commit: 1e35c9f5cb7862d43cecc76cf4159bae5b71ff9c Author: Michael Orlitzky <mjo <AT> gentoo <DOT> org> AuthorDate: Wed Mar 27 16:01:33 2019 +0000 Commit: Michael Orlitzky <mjo <AT> gentoo <DOT> org> CommitDate: Wed Mar 27 17:18:08 2019 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1e35c9f5
mail-filter/opendkim: add an elog about sharing a local socket. Sharing a local OpenDKIM socket with an MTA is far too tricky. This commit adds an elog with some vague hints, but we really need a decent wiki page with some step-by-step instructions. This is progress towards bug 575666, but I won't consider that resolved until we have a wiki page. Bug: https://bugs.gentoo.org/575666 Signed-off-by: Michael Orlitzky <mjo <AT> gentoo.org> Package-Manager: Portage-2.3.62, Repoman-2.3.11 mail-filter/opendkim/opendkim-2.10.3-r7.ebuild | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/mail-filter/opendkim/opendkim-2.10.3-r7.ebuild b/mail-filter/opendkim/opendkim-2.10.3-r7.ebuild index 0b954394930..28700f34963 100644 --- a/mail-filter/opendkim/opendkim-2.10.3-r7.ebuild +++ b/mail-filter/opendkim/opendkim-2.10.3-r7.ebuild @@ -153,6 +153,18 @@ pkg_postinst() { elog " emerge --config ${CATEGORY}/${PN}" elog "It will help you create your key and give you hints on how" elog "to configure your DNS and MTA." + + # TODO: This is tricky, we really need a good wiki page showing + # how to share a local socket with an MTA! + elog "If you are using a local (UNIX) socket, then you will" + elog "need to make sure that your MTA has read/write access" + elog "to the socket file. This is best accomplished by creating" + elog "a completely-new group with only your MTA user and the " + elog "\"opendkim\" user in it. You would then set \"UMask 0112\"" + elog "in your opendkim.conf, and switch the primary group of your" + elog "\"opendkim\" user to the group that you just created. The" + elog "last step is necessary for the socket to be created as the" + elog "new group (and not as group \"opendkim\")". else ewarn "The user account for the OpenDKIM daemon has changed" ewarn "from \"milter\" to \"opendkim\" to prevent unrelated services"
