#!/bin/sh # Slackware build script for opensmtpd # Copyright 2013-2014 Robby Workman, Northport, Alabama, USA # Copyright 2015-2020 Richard Narron, California, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is # permitted provided that the following conditions are met: # # 1. Redistributions of this script must retain the above copyright # notice, this list of conditions and the following disclaimer. # # THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED # WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF # MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO # EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, # PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; # OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. PRGNAM=opensmtpd VERSION=${VERSION:-6.0.3p1} BUILD=${BUILD:-5} TAG=${TAG:-_SBo} if [ -z "$ARCH" ]; then case "$( uname -m )" in i?86) ARCH=i586 ;; arm*) ARCH=arm ;; *) ARCH=$( uname -m ) ;; esac fi CWD=$(pwd) TMP=${TMP:-/tmp/SBo} PKG=$TMP/package-$PRGNAM OUTPUT=${OUTPUT:-/tmp} if [ "$ARCH" = "i586" ]; then SLKCFLAGS="-O2 -march=i586 -mtune=i686 -fstack-protector" LIBDIRSUFFIX="" elif [ "$ARCH" = "i686" ]; then SLKCFLAGS="-O2 -march=i686 -mtune=i686 -fstack-protector" LIBDIRSUFFIX="" elif [ "$ARCH" = "x86_64" ]; then SLKCFLAGS="-O2 -fPIC -fstack-protector" LIBDIRSUFFIX="64" else SLKCFLAGS="-O2 -fstack-protector" LIBDIRSUFFIX="" fi bailout() { printf "\nYou must have smtpd and smtpq users and groups on the system \n" printf "for privilege separation - something like this should suffice: \n" printf "\tgroupadd -g 270 smtpd \n" printf "\tuseradd -u 270 -g 270 -r -s /bin/false -d /var/empty smtpd \n" printf "\tgroupadd -g 271 smtpq \n" printf "\tuseradd -u 271 -g 271 -r -s /bin/false -d /var/empty smtpq \n\n" exit 1 } if ! getent group smtpd 1>/dev/null 2>/dev/null ; then bailout elif ! getent passwd smtpd 1>/dev/null 2>/dev/null ; then bailout elif ! getent passwd smtpq 1>/dev/null 2>/dev/null ; then bailout elif ! getent group smtpq 1>/dev/null 2>/dev/null ; then bailout fi set -e rm -rf $PKG mkdir -p $TMP $PKG $OUTPUT cd $TMP rm -rf $PRGNAM-$VERSION tar xvf $CWD/$PRGNAM-$VERSION.tar.gz cd $PRGNAM-$VERSION chown -R root:root . find -L . \ \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \ -o -perm 511 \) -exec chmod 755 {} \; -o \ \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \ -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \; # fix reply buffer overflow cat $CWD/openbsd64-020-smtpd.patch | patch -p1 # fix tls downgrade cat $CWD/openbsd65-029-smptd-tls.patch | patch -p1 # fix exec cat $CWD/openbsd66-019-smtpd-exec.patch | patch -p1 # check null from crypt function cat $CWD/fix-crash-on-authentication.patch | patch -p1 CFLAGS="$SLKCFLAGS -D_DEFAULT_SOURCE" \ CXXFLAGS="$SLKCFLAGS" \ ./configure \ --prefix=/usr \ --libdir=/usr/lib${LIBDIRSUFFIX} \ --sysconfdir=/etc/opensmtpd \ --localstatedir=/var \ --with-path-socket=/var/run \ --mandir=/usr/man \ --with-mantype=doc \ --docdir=/usr/doc/$PRGNAM-$VERSION \ --without-rpath \ --with-path-mbox=/var/spool/mail \ --with-user-smtpd=smtpd \ --with-user-queue=smtpq \ --with-group-queue=smtpq \ --with-path-CAfile=/etc/ssl/certs/ca-certificates.crt \ --with-table-db \ --build=$ARCH-slackware-linux make make install DESTDIR=$PKG find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | \ grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true # bug fix thanks to Ed Rozenberg: change group for smtpctl chgrp smtpq $PKG/usr/sbin/smtpctl chmod 2555 $PKG/usr/sbin/smtpctl # Create nice compat symlinks for sendmail rm -f $PKG/usr/bin/sendmail $PKG/usr/sbin/sendmail ln -s smtpctl $PKG/usr/sbin/sendmail ln -s ../sbin/sendmail $PKG/usr/bin/sendmail rm -f $PKG/usr/sbin/mailq $PKG/usr/sbin/newaliases $PKG/usr/sbin/makemap ln -s smtpctl $PKG/usr/sbin/mailq ln -s smtpctl $PKG/usr/sbin/newaliases ln -s smtpctl $PKG/usr/sbin/makemap mkdir -p $PKG/etc/rc.d cat $CWD/rc.opensmtpd > $PKG/etc/rc.d/rc.opensmtpd.new # Don't clobber the config file mv $PKG/etc/opensmtpd/smtpd.conf $PKG/etc/opensmtpd/smtpd.conf.new # and reflect the correct path to aliases file sed -i "s,/etc/mail/,/etc/opensmtpd/,g" $PKG/etc/opensmtpd/smtpd.conf.new # Create (but don't clobber) the aliases file cat $CWD/aliases > $PKG/etc/opensmtpd/aliases.new # Create some other required directories with proper ownership and permissions mkdir -p $PKG/var/spool/smtpd/corrupt $PKG/var/spool/smtpd/incoming \ $PKG/var/spool/smtpd/offline $PKG/var/spool/smtpd/purge \ $PKG/var/spool/smtpd/queue $PKG/var/spool/smtpd/temporary chown root:smtpq $PKG/var/spool/smtpd/offline chown smtpq:root $PKG/var/spool/smtpd/corrupt $PKG/var/spool/smtpd/incoming \ $PKG/var/spool/smtpd/purge $PKG/var/spool/smtpd/queue \ $PKG/var/spool/smtpd/temporary chmod 0711 $PKG/var/spool/smtpd chmod 0700 $PKG/var/spool/smtpd/corrupt $PKG/var/spool/smtpd/incoming \ $PKG/var/spool/smtpd/queue $PKG/var/spool/smtpd/temporary chmod 0770 $PKG/var/spool/smtpd/offline chmod 0700 $PKG/var/spool/smtpd/purge find $PKG/usr/man -type f -exec gzip -9 {} \; for i in $( find $PKG/usr/man -type l ) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION cp -a INSTALL LICENSE README.md THANKS $PKG/usr/doc/$PRGNAM-$VERSION cat $CWD/README > $PKG/usr/doc/$PRGNAM-$VERSION/README.slackware cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild mkdir -p $PKG/install cat $CWD/slack-desc > $PKG/install/slack-desc cat $CWD/doinst.sh > $PKG/install/doinst.sh cd $PKG /sbin/makepkg -l y -p -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz}