You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

419 lines
15KB

  1. %define version 0.2.64
  2. %define release 1
  3. %define name ipasserelle-base
  4. Summary: Meta-Package to turn a SME Server into an iPasserelle
  5. Name: ipasserelle-base
  6. Version: 0.2.70
  7. Release: 1%{?dist}
  8. Epoch: 9
  9. License: GPL
  10. Group: Networking/Daemons
  11. Source: %{name}-%{version}.tar.gz
  12. BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot
  13. BuildArchitectures: noarch
  14. BuildRequires: e-smith-devtools
  15. Requires: e-smith-base >= 5.2.0
  16. Requires: e-smith-ldap
  17. Requires: smeserver-remoteuseraccess
  18. Requires: smeserver-zabbix-agent
  19. Requires: smeserver-zabbix-proxy
  20. Requires: logwatch
  21. Requires: smeserver-shared-folders
  22. Requires: smeserver-qos
  23. Requires: smeserver-fetchmail
  24. Requires: smeserver-webapps-common
  25. Requires: smeserver-expire-accounts
  26. Requires: bash-completion
  27. Requires: ipasserelle-repo
  28. Requires: qmail-notify
  29. Requires: iftop
  30. Requires: openssl-perl
  31. Requires: perl(List::MoreUtils)
  32. Requires: perl(Text::Unaccent::PurePerl)
  33. Requires: perl(Net::LDAP)
  34. Requires: perl(Proc::ProcessTable)
  35. Requires: perl(Proc::ProcessTable::Process)
  36. Requires: pbzip2
  37. Requires: yum >= 3.2.29-69
  38. Requires: smeserver-fail2ban
  39. Obsoletes: smeserver-denyhosts
  40. Obsoletes: smeserver-mailstats
  41. %description
  42. Meta package to configure an iPasserelle Server
  43. Based on SMEServer, iPasserelle is a specially configured
  44. SME Server, with some additionnal modules
  45. %changelog
  46. * Thu Dec 19 2019 Daniel Berteaud <daniel@firewall-services.com> 0.2.70-1
  47. - Hide warning if year maildir already exists (daniel@firewall-services.com)
  48. * Thu Mar 14 2019 Daniel Berteaud <daniel@firewall-services.com> 0.2.69-1
  49. - Don't try to create or delete scan dir if no user has been passed
  50. (daniel@firewall-services.com)
  51. * Tue Feb 06 2018 Daniel Berteaud <daniel@firewall-services.com> 0.2.68-1
  52. - Handle Bcc being a fully qualified address in rotate script GLPI #30996
  53. (daniel@firewall-services.com)
  54. * Wed Dec 06 2017 Daniel Berteaud <daniel@firewall-services.com> 0.2.67-1
  55. - Typo in Category CGI param id (daniel@firewall-services.com)
  56. * Wed Dec 06 2017 Daniel Berteaud <daniel@firewall-services.com> 0.2.66-1
  57. - Remove GIT Changelog (daniel@firewall-services.com)
  58. * Wed Dec 06 2017 Daniel Berteaud <daniel@firewall-services.com> 0.2.65-1
  59. - new package built with tito
  60. - Add Support for buisnessCategory LDAP field
  61. * Wed Jul 19 2017 Daniel Berteaud <daniel@firewall-services.com> 0.2.64-1
  62. - Reduce spamassassin's BL score to 1.0 each
  63. * Thu Jun 8 2017 Daniel Berteaud <daniel@firewall-services.com> 0.2.63-1
  64. - Set admins member full privileges on public mailboxes
  65. If smeserver-dovecot-extras >= 0.1.3
  66. * Thu Jun 8 2017 Daniel Berteaud <daniel@firewall-services.com> 0.2.62-1
  67. - Slightly reduce spamassassin BL scores
  68. * Mon Jun 5 2017 Daniel Berteaud <daniel@firewall-services.com> 0.2.61-1
  69. - Add some blacklists to spamassassin
  70. * Thu Apr 6 2017 Daniel Berteaud <daniel@firewall-services.com> 0.2.60-1
  71. - Add support for separated __VILLE__ __RUE__ and __CODE_POSTAL__ tags
  72. for email signature
  73. * Wed Mar 8 2017 Daniel Berteaud <daniel@firewall-services.com> 0.2.59-1
  74. - Make sure bayes auto learn is disabled when not enabled
  75. - Adjust default bayes auto learn threshold
  76. * Wed Nov 9 2016 Daniel Berteaud <daniel@firewall-services.com> 0.2.58-1
  77. - Enable access to /server-status for localhost
  78. * Wed May 18 2016 Daniel Berteaud <daniel@firewall-services.com> 0.2.57-1
  79. - Remove MailSpike BL
  80. * Fri May 13 2016 Daniel Berteaud <daniel@firewall-services.com> 0.2.56-1
  81. - Fix a syntax error in spamassassin conf template
  82. * Wed Apr 13 2016 Daniel Berteaud <daniel@firewall-services.com> 0.2.55-1
  83. - Remove S-A custom scores
  84. - Add MailSpike BL
  85. - Requires smeserver-expire-accounts
  86. - Add spamassassin autolearn param
  87. * Wed Dec 23 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.54-1
  88. - Fix home RecycleBin purge by using mtime instead of atime
  89. * Fri Dec 4 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.53-1
  90. - Define netfs service in the DB
  91. * Wed Dec 2 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.52-1
  92. - Fix /var/clamav ownership
  93. * Fri Nov 27 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.51-1
  94. - Ignore winnow.spam.ts.brokenspam.1 virus
  95. * Fri Aug 7 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.50-1
  96. - Requires recent enough yum instead of yum-downloadonly
  97. * Mon Jul 6 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.49-1
  98. - Remove hardcoded value for open_files_limit
  99. - Set the default open_files_limit to 8192
  100. * Mon Feb 9 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.48-1
  101. - Add a EmailPrimaryDomain prop to user account
  102. * Fri Jan 30 2015 Daniel Berteaud <daniel@firewall-services.com> 0.2.47-1
  103. - Download updates even when a dependencie issue would prevent the
  104. transaction
  105. * Mon Jun 30 2014 Daniel Berteaud <daniel@firewall-services.com> 0.2.46-1
  106. - Replace header_access directive with request_header_access
  107. * Mon Jun 23 2014 Daniel Berteaud <daniel@firewall-services.com> 0.2.45-1
  108. - Replace syslog templates-custom with rsyslog fragment
  109. * Fri Mar 21 2014 Daniel Berteaud <daniel@firewall-services.com> 0.2.44-1
  110. - Fix AllowedRemoteIP (SPF Whitelist)
  111. * Wed Mar 12 2014 Daniel Berteaud <daniel@firewall-services.com> 0.2.43-1
  112. - Add SPF support (qpsmtpd and tinydns)
  113. * Fri Jan 24 2014 Daniel Berteaud <daniel@firewall-services.com> 0.2.42-1
  114. - Add a simple audit page in userinfo panel
  115. * Mon Jan 20 2014 Daniel Berteaud <daniel@firewall-services.com> 0.2.41-1
  116. - Update email address in LDAP if the first one in the list has changed
  117. * Wed Dec 11 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.40-1
  118. - Remove the non templated qmail-notify cron file
  119. * Wed Dec 11 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.39-1
  120. - Really fix qmail-notify cron
  121. * Wed Dec 11 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.38-1
  122. - Fix qmail-notify cron
  123. * Tue Nov 12 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.37-1
  124. - New branch for SME9
  125. * Fri Nov 8 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.36-1
  126. - Allow placeholders in signatures templates to be removed if the
  127. corresponding value is empty
  128. - Strip http:// or https at the begining and / at the end of the Url
  129. prop in the signature
  130. * Tue Oct 15 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.35-1
  131. - Remove phpmailer from the potential spam mailers
  132. - Reduce scrore for FSL_HELO_FIREWALL
  133. * Fri Sep 27 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.34-1
  134. - Reduce score for KHOP_BIG_TO_CC to 1.5
  135. - Fix a warning in purge-home-recycle script
  136. * Thu Sep 26 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.33-1
  137. - Reduce a few spamassassin score, which were too agressive
  138. * Wed Sep 25 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.32-1
  139. - Fix the purge-home-recycle script
  140. * Tue Sep 17 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.31-1
  141. - Other spamassassin scores adjustments
  142. * Thu Jun 13 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.30-1
  143. - Disable default samba logging
  144. * Thu Jun 6 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.29-1
  145. - Set default pyzor timeout to 15 sec
  146. - Add some spamassassin rules to fight against spam in french
  147. - Adjust some spamassassin scores
  148. - Fix another syntax erreor in share-modify-scan script
  149. * Wed Jun 5 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.28-1
  150. - Replace denyhosts with fail2ban
  151. - Obsoletes smeserver-mailstats
  152. * Fri Apr 19 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.27-1
  153. - add innodb_file_per_table directive to my.cnf
  154. * Fri Apr 19 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.26-1
  155. - Allow up to 500 connections to MySQL
  156. * Fri Dec 21 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.25-1
  157. - Fix updates download cron job
  158. * Mon Dec 3 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.24-1
  159. - Some scan require read permissions on directories
  160. * Wed Nov 28 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.23-1
  161. - Download available updates nightly
  162. * Tue Nov 20 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.22-1
  163. - More fixes for scan ACLs
  164. * Mon Nov 19 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.21-1
  165. - Fix a typo in share-modify-scan script
  166. * Thu Nov 15 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.20-1
  167. - Fix default ACL for admins group in scan share
  168. * Thu Nov 15 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.19-1
  169. - Several fixes in scan share ACL
  170. * Fri Sep 28 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.18-1
  171. - Add SRV records for imap, imaps, smtp and smtps services
  172. * Fri Sep 28 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.17-1
  173. - add make-srv script to generate SRV records in tinydns
  174. * Mon Sep 10 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.16-1
  175. - Validation for the shell field
  176. - accept empty value for the shell and the chroot dir
  177. - add a script to purge home dir recycle bin
  178. * Fri Aug 24 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.15-1
  179. - Add a chroot field in user info panel
  180. * Tue Jul 17 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.14-1
  181. - Keep last 50 log files for mail services instead of 10
  182. * Tue Jun 26 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.13-1
  183. - Fix group mail addresses in viewgroup userpanel
  184. * Sun Jun 24 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.12-1
  185. - Move generated signatures in tools share
  186. * Sun Jun 17 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.11-1
  187. - Copy cacert in Primary ibay
  188. * Fri Jun 8 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.10-1.sme
  189. - Copy cacrl in Primary ibay
  190. * Tue May 29 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.9-1.sme
  191. - Update private cacert
  192. * Thu May 24 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.8-1.sme
  193. - Use pbzip2 instead of bzip2 for maillog rotation
  194. * Wed May 23 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.7-1.sme
  195. - Include CHANGELOG
  196. * Fri May 18 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.6-1.sme
  197. - Optimizations in LDAP updates scripts
  198. * Tue Apr 24 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.5-1.sme
  199. - Kill qpsmtpd after 1h instead of 30min
  200. * Mon Apr 16 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.4-1.sme
  201. - Revert previous commit, havp is now in front of squid
  202. * Mon Apr 16 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.3-1.sme
  203. - Don't hide X_Forwarded_For headers in squid if havp is enabled
  204. * Fri Apr 13 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.2-1.sme
  205. - Revert previous commit, bootstrap.min.css will go in webapps
  206. * Thu Apr 12 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.1-1.sme
  207. - Add bootstrap.min.css
  208. * Tue Apr 03 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.0-1.sme
  209. - Switch to git
  210. - Fix PATH in cron script
  211. - Initialize PasswordSet, AllowRSSH and VPNClientAccess prop for special accounts
  212. * Sun Mar 04 2012 Daniel Berteaud <daniel@firewall-services.com> 0.1-24.sme
  213. - Fix cron scripts permissions
  214. - Add scan share with required permissions for scan2file (smb)
  215. - Fix private cacert script
  216. - Work arround a bug with spam score in some locales
  217. - Add greylisting support in qpsmtpd
  218. * Thu Mar 01 2012 Daniel Berteaud <daniel@firewall-services.com> 0.1-23.sme
  219. - Rise MySQL open_files_limit to 4096
  220. * Thu Dec 01 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-22.sme
  221. - Monthly archive maillog's Maildir (if qpsmtpd->ArchiveBcc is enabled)
  222. - Add a new url attribute (not in LDAP, only for signature __URL__)
  223. - Requires openssl-perl
  224. - Stop running navigation-conf in ipasserelle-update
  225. - Chown signature dir to the user
  226. - Use larger fields in panel
  227. * Fri Oct 28 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-20.sme
  228. - Add a custom template (no other choice) to send samba audit log to a separate file
  229. * Thu Jul 21 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-19.sme
  230. - Remove LL::NG dep and all portal related stuff
  231. - Separate tel and mob in signature generation script
  232. - Add all functions variable in email signature generation script
  233. - Kill stalled qpsmtpd process to prevent reaching instance limit
  234. - Allow to choose email signature template per user (SignatureTemplate)
  235. - Rename tag __SECTEUR__ to __SERVICE__ for the signature
  236. * Wed Jul 13 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-18.sme
  237. - Remove defaults example vhost and categories from LL::NG conf
  238. - LL::NG Self protect the manager
  239. * Fri Jul 08 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-17.sme
  240. - Generate both txt and html version of the signature
  241. * Fri Jul 08 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-16.sme
  242. - Fix tel tag in signature
  243. * Thu Jul 07 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-15.sme
  244. - Disable weekly raid checks
  245. - Add a basic email signature generator
  246. - Fix a small typo in userinfo fr locale
  247. - requires iftop
  248. * Mon Jul 04 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-14.sme
  249. - Depend on LL::NG and add / change some default config to match what
  250. is expected on iPasserelle
  251. * Tue Jun 28 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-13.sme
  252. - Fix a typo in group-modify event
  253. * Mon Jun 20 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-12.sme
  254. - Add support for qmail-notify
  255. * Sun Jun 19 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-11.sme
  256. - Add PreferredMail as the first mail attribute in LDAP
  257. - Fix copyright header
  258. * Sat Jun 18 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-10.sme
  259. - Add alternative Email addresses in userinfo panel
  260. * Wed May 11 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-9.sme
  261. - Don't let Squid send XForwardedFor headers
  262. - Don't cache yum repo data with squid
  263. * Tue May 10 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-8.sme
  264. - Fix a typo in the tools share ReadGroup prop
  265. * Wed Apr 06 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-7.sme
  266. - Display group alias in viewgroups panel
  267. * Tue Apr 05 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-6.sme
  268. - Add userpanel-viewgroups
  269. * Mon Apr 04 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-5.sme
  270. - Re-create userpanels symlinks in ipasserelle-update
  271. * Thu Mar 17 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-4.sme
  272. - Add desktopLoginShell LDAP attr
  273. - Allow empty preferred mail
  274. * Mon Mar 14 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-3.sme
  275. - Add autofs and ipmi service entries in the DB
  276. - Add postalCode LDAP attribute
  277. - Add validation routine for some fields
  278. * Tue Mar 8 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-2.sme
  279. - Add extensionNumber LDAP attribute
  280. * Thu Jan 20 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-1.sme
  281. - initial release
  282. %prep
  283. %setup -q -n %{name}-%{version}
  284. %build
  285. %{__mkdir_p} root/home/e-smith/files/shares/tools/files/signatures/templates
  286. %{__mkdir_p} root/home/e-smith/files/scan
  287. %{__mkdir_p} root/var/lib/qpsmtpd/greylisting
  288. perl createlinks
  289. %install
  290. /bin/rm -rf $RPM_BUILD_ROOT
  291. (cd root ; /usr/bin/find . -depth -print | /bin/cpio -dump $RPM_BUILD_ROOT)
  292. /bin/rm -f %{name}-%{version}-filelist
  293. /sbin/e-smith/genfilelist $RPM_BUILD_ROOT \
  294. --file /etc/cron.hourly/qpsmtpd-cleanup 'attr(0755,root,root)' \
  295. --file /etc/cron.monthly/maillog-rotate 'attr(0755,root,root)' \
  296. --file /etc/cron.hourly/cacrl 'attr(0755,root,root)' \
  297. --file /etc/cron.daily/purge-homes-recycle 'attr(0755,root,root)' \
  298. --file /etc/cron.daily/download-updates 'attr(0755,root,root)' \
  299. --dir /home/e-smith/files/scan 'attr(0750,root,shared)' \
  300. --dir /var/lib/qpsmtpd/greylisting 'attr(0750,qpsmtpd,qpsmtpd)' \
  301. --file /usr/bin/make-srv 'attr(0755,root,root)' \
  302. --dir /var/clamav 'attr(0755,clamav,clamav)' \
  303. > %{name}-%{version}-filelist
  304. echo "%doc" >> %{name}-%{version}-filelist
  305. %files -f %{name}-%{version}-filelist
  306. %defattr(-,root,root)
  307. %clean
  308. rm -rf $RPM_BUILD_ROOT
  309. %post
  310. %preun