystemd.patch | 51 ++++++++++++++++++++++++++++++ dovecot.spec | 24 +++++--------- 2 files changed, 59 insertions(+), 16 deletions(-) create mode 100644 dovecot-2.2.20-initbysystemd.patch diff --git a/dovecot-2.2.20-initbysystemd.patch b/dovecot-2.2.20-initbysystemd.patch new file mode 100644 index 0000000..3389609 --- /dev/null +++ b/dovecot-2.2.20-initbysystemd.patch @@ -0,0 +1,51 @@ +diff -up dovecot-2.2.20/dovecot-init.service.initbysystemd dovecot-2.2.20/dovecot-init.service +--- dovecot-2.2.20/dovecot-init.service.initbysystemd 2015-12-08 18:44:31.264563464 +0100 ++++ dovecot-2.2.20/dovecot-init.service 2015-12-08 18:44:31.264563464 +0100 +@@ -0,0 +1,18 @@ ++[Unit] ++Description=One-time Dovecot init service ++ConditionPathExists=|!/var/lib/dovecot/ssl-parameters.dat ++ConditionPathExists=|!/etc/pki/dovecot/certs/dovecot.pem ++ ++[Service] ++Type=oneshot ++RemainAfterExit=no ++ExecStart=/bin/sh -c '\ ++if [ ! -f /etc/pki/dovecot/certs/dovecot.pem ]; \ ++then\ ++ SSLDIR=/etc/pki/dovecot/ OPENSSLCONFIG=/etc/pki/dovecot/dovecot-openssl.cnf /usr/libexec/dovecot/mkcert.sh /dev/null 2>&1;\ ++fi;\ ++if [ ! -f /var/lib/dovecot/ssl-parameters.dat ]; \ ++then\ ++ /usr/libexec/dovecot/ssl-params >/dev/null 2>&1; \ ++fi' ++ +diff -up dovecot-2.2.20/dovecot.service.in.initbysystemd dovecot-2.2.20/dovecot.service.in +--- dovecot-2.2.20/dovecot.service.in.initbysystemd 2015-12-08 18:44:31.263563465 +0100 ++++ dovecot-2.2.20/dovecot.service.in 2015-12-08 18:44:31.264563464 +0100 +@@ -20,7 +20,8 @@ + Description=Dovecot IMAP/POP3 email server + Documentation=man:dovecot(1) + Documentation=http://wiki2.dovecot.org/ +-After=local-fs.target network-online.target ++After=local-fs.target network-online.target dovecot-init.service ++Requires=dovecot-init.service + + [Service] + Type=simple +diff -up dovecot-2.2.20/Makefile.am.initbysystemd dovecot-2.2.20/Makefile.am +--- dovecot-2.2.20/Makefile.am.initbysystemd 2015-12-08 18:46:35.452435316 +0100 ++++ dovecot-2.2.20/Makefile.am 2015-12-08 18:46:40.046430706 +0100 +@@ -54,9 +54,10 @@ if HAVE_SYSTEMD + + systemdsystemunit_DATA = \ + dovecot.socket \ +- dovecot.service ++ dovecot.service \ ++ dovecot-init.service + else +-EXTRA_DIST += dovecot.socket dovecot.service.in ++EXTRA_DIST += dovecot.socket dovecot.service.in dovecot-init.service + endif + + install-exec-hook: diff --git a/dovecot.spec b/dovecot.spec index d8cab80..0c848cb 100644 --- a/dovecot.spec +++ b/dovecot.spec @@ -5,7 +5,7 @@ Name: dovecot Epoch: 1 Version: 2.2.20 %global prever %{nil} -Release: 1%{?dist} +Release: 2%{?dist} #dovecot itself is MIT, a few sources are PD, pigeonhole is LGPLv2 License: MIT and LGPLv2 Group: System Environment/Daemons @@ -35,9 +35,10 @@ Patch5: dovecot-2.1-privatetmp.patch Patch6: dovecot-2.1.10-waitonline.patch Patch7: dovecot-2.2.13-online.patch +Patch8: dovecot-2.2.20-initbysystemd.patch + Source15: prestartscript -Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: openssl-devel, pam-devel, zlib-devel, bzip2-devel, libcap-devel BuildRequires: libtool, autoconf, automake, pkgconfig BuildRequires: sqlite-devel @@ -130,6 +131,7 @@ This package provides the development files for dovecot. %patch5 -p1 -b .privatetmp %patch6 -p1 -b .waitonline %patch7 -p1 -b .online +%patch8 -p1 -b .initbysystemd #pushd dovecot-2*2-pigeonhole-%{pigeonholever} #popd sed -i '/DEFAULT_INCLUDES *=/s|$| '"$(pkg-config --cflags libclucene-core)|" src/plugins/fts-lucene/Makefile.in @@ -260,10 +262,6 @@ rm -f securecoding.txt thread-refs.txt popd -%clean -rm -rf $RPM_BUILD_ROOT - - %pre #dovecot uid and gid are reserved, see /usr/share/doc/setup-*/uidgid getent group dovecot >/dev/null || groupadd -r --gid 97 dovecot @@ -296,16 +294,6 @@ then %endif fi -# generate the ssl certificates -if [ ! -f %{ssldir}/certs/%{name}.pem ]; then - SSLDIR=%{ssldir} OPENSSLCONFIG=%{ssldir}/dovecot-openssl.cnf \ - %{_libexecdir}/%{name}/mkcert.sh &> /dev/null -fi - -if [ ! -f /var/lib/dovecot/ssl-parameters.dat ]; then - /usr/libexec/dovecot/ssl-params &>/dev/null -fi - install -d -m 0755 -g dovecot -d /var/run/dovecot install -d -m 0755 -d /var/run/dovecot/empty install -d -m 0750 -g dovenull -d /var/run/dovecot/login @@ -367,6 +355,7 @@ make check %if %{?fedora}0 > 140 || %{?rhel}0 > 60 %_tmpfilesdir/dovecot.conf %{_unitdir}/dovecot.service +%{_unitdir}/dovecot-init.service %{_unitdir}/dovecot.socket %else %{_initddir}/dovecot @@ -492,6 +481,9 @@ make check %{_libdir}/%{name}/dict/libdriver_pgsql.so %changelog +* Tue Dec 08 2015 Michal Hlavinka - 1:2.2.20-2 +- move ssl initialization from %post to dovecot-init.service + * Tue Dec 08 2015 Michal Hlavinka - 1:2.2.20-1 - dovecot updated to 2.2.20 - director: Backend tags weren't working correctly.