committing changes in /etc after apt run

Package changes:
+liblua5.1-0 5.1.5-7.1
+libmemcached11 1.0.18-4
+libmemcachedutil2 1.0.18-4
+libmilter1.0.1 8.14.4-8+deb8u1
+libopendbx1 1.4.6-8
+libopendbx1-mysql 1.4.6-8
+libopendbx1-pgsql 1.4.6-8
+libopendbx1-sqlite3 1.4.6-8
+libopendkim9 2.9.2-2+deb8u1
+librbl1 2.9.2-2+deb8u1
+libunbound2 1.4.22-3+deb8u2
+libvbr2 2.9.2-2+deb8u1
+opendbx-utils 1.4.6-8
+opendkim 2.9.2-2+deb8u1
+opendkim-tools 2.9.2-2+deb8u1

diff --git a/.etckeeper b/.etckeeper
index 81684bfd8df4cf8e12674e42d48d64bc900c6b94..7826b37f2cf4ff01b5b1a52bcd3f912393a32e59 100755 (executable)
--- a/.etckeeper
+++ b/.etckeeper
@@ -258,6 +258,7 @@ maybe chmod 0644 'default/netfilter-persistent'
 maybe chmod 0644 'default/networking'
 maybe chmod 0644 'default/nginx'
 maybe chmod 0644 'default/nss'
+maybe chmod 0644 'default/opendkim'
 maybe chmod 0644 'default/rcS'
 maybe chmod 0644 'default/rsync'
 maybe chmod 0644 'default/rsyslog'
@@ -584,6 +585,7 @@ maybe chmod 0755 'init.d/mysql'
 maybe chmod 0755 'init.d/netfilter-persistent'
 maybe chmod 0755 'init.d/networking'
 maybe chmod 0755 'init.d/nginx'
+maybe chmod 0755 'init.d/opendkim'
 maybe chmod 0755 'init.d/php5-fpm'
 maybe chmod 0755 'init.d/postfix'
 maybe chmod 0755 'init.d/procps'
@@ -813,6 +815,7 @@ maybe chmod 0644 'nginx/templates/sogo.tmpl'
 maybe chmod 0644 'nginx/uwsgi_params'
 maybe chmod 0644 'nginx/win-utf'
 maybe chmod 0644 'nsswitch.conf'
+maybe chmod 0644 'opendkim.conf'
 maybe chmod 0755 'opt'
 maybe chmod 0644 'pam.conf'
 maybe chmod 0755 'pam.d'

diff --git a/default/opendkim b/default/opendkim
new file mode 100644 (file)
index 0000000..7ab3d24
--- /dev/null
+++ b/default/opendkim
@@ -0,0 +1,10 @@
+# Command-line options specified here will override the contents of
+# /etc/opendkim.conf. See opendkim(8) for a complete list of options.
+#DAEMON_OPTS=""
+#
+# Uncomment to specify an alternate socket
+# Note that setting this will override any Socket value in opendkim.conf
+#SOCKET="local:/var/run/opendkim/opendkim.sock" # default
+#SOCKET="inet:54321" # listen on all interfaces on port 54321
+#SOCKET="inet:12345@localhost" # listen on loopback on port 12345
+#SOCKET="inet:12345@192.0.2.1" # listen on 192.0.2.1 on port 12345

diff --git a/group b/group
index 7c5f4247221214eb97a1cbc004c2eaea01a663ff..03f3a50ee081677f586ec46aea057304118bae08 100644 (file)
--- a/group
+++ b/group
@@ -62,3 +62,4 @@ iredadmin:x:2001:
 iredapd:x:2002:
 ulog:x:121:
 wireshark:x:122:
+opendkim:x:123:

diff --git a/group- b/group-
index e723d8ac7b7e28088784fc3e851bfd6a7d435842..7c5f4247221214eb97a1cbc004c2eaea01a663ff 100644 (file)
--- a/group-
+++ b/group-
@@ -1,15 +1,15 @@
-root:x:0:frank
-daemon:x:1:frank
-bin:x:2:frank
-sys:x:3:frank
+root:x:0:frank,taurec
+daemon:x:1:frank,taurec
+bin:x:2:frank,taurec
+sys:x:3:frank,taurec
 adm:x:4:
-tty:x:5:frank
-disk:x:6:frank
-lp:x:7:frank
-mail:x:8:frank
+tty:x:5:frank,taurec
+disk:x:6:frank,taurec
+lp:x:7:frank,taurec
+mail:x:8:frank,taurec
 news:x:9:
 uucp:x:10:
-man:x:12:frank
+man:x:12:frank,taurec
 proxy:x:13:
 kmem:x:15:
 dialout:x:20:
@@ -18,23 +18,23 @@ voice:x:22:
 cdrom:x:24:
 floppy:x:25:
 tape:x:26:
-sudo:x:27:frank
-audio:x:29:frank
+sudo:x:27:frank,taurec
+audio:x:29:frank,taurec
 dip:x:30:
 www-data:x:33:
 backup:x:34:
-operator:x:37:frank
+operator:x:37:frank,taurec
 list:x:38:
 irc:x:39:
 src:x:40:
 gnats:x:41:
 shadow:x:42:
 utmp:x:43:
-video:x:44:frank
+video:x:44:frank,taurec
 sasl:x:45:
 plugdev:x:46:
-staff:x:50:frank
-games:x:60:frank
+staff:x:50:frank,taurec
+games:x:60:frank,taurec
 users:x:100:
 nogroup:x:65534:
 input:x:101:
@@ -43,11 +43,11 @@ systemd-timesync:x:103:
 systemd-network:x:104:
 systemd-resolve:x:105:
 systemd-bus-proxy:x:106:
-crontab:x:107:frank
+crontab:x:107:frank,taurec
 netdev:x:108:
 ssh:x:109:
 messagebus:x:110:
-mlocate:x:111:frank
+mlocate:x:111:frank,taurec
 mysql:x:112:
 ssl-cert:x:113:
 postfix:x:114:

diff --git a/gshadow b/gshadow
index ec555ecbaabcb2343e9568520f76a80e8275f337..7d694477a54f39f790244462e82512090835e7f2 100644 (file)
--- a/gshadow
+++ b/gshadow
@@ -62,3 +62,4 @@ iredadmin:!::
 iredapd:!::
 ulog:!::
 wireshark:!::
+opendkim:!::

diff --git a/gshadow- b/gshadow-
index 399218d824eeba0d54a720dfc76872c450d5e1dd..ec555ecbaabcb2343e9568520f76a80e8275f337 100644 (file)
--- a/gshadow-
+++ b/gshadow-
@@ -1,15 +1,15 @@
-root:*::frank
-daemon:*::frank
-bin:*::frank
-sys:*::frank
+root:*::frank,taurec
+daemon:*::frank,taurec
+bin:*::frank,taurec
+sys:*::frank,taurec
 adm:*::
-tty:*::frank
-disk:*::frank
-lp:*::frank
-mail:*::frank
+tty:*::frank,taurec
+disk:*::frank,taurec
+lp:*::frank,taurec
+mail:*::frank,taurec
 news:*::
 uucp:*::
-man:*::frank
+man:*::frank,taurec
 proxy:*::
 kmem:*::
 dialout:*::
@@ -18,23 +18,23 @@ voice:*::
 cdrom:*::
 floppy:*::
 tape:*::
-sudo:*::frank
-audio:*::frank
+sudo:*::frank,taurec
+audio:*::frank,taurec
 dip:*::
 www-data:*::
 backup:*::
-operator:*::frank
+operator:*::frank,taurec
 list:*::
 irc:*::
 src:*::
 gnats:*::
 shadow:*::
 utmp:*::
-video:*::frank
+video:*::frank,taurec
 sasl:*::
 plugdev:*::
-staff:*::frank
-games:*::frank
+staff:*::frank,taurec
+games:*::frank,taurec
 users:*::
 nogroup:*::
 input:!::
@@ -43,11 +43,11 @@ systemd-timesync:!::
 systemd-network:!::
 systemd-resolve:!::
 systemd-bus-proxy:!::
-crontab:!::frank
+crontab:!::frank,taurec
 netdev:!::
 ssh:!::
 messagebus:!::
-mlocate:!::frank
+mlocate:!::frank,taurec
 mysql:!::
 ssl-cert:!::
 postfix:!::

diff --git a/init.d/opendkim b/init.d/opendkim
new file mode 100755 (executable)
index 0000000..83d38fb
--- /dev/null
+++ b/init.d/opendkim
@@ -0,0 +1,162 @@
+#! /bin/sh
+#
+### BEGIN INIT INFO
+# Provides:            opendkim
+# Required-Start:      $syslog $time $local_fs $remote_fs $named $network
+# Required-Stop:       $syslog $time $local_fs $remote_fs
+# Default-Start:       2 3 4 5
+# Default-Stop:                0 1 6
+# Short-Description:   Start the OpenDKIM service
+# Description:         Enable DKIM signing and verification provided by OpenDKIM
+### END INIT INFO
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=/usr/sbin/opendkim
+NAME=opendkim
+DESC="OpenDKIM"
+RUNDIR=/var/run/$NAME
+USER=opendkim
+GROUP=opendkim
+SOCKET=local:$RUNDIR/$NAME.sock
+PIDFILE=$RUNDIR/$NAME.pid
+
+# How long to wait for the process to die on stop/restart
+stoptimeout=5
+
+test -x $DAEMON || exit 0
+
+# Include LSB provided init functions
+. /lib/lsb/init-functions
+
+# Include opendkim defaults if available
+if [ -f /etc/default/opendkim ] ; then
+       . /etc/default/opendkim
+fi
+
+if [ -f /etc/opendkim.conf ]; then
+       CONFIG_SOCKET=`awk '$1 == "Socket" { print $2 }' /etc/opendkim.conf`
+fi
+
+# This can be set via Socket option in config file, so it's not required
+if [ -n "$SOCKET" -a -z "$CONFIG_SOCKET" ]; then
+       DAEMON_OPTS="-p $SOCKET $DAEMON_OPTS"
+fi
+
+DAEMON_OPTS="-x /etc/opendkim.conf -u $USER -P $PIDFILE $DAEMON_OPTS"
+
+start() {
+       # Create the run directory if it doesn't exist
+       if [ ! -d "$RUNDIR" ]; then
+               install -o "$USER" -g "$GROUP" -m 755 -d "$RUNDIR" || return 2
+               [ -x /sbin/restorecon ] && /sbin/restorecon "$RUNDIR"
+       fi
+       # Clean up stale sockets
+       if [ -f "$PIDFILE" ]; then
+               pid=`cat $PIDFILE`
+               if ! ps -C "$DAEMON" -s "$pid" >/dev/null; then
+                       rm "$PIDFILE"
+                       TMPSOCKET=""
+                       if [ -n "$SOCKET" ]; then
+                               TMPSOCKET="$SOCKET"
+                       elif [ -n "$CONFIG_SOCKET" ]; then
+                               TMPSOCKET="$CONFIG_SOCKET"
+                       fi
+                       if [ -n "$TMPSOCKET" ]; then
+                               # UNIX sockets may be specified with or without the
+                               # local: prefix; handle both
+                               t=`echo $SOCKET | cut -d: -f1`
+                               s=`echo $SOCKET | cut -d: -f2`
+                               if [ -e "$s" -a -S "$s" ]; then
+                                       if [ "$t" = "$s" -o "$t" = "local" ]; then
+                                               rm "$s"
+                                       fi
+                               fi
+                       fi
+               fi
+       fi
+       start-stop-daemon --start --quiet --pidfile "$PIDFILE" --exec "$DAEMON" --test -- $DAEMON_OPTS || return 1
+       start-stop-daemon --start --quiet --pidfile "$PIDFILE" --exec "$DAEMON" -- $DAEMON_OPTS || return 2
+       # Detect exit status 78 (configuration error)
+       ret=$?
+       if [ $ret -eq 78 ]; then
+               echo "See /usr/share/doc/opendkim/README.Debian for help"
+               echo "Starting for DKIM verification only"
+               DAEMON_OPTS="-b v $DAEMON_OPTS"
+               start-stop-daemon --start --quiet --pidfile "$PIDFILE" --exec "$DAEMON" -- $DAEMON_OPTS
+               exit 0
+       elif [ $ret -ne 0 ]; then
+               exit $ret
+       fi
+}
+
+stop() {
+       start-stop-daemon --stop --retry "$stoptimeout" --exec "$DAEMON"
+       [ "$?" = 2 ] && return 2
+}
+
+reload() {
+       start-stop-daemon --stop --signal USR1 --exec "$DAEMON"
+}
+
+status() {
+    local pidfile daemon name status
+
+    pidfile=
+    OPTIND=1
+    while getopts p: opt ; do
+        case "$opt" in
+            p)  pidfile="$OPTARG";;
+        esac
+    done
+    shift $(($OPTIND - 1))
+
+    if [ -n "$pidfile" ]; then
+        pidfile="-p $pidfile"
+    fi
+    daemon="$1"
+    name="$2"
+
+    status="0"
+    pidofproc $pidfile $daemon >/dev/null || status="$?"
+    if [ "$status" = 0 ]; then
+        log_success_msg "$name is running"
+        return 0
+    else
+        log_failure_msg "$name is not running"
+        return $status
+    fi
+}
+
+case "$1" in
+  start)
+       echo -n "Starting $DESC: "
+       start
+       echo "$NAME."
+       ;;
+  stop)
+       echo -n "Stopping $DESC: "
+       stop
+       echo "$NAME."
+       ;;
+  restart)
+       echo -n "Restarting $DESC: "
+       stop
+       start
+       echo "$NAME."
+       ;;
+  reload|force-reload)
+       echo -n "Restarting $DESC: "
+       reload
+       echo "$NAME."
+       ;;
+  status)
+       status $DAEMON $NAME
+       ;;
+  *)
+       N=/etc/init.d/$NAME
+       echo "Usage: $N {start|stop|restart|reload|force-reload|status}" >&2
+       exit 1
+       ;;
+esac
+
+exit 0

diff --git a/opendkim.conf b/opendkim.conf
new file mode 100644 (file)
index 0000000..46cff22
--- /dev/null
+++ b/opendkim.conf
@@ -0,0 +1,33 @@
+# This is a basic configuration that can easily be adapted to suit a standard
+# installation. For more advanced options, see opendkim.conf(5) and/or
+# /usr/share/doc/opendkim/examples/opendkim.conf.sample.
+
+# Log to syslog
+Syslog                 yes
+# Required to use local socket with MTAs that access the socket as a non-
+# privileged user (e.g. Postfix)
+UMask                  002
+
+# Sign for example.com with key in /etc/mail/dkim.key using
+# selector '2007' (e.g. 2007._domainkey.example.com)
+#Domain                        example.com
+#KeyFile               /etc/mail/dkim.key
+#Selector              2007
+
+# Commonly-used options; the commented-out versions show the defaults.
+#Canonicalization      simple
+#Mode                  sv
+#SubDomains            no
+#ADSPAction            continue
+
+# Always oversign From (sign using actual From and a null From to prevent
+# malicious signatures header fields (From and/or others) between the signer
+# and the verifier.  From is oversigned by default in the Debian pacakge
+# because it is often the identity key used by reputation systems and thus
+# somewhat security sensitive.
+OversignHeaders                From
+
+# List domains to use for RFC 6541 DKIM Authorized Third-Party Signatures
+# (ATPS) (experimental)
+
+#ATPSDomains           example.com

diff --git a/passwd b/passwd
index 5c7c1ba0205e8785087b6681725962a171e60b57..1b72f766b70a3bfdb90ae6df9ff22b58eec7e6ef 100644 (file)
--- a/passwd
+++ b/passwd
@@ -35,3 +35,4 @@ iredapd:x:2002:2002::/home/iredapd:/usr/sbin/nologin
 ulog:x:113:121::/var/log/ulog:/bin/false
 frank:x:1017:100:Frank Brehm:/home/frank:/bin/bash
 taurec:x:1000:100:Jörn Valentin:/home/taurec:/bin/bash
+opendkim:x:114:123::/var/run/opendkim:/bin/false

diff --git a/passwd- b/passwd-
index 7f2e12df9998943114e4e9c0846ac3d2b08e897c..1b72f766b70a3bfdb90ae6df9ff22b58eec7e6ef 100644 (file)
--- a/passwd-
+++ b/passwd-
@@ -34,3 +34,5 @@ iredadmin:x:2001:2001::/home/iredadmin:/usr/sbin/nologin
 iredapd:x:2002:2002::/home/iredapd:/usr/sbin/nologin
 ulog:x:113:121::/var/log/ulog:/bin/false
 frank:x:1017:100:Frank Brehm:/home/frank:/bin/bash
+taurec:x:1000:100:Jörn Valentin:/home/taurec:/bin/bash
+opendkim:x:114:123::/var/run/opendkim:/bin/false

diff --git a/rc0.d/K01opendkim b/rc0.d/K01opendkim
new file mode 120000 (symlink)
index 0000000..9ade01c
--- /dev/null
+++ b/rc0.d/K01opendkim
@@ -0,0 +1 @@
+../init.d/opendkim
\ No newline at end of file

diff --git a/rc1.d/K01opendkim b/rc1.d/K01opendkim
new file mode 120000 (symlink)
index 0000000..9ade01c
--- /dev/null
+++ b/rc1.d/K01opendkim
@@ -0,0 +1 @@
+../init.d/opendkim
\ No newline at end of file

diff --git a/rc2.d/S02opendkim b/rc2.d/S02opendkim
new file mode 120000 (symlink)
index 0000000..9ade01c
--- /dev/null
+++ b/rc2.d/S02opendkim
@@ -0,0 +1 @@
+../init.d/opendkim
\ No newline at end of file

diff --git a/rc3.d/S02opendkim b/rc3.d/S02opendkim
new file mode 120000 (symlink)
index 0000000..9ade01c
--- /dev/null
+++ b/rc3.d/S02opendkim
@@ -0,0 +1 @@
+../init.d/opendkim
\ No newline at end of file

diff --git a/rc4.d/S02opendkim b/rc4.d/S02opendkim
new file mode 120000 (symlink)
index 0000000..9ade01c
--- /dev/null
+++ b/rc4.d/S02opendkim
@@ -0,0 +1 @@
+../init.d/opendkim
\ No newline at end of file

diff --git a/rc5.d/S02opendkim b/rc5.d/S02opendkim
new file mode 120000 (symlink)
index 0000000..9ade01c
--- /dev/null
+++ b/rc5.d/S02opendkim
@@ -0,0 +1 @@
+../init.d/opendkim
\ No newline at end of file

diff --git a/rc6.d/K01opendkim b/rc6.d/K01opendkim
new file mode 120000 (symlink)
index 0000000..9ade01c
--- /dev/null
+++ b/rc6.d/K01opendkim
@@ -0,0 +1 @@
+../init.d/opendkim
\ No newline at end of file

diff --git a/shadow b/shadow
index 6c51ba09490d4422b84523d97f1adc0f391fdd6e..f07f3429247c239a7904b580b7df8f5e9f6b6a58 100644 (file)
--- a/shadow
+++ b/shadow
@@ -35,3 +35,4 @@ iredapd:!:17002:0:99999:7:::
 ulog:*:17003:0:99999:7:::
 frank:$6$XvWKCqsO$ilXvfnvvIT/ot91lmWUlX.crje8qP/jQvAh9r1XTUJFWKKM9mx5YdCOpBBBjqJ/vqrBo2tqTo5LpLKNAv1F241:17007:0:99999:7:::
 taurec:!:17026:0:99999:7:::
+opendkim:*:17261:0:99999:7:::

diff --git a/shadow- b/shadow-
index f50928469c1dd125588023dfed78aa0120599ace..f07f3429247c239a7904b580b7df8f5e9f6b6a58 100644 (file)
--- a/shadow-
+++ b/shadow-
@@ -34,3 +34,5 @@ iredadmin:!:17002:0:99999:7:::
 iredapd:!:17002:0:99999:7:::
 ulog:*:17003:0:99999:7:::
 frank:$6$XvWKCqsO$ilXvfnvvIT/ot91lmWUlX.crje8qP/jQvAh9r1XTUJFWKKM9mx5YdCOpBBBjqJ/vqrBo2tqTo5LpLKNAv1F241:17007:0:99999:7:::
+taurec:!:17026:0:99999:7:::
+opendkim:*:17261:0:99999:7:::

diff --git a/subgid b/subgid
index c62e21fe1570e7f19def219d76723ada22f9f330..16dfda0789ba7f5051586807ecb3dbf17b41e7c6 100644 (file)
--- a/subgid
+++ b/subgid
@@ -17,3 +17,4 @@ iredapd:1083040:65536
 ulog:1148576:65536
 frank:1214112:65536
 taurec:1279648:65536
+opendkim:1345184:65536

diff --git a/subgid- b/subgid-
index 971757ee0c3ad1c7a56b18dcf4362a57e69f3303..c62e21fe1570e7f19def219d76723ada22f9f330 100644 (file)
--- a/subgid-
+++ b/subgid-
@@ -16,3 +16,4 @@ iredadmin:1017504:65536
 iredapd:1083040:65536
 ulog:1148576:65536
 frank:1214112:65536
+taurec:1279648:65536

diff --git a/subuid b/subuid
index c62e21fe1570e7f19def219d76723ada22f9f330..16dfda0789ba7f5051586807ecb3dbf17b41e7c6 100644 (file)
--- a/subuid
+++ b/subuid
@@ -17,3 +17,4 @@ iredapd:1083040:65536
 ulog:1148576:65536
 frank:1214112:65536
 taurec:1279648:65536
+opendkim:1345184:65536

diff --git a/subuid- b/subuid-
index 971757ee0c3ad1c7a56b18dcf4362a57e69f3303..c62e21fe1570e7f19def219d76723ada22f9f330 100644 (file)
--- a/subuid-
+++ b/subuid-
@@ -16,3 +16,4 @@ iredadmin:1017504:65536
 iredapd:1083040:65536
 ulog:1148576:65536
 frank:1214112:65536
+taurec:1279648:65536