1 # Copyright 1999-2020 Gentoo Authors
2 # Distributed under the terms of the GNU General Public License v2
6 inherit flag-o-matic pam systemd toolchain-funcs
9 MY_SRC="${PN}-${MY_PV}"
10 MY_URI="ftp://ftp.porcupine.org/mirrors/postfix-release/official"
13 DESCRIPTION="A fast and secure drop-in replacement for sendmail"
14 HOMEPAGE="http://www.postfix.org/"
15 SRC_URI="${MY_URI}/${MY_SRC}.tar.gz"
17 LICENSE="|| ( IBM EPL-2.0 )"
19 KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86"
20 IUSE="+berkdb cdb dovecot-sasl +eai hardened ldap ldap-bind libressl lmdb memcached mbox mysql nis pam postgres sasl selinux sqlite ssl"
22 DEPEND=">=dev-libs/libpcre-3.4
24 berkdb? ( >=sys-libs/db-3.2:* )
25 cdb? ( || ( >=dev-db/tinycdb-0.76 >=dev-db/cdb-0.75-r4 ) )
26 eai? ( dev-libs/icu:= )
27 ldap? ( net-nds/openldap )
28 ldap-bind? ( net-nds/openldap[sasl] )
29 lmdb? ( >=dev-db/lmdb-0.9.11 )
30 mysql? ( dev-db/mysql-connector-c:0= )
31 nis? ( net-libs/libnsl )
33 postgres? ( dev-db/postgresql:* )
34 sasl? ( >=dev-libs/cyrus-sasl-2 )
35 sqlite? ( dev-db/sqlite:3 )
37 !libressl? ( dev-libs/openssl:0= )
38 libressl? ( >=dev-libs/libressl-2.9.1:0= )
45 memcached? ( net-misc/memcached )
59 selinux? ( sec-policy/selinux-postfix )"
61 REQUIRED_USE="ldap-bind? ( ldap sasl )"
63 S="${WORKDIR}/${MY_SRC}"
66 "${FILESDIR}/${PN}-libressl-certkey.patch"
67 "${FILESDIR}/${PN}-libressl-server.patch"
72 sed -i -e "/^#define ALIAS_DB_MAP/s|:/etc/aliases|:/etc/mail/aliases|" \
73 src/util/sys_defs.h || die "sed failed"
74 # change default paths to better comply with portage standard paths
75 sed -i -e "s:/usr/local/:/usr/:g" conf/master.cf || die "sed failed"
79 for name in CDB LDAP LMDB MYSQL PCRE PGSQL SDBM SQLITE
81 local AUXLIBS_${name}=""
84 # Make sure LDFLAGS get passed down to the executables.
85 local mycc="-DHAS_PCRE" mylibs="${LDFLAGS} -ldl"
86 AUXLIBS_PCRE="$(pcre-config --libs)"
88 use pam && mylibs="${mylibs} -lpam"
91 mycc="${mycc} -DHAS_LDAP"
92 AUXLIBS_LDAP="-lldap -llber"
96 mycc="${mycc} -DHAS_MYSQL $(mysql_config --include)"
97 AUXLIBS_MYSQL="$(mysql_config --libs)"
100 if use postgres; then
101 mycc="${mycc} -DHAS_PGSQL -I$(pg_config --includedir)"
102 AUXLIBS_PGSQL="-L$(pg_config --libdir) -lpq"
106 mycc="${mycc} -DHAS_SQLITE"
107 AUXLIBS_SQLITE="-lsqlite3 -lpthread"
111 mycc="${mycc} -DUSE_TLS"
112 mylibs="${mylibs} -lssl -lcrypto"
116 mycc="${mycc} -DHAS_LMDB"
117 AUXLIBS_LMDB="-llmdb -lpthread"
121 mycc="${mycc} -DNO_EAI"
124 # broken. and "in other words, not supported" by upstream.
125 # Use inet_protocols setting in main.cf
127 # mycc="${mycc} -DNO_IPV6"
131 if use dovecot-sasl; then
132 # Set dovecot as default.
133 mycc="${mycc} -DDEF_SASL_SERVER=\\\"dovecot\\\""
135 if use ldap-bind; then
136 mycc="${mycc} -DUSE_LDAP_SASL"
138 mycc="${mycc} -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/include/sasl"
139 mylibs="${mylibs} -lsasl2"
140 elif use dovecot-sasl; then
141 mycc="${mycc} -DUSE_SASL_AUTH -DDEF_SERVER_SASL_TYPE=\\\"dovecot\\\""
145 mycc="${mycc} -DNO_NIS"
148 if ! use berkdb; then
149 mycc="${mycc} -DNO_DB"
151 # change default hash format from Berkeley DB to cdb
152 mycc="${mycc} -DDEF_DB_TYPE=\\\"cdb\\\""
157 mycc="${mycc} -DHAS_CDB -I/usr/include/cdb"
158 # Tinycdb is preferred.
159 if has_version dev-db/tinycdb ; then
160 einfo "Building with dev-db/tinycdb"
163 einfo "Building with dev-db/cdb"
164 CDB_PATH="/usr/$(get_libdir)"
165 for i in cdb.a alloc.a buffer.a unix.a byte.a ; do
166 AUXLIBS_CDB="${AUXLIBS_CDB} ${CDB_PATH}/${i}"
171 # Robin H. Johnson <robbat2@gentoo.org> 17/Nov/2006
172 # Fix because infra boxes hit 2Gb .db files that fail a 32-bit fstat signed check.
173 mycc="${mycc} -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE"
176 # Workaround for bug #76512
177 if use hardened; then
178 [[ "$(gcc-version)" == "3.4" ]] && replace-flags -O? -Os
181 # Remove annoying C++ comment style warnings - bug #378099
182 append-flags -Wno-comment
184 sed -i -e "/^RANLIB/s/ranlib/$(tc-getRANLIB)/g" "${S}"/makedefs
185 sed -i -e "/^AR/s/ar/$(tc-getAR)/g" "${S}"/makedefs
187 emake makefiles shared=yes dynamicmaps=no pie=yes \
188 shlib_directory="/usr/$(get_libdir)/postfix/MAIL_VERSION" \
189 DEBUG="" CC="$(tc-getCC)" OPT="${CFLAGS}" CCARGS="${mycc}" AUXLIBS="${mylibs}" \
190 AUXLIBS_CDB="${AUXLIBS_CDB}" AUXLIBS_LDAP="${AUXLIBS_LDAP}" \
191 AUXLIBS_LMDB="${AUXLIBS_LMDB}" AUXLIBS_MYSQL="${AUXLIBS_MYSQL}" \
192 AUXLIBS_PCRE="${AUXLIBS_PCRE}" AUXLIBS_PGSQL="${AUXLIBS_PGSQL}" \
193 AUXLIBS_SQLITE="${AUXLIBS_SQLITE}"
197 LD_LIBRARY_PATH="${S}/lib" \
198 /bin/sh postfix-install \
200 install_root="${D}" \
201 config_directory="/etc/postfix" \
202 manpage_directory="/usr/share/man" \
203 command_directory="/usr/sbin" \
204 mailq_path="/usr/bin/mailq" \
205 newaliases_path="/usr/bin/newaliases" \
206 sendmail_path="/usr/sbin/sendmail" \
207 || die "postfix-install failed"
209 # Fix spool removal on upgrade
211 keepdir /var/spool/postfix
213 # Install rmail for UUCP, closes bug #19127
214 dobin auxiliary/rmail/rmail
216 # Provide another link for legacy FSH
217 dosym ../sbin/sendmail /usr/$(get_libdir)/sendmail
219 # Install qshape, posttls-finger and collate
220 dobin auxiliary/qshape/qshape.pl
221 doman man/man1/qshape.1
222 dobin bin/posttls-finger
223 doman man/man1/posttls-finger.1
224 dobin auxiliary/collate/collate.pl
225 newdoc auxiliary/collate/README README.collate
227 # Performance tuning tools and their manuals
228 dosbin bin/smtp-{source,sink} bin/qmqp-{source,sink}
229 doman man/man1/smtp-{source,sink}.1 man/man1/qmqp-{source,sink}.1
231 # Set proper permissions on required files/directories
232 keepdir /var/lib/postfix
233 fowners -R postfix:postfix /var/lib/postfix
234 fperms 0750 /var/lib/postfix
235 fowners root:postdrop /usr/sbin/post{drop,queue}
236 fperms 02755 /usr/sbin/post{drop,queue}
239 keepdir /etc/postfix/postfix-files.d
241 mypostconf="mail_spool_directory=/var/spool/mail"
243 mypostconf="home_mailbox=.maildir/"
245 LD_LIBRARY_PATH="${S}/lib" \
246 "${D}"/usr/sbin/postconf -c "${D}"/etc/postfix \
247 -e ${mypostconf} || die "postconf failed"
250 newins "${FILESDIR}"/smtp.pass saslpass
251 fperms 600 /etc/postfix/saslpass
253 newinitd "${FILESDIR}"/postfix.rc6.${RC_VER} postfix
254 # do not start mysql/postgres unnecessarily - bug #359913
255 use mysql || sed -i -e "s/mysql //" "${D}/etc/init.d/postfix"
256 use postgres || sed -i -e "s/postgresql //" "${D}/etc/init.d/postfix"
258 dodoc *README COMPATIBILITY HISTORY PORTING RELEASE_NOTES*
259 mv "${S}"/examples "${D}"/usr/share/doc/${PF}/
260 # postfix set-permissions expects uncompressed man files
261 docompress -x /usr/share/man
263 pamd_mimic_system smtp auth account
267 newins "${FILESDIR}"/smtp.sasl smtpd.conf
271 insinto /usr/include/postfix
274 if has_version mail-mta/postfix; then
275 # let the sysadmin decide when to change the compatibility_level
276 sed -i -e /^compatibility_level/"s/^/#/" "${D}"/etc/postfix/main.cf || die
279 systemd_dounit "${FILESDIR}/${PN}.service"
283 if has_version '<mail-mta/postfix-3.4'; then
285 elog "Postfix-3.4 introduces a new master.cf service 'postlog'"
286 elog "with type 'unix-dgram' that is used by the new postlogd(8) daemon."
287 elog "Before backing out to an older Postfix version, edit the master.cf"
288 elog "file and remove the postlog entry."
294 if [[ ! -e /etc/mail/aliases.db ]] ; then
296 ewarn "You must edit /etc/mail/aliases to suit your needs"
297 ewarn "and then run /usr/bin/newaliases. Postfix will not"
298 ewarn "work correctly without it."
302 # check and fix file permissions
303 "${EROOT}"/usr/sbin/postfix set-permissions
307 if "${EROOT}"/usr/sbin/postfix tls all-default-client; then
308 elog "To configure client side TLS settings:"
309 elog "${EROOT}"/usr/sbin/postfix tls enable-client
311 if "${EROOT}"/usr/sbin/postfix tls all-default-server; then
312 elog "To configure server side TLS settings:"
313 elog "${EROOT}"/usr/sbin/postfix tls enable-server