CentOS4.x Postfix-2.1

PostgreSQL/MySQLに対応したPostfixを導入します

CentOSのYUMリポジトリ上のPostfixパッケージはPostgreSQL/MySQL対応のオプションが指定されていない為、パッケージのソースからBUILDします

作業の流れ

作業はすべて一般ユーザにて行います

一般ユーザでSRPMのBUILDを行える様にするにはroot以外でRPMのbuildができる様にするを参照

  • ソースRPMの入手
  • ソースRPMのインストール
  • SPECファイルの変更(PostgreSQL/MySQLサポート)
  • RPMの作成(BUILD)

注意

yumの自動更新設定等をおこなっていると、postfixの更新があると自動的に更新されてしまい、ここで指定したオプションがすべて無効になってしまいます

yumの自動更新対象からpostfixをはずしたい場合は/etc/yum.confの[main]セクションに以下を追加します

exclude=postfix*

詳しくは、yumで自動更新しないパッケージを指定するを参照

ソースRPMの入手

postfixのSRPMを ミラーサイトより、入手します

執筆時点での最新は、postfix-2.1.5-4.2です

$ wget http://ftp.riken.jp/Linux/caos/centos/4.1/os/SRPMS/postfix-2.1.5-4.2.RHEL4.src.rpm

ソースRPMのインストール

以下を実行して、入手したソースRPMをインストール(展開)します

$ rpm -ivh postfix-2.1.5-4.2.RHEL4.src.rpm

これで、${HOME}/rpm以下にSPECファイル及びソースファイルが展開されます

SPECファイルの変更

PostgreSQLまたはMySQL対応の為の指定をSPECファイルに行います(両方同時に指定も可能)

編集対象となるファイルは、${HOME}/rpm/SPECE/postfix.specです

MySQL対応

PostfixをMySQL対応にするにはSPECファイル(postfix.spec)を以下の様にMYSQLの定義を0から1に変更します

%define LDAP 2
%define MYSQL 1
%define PCRE 1
%define SASL 2
%define TLS 1
   :    :
   :    :

PostgreSQL対応

CentOSのPostfixのSPECファイルはPostgreSQLを考慮した記述になっていない様なのであちこち追加しないといけません

%define LDAP 2
%define MYSQL 0
%define PCRE 1
%define SASL 2
%define TLS 1
%define IPV6 1
%define POSTDROP_GID 90
%define PFLOGSUMM 1
%define PGSQL 1

# On Redhat 8.0.1 and earlier, LDAP is compiled with SASL V1 and won't work
# if postfix is compiled with SASL V2. So we drop to SASL V1 if LDAP is
# requested but use the preferred SASL V2 if LDAP is not requested.
# Sometime soon LDAP will build agains SASL V2 and this won't be needed.

%if %{LDAP} <= 1 && %{SASL} >= 2
%undefine SASL
%define SASL 1
%endif

%define tlsno pfixtls-0.8.18-2.1.3-0.9.7d
%if %{PFLOGSUMM}
%define pflogsumm_ver 1.1.0
%endif

# Postfix requires one exlusive uid/gid and a 2nd exclusive gid for its own
# use.  Let me know if the second gid collides with another package.
# Be careful: Redhat's 'mail' user & group isn't unique!
%define postfix_uid    89
%define postfix_user   postfix
%define postfix_gid    89
%define postfix_group  postfix
%define postdrop_group postdrop
%define maildrop_group %{postdrop_group}
%define maildrop_gid   %{POSTDROP_GID}

%define postfix_config_dir  %{_sysconfdir}/postfix
%define postfix_daemon_dir  %{_libexecdir}/postfix
%define postfix_command_dir %{_sbindir}
%define postfix_queue_dir   %{_var}/spool/postfix
%define postfix_doc_dir     %{_docdir}/%{name}-%{version}
%define postfix_sample_dir  %{postfix_doc_dir}/samples
%define postfix_readme_dir  %{postfix_doc_dir}/README_FILES

Name: postfix
Summary: Postfix Mail Transport Agent
Version: 2.1.5
Release: 4.2.RHEL4
Epoch: 2
Group: System Environment/Daemons
URL: http://www.postfix.org
License: IBM Public License
PreReq: /sbin/chkconfig, /sbin/service, sh-utils
PreReq: fileutils, textutils,
PreReq: /usr/sbin/alternatives

PreReq: %{_sbindir}/groupadd, %{_sbindir}/useradd

Provides: MTA smtpd smtpdaemon /usr/bin/newaliases

Source0: ftp://ftp.porcupine.org/mirrors/postfix-release/official/%{name}-%{version}.tar.gz
Source1: postfix-etc-init.d-postfix
Source3: README-Postfix-SASL-RedHat.txt

# Sources 50-99 are upstream [patch] contributions

# A note about the various TLS and IPV6 patch files. TLS was
# originally added to Postfix by Lutz Jaenicke, this is what is in
# Source50. In addition to the source patch it includes documentation
# and examples. Dean Strik created a patch to support IPv6, this was
# taken from the work done by Mark Huizer, and then substantially
# improved by Jun-ichiro 'itojun' Hagino (known as the KAME
# patch). Dean provides his patch in two forms, one with IPv6 only (Source52),
# and one with IPv6 and TLS (Source51). The TLS support in Dean Stick's patch
# comes from the TLS patch done by Lutz Jaenicke. However Dean Strick
# did not include the TLS documentation and examples that are in Lutz
# Jaenicke's tarball. Depending on what this RPM builds we use some
# combination of patches and files from Sources 50-52.
#
# The TLS documentation and examples always comes from Source50, the
# Lutz Jaenicke contribution. We can do this because even if we don't
# use this patch to add TLS, but rather use Dean Strik's tls+ipv6
# patch is still based on Lutz Jaenicke's contribution.
#
# If we are building with IPv6 and no TLS then Source52 is used. If we
# are building with both IPv6 and TLS then Source51 is used and we
# include the doc and examples from Source50, but not Source50's
# patch. If we are building with TLS and no IPv6 then we use the
# original Source50 patch and doc.

Source50: ftp://ftp.aet.tu-cottbus.de/pub/postfix_tls/%{tlsno}.tar.gz
Source51: ftp://ftp.stack.nl/pub/postfix/tls+ipv6/1.26/tls+ipv6-1.26-pf-2.1.5.patch.gz
Source52: ftp://ftp.stack.nl/pub/postfix/tls+ipv6/1.26/ipv6-1.26-pf-2.1.5.patch.gz
%if %{PFLOGSUMM}
Source53: http://jimsun.linxnet.com/downloads/pflogsumm-%{pflogsumm_ver}.tar.gz
%endif

# Sources >= 100 are config files

Source100: postfix-sasl.conf
Source101: postfix-pam.conf

# Patches

Patch1: postfix-2.1.1-config.patch
Patch2: postfix-smtp_sasl_proto.c.patch
Patch3: postfix-alternatives.patch
Patch4: postfix-hostname-fqdn.patch
Patch5: postfix-2.1.1-pie.patch
Patch6: postfix-2.1.1-obsolete.patch
Patch7: postfix-2.1.5-aliases.patch

# Optional patches - set the appropriate environment variables to include
#                    them when building the package/spec file

BuildRoot: %{_tmppath}/%{name}-buildroot

# Determine the different packages required for building postfix
BuildRequires: gawk, perl, sed, ed, db4-devel, pkgconfig, zlib-devel

Requires: setup >= 2.5.36-1
BuildRequires: setup >= 2.5.36-1

%if %{LDAP}
BuildRequires: openldap %gt;= 2.0.27, openldap-devel >= 2.0.27
Requires: openldap >= 2.0.27
%endif

%if %{SASL}
BuildRequires: cyrus-sasl >= 2.1.10, cyrus-sasl-devel >= 2.1.10
Requires: cyrus-sasl  >= 2.1.10
%endif

%if %{PCRE}
Requires: pcre
BuildRequires: pcre, pcre-devel
%endif

%if %{MYSQL}
Requires: mysql
BuildRequires: mysql, mysql-devel
%endif

%if %{TLS}
Requires: openssl
BuildRequires: openssl-devel >= 0.9.6
%endif

%if %{PGSQL}
Requires: postgresql
BuildRequires: postgresql, postgresql-devel
%endif

Provides: /usr/sbin/sendmail /usr/bin/mailq /usr/bin/rmail

%description
Postfix is a Mail Transport Agent (MTA), supporting LDAP, SMTP AUTH (SASL),
TLS

%prep
umask 022

%setup -q
#
# IPv6 and TLS are sort of hand in hand. We need to apply them in the
# following order:
# - IPv6 + TLS (if both are enabled)
# - IPv6 only
# - TLS only
# The last else block with patch fuzz factor enabled fixes master.cf
# by force if we're compiling without TLS
#
%if %{IPV6} && %{TLS}
echo "TLS and IPv6, patching with %{SOURCE51}"
gzip -dc %{SOURCE51} | patch -p1 -b -z .ipv6tls
%endif

%if %{IPV6} && !%{TLS}
echo "IPv6 Only, patching with %{SOURCE52}"
gzip -dc %{SOURCE52} | patch -p1 -b -z .ipv6
%endif

%if %{TLS}
# It does not matter which TLS patch we are using, we always need the
# doc and examples from Lutz Jaenicke tarball so unpack it now.
gzip -dc %{SOURCE50} | tar xf -
if [ $? -ne 0 ]; then
  exit $?
fi
%endif

%if %{IPV6} && %{TLS}
# TLS and IPv6
%patch1 -p1 -b .config
%endif

%if !%{IPV6} && %{TLS}
echo "TLS Only, patching with %{tlsno}/pfixtls.diff"
patch -p1 < %{tlsno}/pfixtls.diff
%patch1 -p1 -b .config
%endif

%if !%{IPV6} && !%{TLS}
# No TLS. Without the TLS patch the context lines in this patch don't
# match. Set fuzz to ignore all context lines, this is a bit
# dangerous.
patch --fuzz=3 -p1 -b -z .config < %{P:1}
%endif

# Apply obligatory patches
%patch2 -p1 -b .auth
%patch3 -p1 -b .alternatives
%patch4 -p1 -b .postfix-hostname-fqdn
%patch5 -p1 -b .pie
%patch6 -p1 -b .obsolete
%patch7 -p1 -b .aliases

%if %{PFLOGSUMM}
gzip -dc %{SOURCE53} | tar xf -
%endif

# pflogsumm subpackage
%if %{PFLOGSUMM}
%package pflogsumm
Group: System Environment/Daemons
Summary: A Log Summarizer/Analyzer for the Postfix MTA
Requires: perl-Date-Calc
%description pflogsumm
Pflogsumm is a log analyzer/summarizer for the Postfix MTA.  It is
designed to provide an over-view of Postfix activity. Pflogsumm
generates summaries and, in some cases, detailed reports of mail
server traffic volumes, rejected and bounced email, and server
warnings, errors and panics.

%endif

%build
umask 022

CCARGS=-fPIC
AUXLIBS=

%ifarch s390 s390x ppc
CCARGS="${CCARGS} -fsigned-char"
%endif

%if %{LDAP}
  CCARGS="${CCARGS} -DHAS_LDAP"
  AUXLIBS="${AUXLIBS} -L%{_libdir} -lldap -llber"
%endif
%if %{PCRE}
  # -I option required for pcre 3.4 (and later?)
  CCARGS="${CCARGS} -DHAS_PCRE -I/usr/include/pcre"
  AUXLIBS="${AUXLIBS} -lpcre"
%endif
%if %{MYSQL}
  CCARGS="${CCARGS} -DHAS_MYSQL -I/usr/include/mysql"
  AUXLIBS="${AUXLIBS} -L%{_libdir}/mysql -lmysqlclient -lm"
%endif
%if %{SASL}
  %define sasl_v1_lib_dir %{_libdir}/sasl
  %define sasl_v2_lib_dir %{_libdir}/sasl2
  CCARGS="${CCARGS} -DUSE_SASL_AUTH"
  %if %{SASL} <= 1
    %define sasl_lib_dir %{sasl_v1_lib_dir}
    AUXLIBS="${AUXLIBS} -L%{sasl_lib_dir} -lsasl"
  %else
    %define sasl_lib_dir %{sasl_v2_lib_dir}
    CCARGS="${CCARGS} -I/usr/include/sasl"
    AUXLIBS="${AUXLIBS} -L%{sasl_lib_dir} -lsasl2"
  %endif
%endif
%if %{TLS}
  if pkg-config openssl ; then
    CCARGS="${CCARGS} -DHAS_SSL `pkg-config --cflags openssl`"
    AUXLIBS="${AUXLIBS} `pkg-config --libs openssl`"
  else
    CCARGS="${CCARGS} -DHAS_SSL -I/usr/include/openssl"
    AUXLIBS="${AUXLIBS} -lssl -lcrypto"
  fi
%endif

%if %{PGSQL}
  CCARGS="${CCARGS} -DHAS_PGSQL -I/usr/include/postgresql"
  AUXLIBS="${AUXLIBS} -lpq -lssl -lcrypto -lcrypt"
%endif

export CCARGS AUXLIBS
make -f Makefile.init makefiles

unset CCARGS AUXLIBS
make DEBUG="" OPT="$RPM_OPT_FLAGS"

%install
umask 022
/bin/rm -rf   $RPM_BUILD_ROOT
/bin/mkdir -p $RPM_BUILD_ROOT

# install postfix into $RPM_BUILD_ROOT
   :           :
   :           :
   :           :
   :           :

RPMの作成(BUILD)

以下を実行します

$ cd ~/rpm/SPECS
$ rpmbuild -ba postfix.spec

正常終了すると、~/rpm/RPMS/i386/以下に以下のファイルができます

postfix-2.1.5-4.2.RHEL4.i386.rpm
postfix-pflogsumm-2.1.5-4.2.RHEL4.i386.rpm

あとは、rootになり、postfix-2.1.5-4.2.RHEL4.i386.rpmをインストールすればOKです

(*)同一バージョンが導入済みで更新できない場合は、 --force オプションを指定すること

$ su - 
# rpm -ivh postfix-2.1.5-4.2.RHEL4.i386.rpm             <-  新規インストール
# rpm -Uvh postfix-2.1.5-4.2.RHEL4.i386.rpm             <-  更新

確認

以下を実行し、

$ /usr/bin/ldd /usr/sbin/postfix
        libldap-2.2.so.7 => /usr/lib/libldap-2.2.so.7 (0x004d2000)
        liblber-2.2.so.7 => /usr/lib/liblber-2.2.so.7 (0x0027e000)
        libpcre.so.0 => /lib/libpcre.so.0 (0x006a2000)
        libmysqlclient.so.14 => /usr/lib/mysql/libmysqlclient.so.14 (0x00795000)
        libm.so.6 => /lib/tls/libm.so.6 (0x00972000)
        libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x006cf000)
        libssl.so.4 => /lib/libssl.so.4 (0x00c6f000)
        libcrypto.so.4 => /lib/libcrypto.so.4 (0x00d96000)
        libgssapi_krb5.so.2 => /usr/lib/libgssapi_krb5.so.2 (0x002ff000)
        libkrb5.so.3 => /usr/lib/libkrb5.so.3 (0x0012d000)
        libcom_err.so.2 => /lib/libcom_err.so.2 (0x0074a000)
        libk5crypto.so.3 => /usr/lib/libk5crypto.so.3 (0x00560000)
        libresolv.so.2 => /lib/libresolv.so.2 (0x00192000)
        libdl.so.2 => /lib/libdl.so.2 (0x00b3e000)
        libz.so.1 => /usr/lib/libz.so.1 (0x001a5000)
        libpq.so.3 => /usr/lib/libpq.so.3 (0x001b5000)
        libcrypt.so.1 => /lib/libcrypt.so.1 (0x001cf000)
        libdb-4.2.so => /lib/tls/i686/libdb-4.2.so (0x00313000)
        libnsl.so.1 => /lib/libnsl.so.1 (0x001fd000)
        libc.so.6 => /lib/tls/libc.so.6 (0x00995000)
        /lib/ld-linux.so.2 (0x00760000)
        libpthread.so.0 => /lib/tls/libpthread.so.0 (0x00ad3000)

の様に、libmysqlclient.soやlibpq.soがでてきたらOKだと思います

関連ページ