X-Original-To: alpine-aports@lists.alpinelinux.org Received: from mail-wj0-f180.google.com (mail-wj0-f180.google.com [209.85.210.180]) by lists.alpinelinux.org (Postfix) with ESMTP id 38CB55C4459 for ; Fri, 25 Nov 2016 15:20:40 +0000 (GMT) Received: by mail-wj0-f180.google.com with SMTP id xy5so61585267wjc.0 for ; Fri, 25 Nov 2016 07:20:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=1QCydri3cCt7Oe1SzjWopJRmHPENnNwCqpqvMxfXDuQ=; b=OetK1Do8MHq379fCHCf21XXPfjQpCs/WnmyqVvYpL7rWnS/hLfv19k2sFSBZyguVRl 2/WBTzkAxn6f4mpJ7wx1Ns9++4WgoqjyTBdjSY/ZALSSYPO7pFEBoj/4XcmkoSmznsn2 uC1nFPCET8hXBsxkbtd4ZIgsCSMHfuN9RNqsse0i4h0uIy8xJlsnwLstXIVP+NoFQpGG MF6W61xkwllbQEV9akSNK5CW1VQ02aIr8+twLKxbYolwymT3hrHVgd9VH3EX1HZnu3Hs Fg5QTQJrIeEMBjfo13vrVZnKwuge/k+KwbMV00BU3K3ZtzXEJBAxXdrZfuMFIMk9mbon yIxA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=1QCydri3cCt7Oe1SzjWopJRmHPENnNwCqpqvMxfXDuQ=; b=g8e2Ozvu7d/cwzjOYyHnwEuwfndasI9u2M3xAJG/Z15mkJZpZAjTP7NaDEv6Zbw1cc r7TMctGZMds8WnXzts8mPcovlt6H1Nr9YjSHL7lXP0bQ7sUaBwdWSryYtHfQ2HGrg7k9 pkB73WJ49QNDbcAoWq3PKlyP8A/nHOhphs7yid9G2aPTsOFIU1VKMzbSdBcD0gr+zS78 qyMCYPv6sNUco5MKwKXPEbXg/9qNyLcFG0sfDo3UyVWRwKTk92Elw+/DS1kj6WlJnOh8 cEmHyAjrU9gMeUp5jPpwgcffJ6KK3ARq+0GaM6SuCwwUK6wtHsOf/hFfokR5CKyxgtNa Sx9w== X-Gm-Message-State: AKaTC00jpwRiNv4FFBAAeH2Fx39DNz4N+ZKAhB7ocZSOkFPbZ+LFy/63kqMrcPx4ZYHEyaj+HMnUtSHIPYQ7rA== X-Received: by 10.194.75.161 with SMTP id d1mr7810367wjw.7.1480087239351; Fri, 25 Nov 2016 07:20:39 -0800 (PST) X-Mailinglist: alpine-aports Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: MIME-Version: 1.0 Received: by 10.80.141.93 with HTTP; Fri, 25 Nov 2016 07:20:38 -0800 (PST) In-Reply-To: <20161125130044.009c9518@ncopa-macbook.copa.dup.pw> References: <20161125132727.10281-1-valery.kartel@gmail.com> <20161125130044.009c9518@ncopa-macbook.copa.dup.pw> From: Valery Kartel Date: Fri, 25 Nov 2016 17:20:38 +0200 Message-ID: Subject: Re: [alpine-aports] [PATCH v3] testing/rspamd: upgrade to 1.4.0 + some fixups To: Natanael Copa Cc: alpine-aports Content-Type: multipart/alternative; boundary=047d7beb9f662363a2054221aafd --047d7beb9f662363a2054221aafd Content-Type: text/plain; charset=UTF-8 2016-11-25 17:00 GMT+02:00 Natanael Copa : > Thank you for working on this. Please see comments below. > > On Fri, 25 Nov 2016 15:27:27 +0200 > Valery Kartel wrote: > > > subpackage rename: www -> controller > > subpackage add: fuzzy, utils > > fix /var/lib/rspamd permissions > > fix run in lxc container (create and mount /dev/shm) > > > > --- > > testing/rspamd/APKBUILD | 95 > ++++++++++++++++++++++----------- > > testing/rspamd/rspamd.conf | 21 ++++++-- > > testing/rspamd/rspamd.initd | 13 +++-- > > testing/rspamd/rspamd.worker_controller | 9 +--- > > testing/rspamd/rspamd.worker_fuzzy | 6 +++ > > testing/rspamd/rspamd.worker_normal | 6 +-- > > 6 files changed, 100 insertions(+), 50 deletions(-) > > create mode 100644 testing/rspamd/rspamd.worker_fuzzy > > ... > > > @@ -12,15 +12,18 @@ pkgusers="rspamd" > > pkggroups="rspamd" > > depends="" > > depends_dev="" > > -makedepends="$depends_dev cmake libressl-dev libevent-dev glib-dev > gmime-dev > > - lua5.1-dev lua5.1 sqlite-dev hiredis-dev file-dev pcre-dev ragel" > > +makedepends="$depends_dev cmake ragel perl > > + luajit-dev glib-dev pcre-dev gmime-dev libevent-dev sqlite-dev > > + libressl-dev file-dev curl-dev" > > install="$pkgname.pre-install" > > Why do we use luajit instead of "normal" lua? Does this mean that we > need to disable PaX protections? > It's a new building defaults I saw in debian template. I'll try to recompile it with lua. BTW: what ssl is preferable libressl or openssl ? > > -subpackages="$pkgname-doc $pkgname-web $pkgname-client" > > +subpackages="$pkgname-doc $pkgname-controller::noarch $pkgname-client > > + $pkgname-fuzzy::noarch $pkgname-utils::noarch" > > source="https://rspamd.com/downloads/$pkgname-$pkgver.tar.xz > > $pkgname.logrotated > > $pkgname.initd > > $pkgname.confd > > $pkgname.conf > > + $pkgname.worker_fuzzy > > $pkgname.worker_normal > > $pkgname.worker_controller > > " > > ... > > > @@ -84,24 +96,43 @@ client() { > > mv "$pkgdir"/usr/bin/rspamc-$pkgver "$subpkgdir"/usr/bin/rspamc > > } > > > > -md5sums="ab81d063861d68b1e2260d1c599bf29c rspamd-1.3.4.tar.xz > > +fuzzy() { > > + depends="$pkgname" > > + pkgdesc="$pkgdesc (local fuzzy storage)" > > + mkdir -p "$subpkgdir"/etc/$pkgname/modules.d > > + mv "$pkgdir"/etc/$pkgname/worker-fuzzy.* "$subpkgdir"/etc/$pkgname > > + mv "$pkgdir"/etc/$pkgname/modules.d/fuzzy_* > "$subpkgdir"/etc/$pkgname/modules.d > > +} > > Is the fuzzy subpackage just a configuration file that we provide? is > the fuzzy config file available from upstream? > > This config is cutted from upstream's rspamd.conf. as well as worker-normal and worker-controller. I do this to make rspamd not open 13335 tcp connection by default. The same for controller subpackage and tcp 13334. > > + > > +utils() { > > + depends="perl" > > + pkgdesc="$pkgdesc (utils)" > > + mkdir -p "$subpkgdir"/usr/bin > > + mv "$pkgdir"/usr/bin/${pkgname}_stats "$subpkgdir"/usr/bin/${ > pkgname}-stats > > + mv "$pkgdir"/usr/bin/${pkgname}-redirector "$subpkgdir"/usr/bin > > +} > > + > > +1 We want utils that depends on perl to be in subpackage. > > ... > > > diff --git a/testing/rspamd/rspamd.conf b/testing/rspamd/rspamd.conf > > index fe737f9..1e37cb7 100644 > > --- a/testing/rspamd/rspamd.conf > > +++ b/testing/rspamd/rspamd.conf > > @@ -1,9 +1,24 @@ > > +# Please don't modify this file as your changes might be overwritten > with > > +# the next update. > > I believe this comment is false, in fact if you you don't modify the > config file it will be replaced with newer version. If you modify it, > the new updated config file will be installed as .apk-new > > It's a upstream's comments. They suggest to do changes in local.d/ and override.d/ configs, not in those ones. ... > > > diff --git a/testing/rspamd/rspamd.initd b/testing/rspamd/rspamd.initd > > index a20f784..b77a431 100644 > > --- a/testing/rspamd/rspamd.initd > > +++ b/testing/rspamd/rspamd.initd > > @@ -14,24 +14,29 @@ description_reopen="Reopen log files" > > > > depend() { > > need localmount net > > - before exim postfix > > + before mta > > } > > > > start_pre() { > > ebegin > > + # shm fix for lxc-containers > > + if ! grep -q ^shm /proc/mounts; then > > + checkpath --directory /dev/shm > > + mount -t tmpfs -o noexec,nosuid,nodev,mode=1777 shm > /dev/shm > > + fi > > mounting /dev/shm from rspamd init script does not make sense. If you > need /dev/shm mounted, then you should not need install and run rspamd. > This needs to be fixed other place, like lxc config. > > IIRC also python build needs /dev/shm > > It's a fast hack to make rspamd run on my lxc. I want to make a patch to someway use /run if no shm mounted. but now that's it. > > checkpath --directory --mode 750 --owner $user:$group ${pidfile%/*} > > $command $command_args -t >/dev/null 2>>${startuplog:-/dev/null} > > eend $? > > } > > > > reload() { > > - ebegin "Reloading ${SVCNAME}" > > + ebegin Reloading $SVCNAME > > why? > > > start-stop-daemon --signal HUP --pidfile $pidfile > > eend $? > > } > > > > reopen() { > > - ebegin "Reopening ${SVCNAME} log files" > > + ebegin Reopening $SVCNAME log files > > why? > > > start-stop-daemon --signal USR1 --pidfile $pidfile > > eend $? > > -} > > \ No newline at end of file > > +} > > ... > Just removed unneeded chars to reduce size ;) --047d7beb9f662363a2054221aafd Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable


2016-11-25 17:00 GMT+02:00 Natanael Copa <ncopa@alpinelinux.org>:
Thank y= ou for working on this. Please see comments below.

On Fri, 25 Nov 2016 15:27:27 +0200
Valery Kartel <valery.kartel@= gmail.com> wrote:

> subpackage rename: www -> controller
> subpackage add: fuzzy, utils
> fix /var/lib/rspamd permissions
> fix run in lxc container (create and mount /dev/shm)
>
> ---
>=C2=A0 testing/rspamd/APKBUILD=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0= =C2=A0 =C2=A0 =C2=A0| 95 ++++++++++++++++++++++-----------
>=C2=A0 testing/rspamd/rspamd.conf=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 | 21 ++++++--
>=C2=A0 testing/rspamd/rspamd.initd=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0| 13 +++--
>=C2=A0 testing/rspamd/rspamd.worker_controller |=C2=A0 9 +---
>=C2=A0 testing/rspamd/rspamd.worker_fuzzy=C2=A0 =C2=A0 =C2=A0 |=C2= =A0 6 +++
>=C2=A0 testing/rspamd/rspamd.worker_normal=C2=A0 =C2=A0 =C2=A0|=C2= =A0 6 +--
>=C2=A0 6 files changed, 100 insertions(+), 50 deletions(-)
>=C2=A0 create mode 100644 testing/rspamd/rspamd.worker_fuzzy

...

> @@ -12,15 +12,18 @@ pkgusers=3D"rspamd"
>=C2=A0 pkggroups=3D"rspamd"
>=C2=A0 depends=3D""
>=C2=A0 depends_dev=3D""
> -makedepends=3D"$depends_dev cmake libressl-dev libevent-dev glib= -dev gmime-dev
> -=C2=A0 =C2=A0 =C2=A0lua5.1-dev lua5.1 sqlite-dev hiredis-dev file-dev= pcre-dev ragel"
> +makedepends=3D"$depends_dev cmake ragel perl
> +=C2=A0 =C2=A0 =C2=A0luajit-dev glib-dev pcre-dev gmime-dev libevent-d= ev sqlite-dev
> +=C2=A0 =C2=A0 =C2=A0libressl-dev file-dev curl-dev"
>=C2=A0 install=3D"$pkgname.pre-install"

Why do we use luajit instead of "normal" lua? Does this me= an that we
need to disable PaX protections?

It's a new building defaults I saw in debian te= mplate. I'll try to recompile it with lua.

BTW: what ssl = is preferable libressl or openssl ?
=C2=A0
> -subpackages=3D"$pkgname-doc $pkgname-web $pkgname-client" > +subpackages=3D"$pkgname-doc $pkgname-controller::noarch $pkgname= -client
> +=C2=A0 =C2=A0 =C2=A0$pkgname-fuzzy::noarch $pkgname-utils::noarch&quo= t;
>=C2=A0 source=3D"https://rspamd.com/downloads/$pkgname-$pkgver.tar.xz
>=C2=A0 =C2=A0 =C2=A0 =C2=A0$pkgname.logrotated
>=C2=A0 =C2=A0 =C2=A0 =C2=A0$pkgname.initd
>=C2=A0 =C2=A0 =C2=A0 =C2=A0$pkgname.confd
>=C2=A0 =C2=A0 =C2=A0 =C2=A0$pkgname.conf
> +=C2=A0 =C2=A0 =C2=A0$pkgname.worker_fuzzy
>=C2=A0 =C2=A0 =C2=A0 =C2=A0$pkgname.worker_normal
>=C2=A0 =C2=A0 =C2=A0 =C2=A0$pkgname.worker_controller
>=C2=A0 "

...

> @@ -84,24 +96,43 @@ client() {
>=C2=A0 =C2=A0 =C2=A0 =C2=A0mv "$pkgdir"/usr/bin/rspamc-$= pkgver "$subpkgdir"/usr/bin/rspamc
>=C2=A0 }
>
> -md5sums=3D"ab81d063861d68b1e2260d1c599bf29c=C2=A0 rspa= md-1.3.4.tar.xz
> +fuzzy() {
> +=C2=A0 =C2=A0 =C2=A0depends=3D"$pkgname"
> +=C2=A0 =C2=A0 =C2=A0pkgdesc=3D"$pkgdesc (local fuzzy storage)&qu= ot;
> +=C2=A0 =C2=A0 =C2=A0mkdir -p "$subpkgdir"/etc/$pkgname/modules.d
> +=C2=A0 =C2=A0 =C2=A0mv "$pkgdir"/etc/$pkgname/worker-f= uzzy.* "$subpkgdir"/etc/$pkgname
> +=C2=A0 =C2=A0 =C2=A0mv "$pkgdir"/etc/$pkgname/modules.= d/fuzzy_* "$subpkgdir"/etc/$pkgname/modules.d
> +}

Is the fuzzy subpackage just a configuration file that we provide? i= s
the fuzzy config file available from upstream?

This config is cutted from upstream's rspamd.conf. as well as wor= ker-normal and worker-controller.

I do this to make rspamd not open 13335 tcp connection by default.

The same for controller subp= ackage and tcp 13334.
=C2=A0
> +
> +utils() {
> +=C2=A0 =C2=A0 =C2=A0depends=3D"perl"
> +=C2=A0 =C2=A0 =C2=A0pkgdesc=3D"$pkgdesc (utils)"
> +=C2=A0 =C2=A0 =C2=A0mkdir -p "$subpkgdir"/usr/bin
> +=C2=A0 =C2=A0 =C2=A0mv "$pkgdir"/usr/bin/${pkgname}_st= ats "$subpkgdir"/usr/bin/${pkgname}-stats
> +=C2=A0 =C2=A0 =C2=A0mv "$pkgdir"/usr/bin/${pkgname}-re= director "$subpkgdir"/usr/bin
> +}
> +

+1 We want utils that depends on perl to be in subpackage.

...

> diff --git a/testing/rspamd/rspamd.conf b/testing/rspamd/rspamd.conf > index fe737f9..1e37cb7 100644
> --- a/testing/rspamd/rspamd.conf
> +++ b/testing/rspamd/rspamd.conf
> @@ -1,9 +1,24 @@
> +# Please don't modify this file as your changes might be overwrit= ten with
> +# the next update.

I believe this comment is false, in fact if you you don't modify= the
config file it will be replaced with newer version. If you modify it,
the new updated config file will be installed as .apk-new


It's a upstream's commen= ts. They suggest to do ch= anges in local.d/ and override.d/ configs, not in those ones.
...

> diff --git a/testing/rspamd/rspamd.initd b/testing/rspamd/rspamd.initd=
> index a20f784..b77a431 100644
> --- a/testing/rspamd/rspamd.initd
> +++ b/testing/rspamd/rspamd.initd
> @@ -14,24 +14,29 @@ description_reopen=3D"Reopen log files"<= br> >
>=C2=A0 depend() {
>=C2=A0 =C2=A0 =C2=A0 =C2=A0need localmount net
> -=C2=A0 =C2=A0 =C2=A0before exim postfix
> +=C2=A0 =C2=A0 =C2=A0before mta
>=C2=A0 }
>
>=C2=A0 start_pre() {
>=C2=A0 =C2=A0 =C2=A0 =C2=A0ebegin
> +=C2=A0 =C2=A0 =C2=A0# shm fix for lxc-containers
> +=C2=A0 =C2=A0 =C2=A0if ! grep -q ^shm /proc/mounts; then
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0checkpath --directory= /dev/shm
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0mount -t tmpfs -o noe= xec,nosuid,nodev,mode=3D1777 shm /dev/shm
> +=C2=A0 =C2=A0 =C2=A0fi

mounting /dev/shm from rspamd init script does not make sense. If yo= u
need /dev/shm mounted, then you should not need install and run rspamd.
This needs to be fixed other place, like lxc config.

IIRC also python build needs /dev/shm

It's a fast h= ack to make rspamd run on my lxc. I want to make a patch to someway use /ru= n if no shm mounted.
but now that's it= .
=C2=A0
>=C2=A0 =C2=A0 =C2=A0 =C2=A0checkpath --directory --mode 750 --owner $us= er:$group ${pidfile%/*}
>=C2=A0 =C2=A0 =C2=A0 =C2=A0$command $command_args -t >/dev/null 2>= ;>${startuplog:-/dev/null}
>=C2=A0 =C2=A0 =C2=A0 =C2=A0eend $?
>=C2=A0 }
>
>=C2=A0 reload() {
> -=C2=A0 =C2=A0 =C2=A0ebegin "Reloading ${SVCNAME}"
> +=C2=A0 =C2=A0 =C2=A0ebegin Reloading $SVCNAME

why?

>=C2=A0 =C2=A0 =C2=A0 =C2=A0start-stop-daemon --signal HUP --pidfile $pi= dfile
>=C2=A0 =C2=A0 =C2=A0 =C2=A0eend $?
>=C2=A0 }
>
>=C2=A0 reopen() {
> -=C2=A0 =C2=A0 =C2=A0ebegin "Reopening ${SVCNAME} log files"=
> +=C2=A0 =C2=A0 =C2=A0ebegin Reopening $SVCNAME log files

why?

>=C2=A0 =C2=A0 =C2=A0 =C2=A0start-stop-daemon --signal USR1 --pidfile $p= idfile
>=C2=A0 =C2=A0 =C2=A0 =C2=A0eend $?
> -}
> \ No newline at end of file
> +}

...

Just removed = unneeded chars to reduce size ;)

--047d7beb9f662363a2054221aafd-- --- Unsubscribe: alpine-aports+unsubscribe@lists.alpinelinux.org Help: alpine-aports+help@lists.alpinelinux.org ---