1<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN" 2 "http://www.w3.org/TR/html4/loose.dtd"> 3 4<html> 5 6<head> 7 8<title>Guidelines for Package Builders</title> 9 10<meta http-equiv="Content-Type" content="text/html; charset=us-ascii"> 11 12</head> 13 14<body> 15 16<h1><img src="postfix-logo.jpg" width="203" height="98" ALT="">Guidelines for Package Builders</h1> 17 18<hr> 19 20<h2>Purpose of this document</h2> 21 22<p> This document has hints and tips for those who manage their 23own Postfix binary distribution for internal use, and for those who 24maintain Postfix binary distributions for general use. </p> 25 26<h2>General distributions: please provide a small default main.cf 27file</h2> 28 29<p> The installed <a href="postconf.5.html">main.cf</a> file must be small. PLEASE resist the 30temptation to list all parameters in the <a href="postconf.5.html">main.cf</a> file. Postfix 31is supposed to be easy to configure. Listing all parameters in <a href="postconf.5.html">main.cf</a> 32defeats the purpose. It is an invitation for hobbyists to make 33random changes without understanding what they do, and gets them 34into endless trouble. </p> 35 36<h2>General distributions: please include README or HTML files</h2> 37 38<p> Please provide the applicable README or HTML files. They are 39referenced by the Postfix manual pages and by other files. Without 40README or HTML files, Postfix will be difficult if not impossible 41to configure. </p> 42 43<h2>Postfix Installation parameters</h2> 44 45<p> Postfix installation is controlled by a dozen installation 46parameters. See the postfix-install and post-install files for 47details. Most parameters have system-dependent default settings 48that are configurable at compile time, as described in the <a href="INSTALL.html">INSTALL</a> 49file. </p> 50 51<h2>Preparing a pre-built package for distribution to other 52systems</h2> 53 54<p> You can build a Postfix package on a machine that does not have 55Postfix installed on it. All you need is Postfix source code and 56a compilation environment that is compatible with the target system. 57</p> 58 59<p> You can build a pre-built Postfix package as an unprivileged 60user. </p> 61 62<p> First compile Postfix. After successful compilation, execute: 63</p> 64 65<blockquote> <pre> % <b>make package</b> </pre> 66</blockquote> 67 68<p> With Postfix versions before 2.2 you must invoke the post-install 69script directly (<tt>% <b>sh post-install</b></tt>). </p> 70 71<p> You will be prompted for installation parameters. Specify an 72install_root directory other than /. The <a href="postconf.5.html#mail_owner">mail_owner</a> and <a href="postconf.5.html#setgid_group">setgid_group</a> 73installation parameter settings will be recorded in the <a href="postconf.5.html">main.cf</a> 74file, but they won't take effect until the package is unpacked and 75installed on the destination machine. </p> 76 77<p> If you want to fully automate this process, specify all the 78non-default installation parameters on the command line: </p> 79 80<blockquote> 81<pre> % <b>make non-interactive-package install_root=/some/where</b>... 82</pre> </blockquote> 83 84<p> With Postfix versions before 2.2 you must invoke the post-install 85script directly (<tt>% <b>sh post-install -non-interactive 86install_root...</b></tt>). </p> 87 88<p> With Postfix 3.0 and later, the command "make package name=value 89..." will replace the string MAIL_VERSION in a configuration parameter 90value with the Postfix release version. Do not try to specify 91something like $<a href="postconf.5.html#mail_version">mail_version</a> on this command line. This produces 92inconsistent results with different versions of the make(1) command. 93</p> 94 95<h2>Begin Security Alert</h2> 96 97<p> <b> When building an archive for distribution, be sure to 98archive only files and symbolic links, not their parent directories. 99Otherwise, unpacking a pre-built Postfix package may mess up 100permission and/or ownership of system directories such as / /etc 101/usr /usr/bin /var /var/spool and so on. This is especially an 102issue if you executed postfix-install (see above) as an unprivileged 103user. </b> </p> 104 105<h2>End Security Alert</h2> 106 107<p> Thus, to tar up the pre-built package, take the following steps: 108</p> 109 110<blockquote> <pre> 111% cd INSTALL_ROOT 112% rm -f SOMEWHERE/outputfile 113% find . \! -type d -print | xargs tar rf SOMEWHERE/outputfile 114% gzip SOMEWHERE/outputfile </pre> </blockquote> 115 116<p>This way you will not include any directories that might cause 117trouble upon extraction. </p> 118 119<h2>Installing a pre-built Postfix package</h2> 120 121<ul> 122 123<li> <p> To unpack a pre-built Postfix package, execute the equivalent 124of: </p> 125 126<pre> 127# umask 022 128# gzip -d <outputfile.tar.gz | (cd / ; tar xvpf -) </pre> 129 130<p> The umask command is necessary for getting the correct permissions 131on non-Postfix directories that need to be created in the process. 132</p> 133 134<li> <p> Create the necessary <a href="postconf.5.html#mail_owner">mail_owner</a> account and <a href="postconf.5.html#setgid_group">setgid_group</a> 135group for exclusive use by Postfix. </p> 136 137<li> <p> Execute the postfix command to set ownership and permission 138of Postfix files and directories, and to update Postfix configuration 139files. If necessary, specify any non-default settings for <a href="postconf.5.html#mail_owner">mail_owner</a> 140or <a href="postconf.5.html#setgid_group">setgid_group</a> on the postfix command line: </p> 141 142<pre> 143# postfix set-permissions upgrade-configuration \ 144 <a href="postconf.5.html#setgid_group">setgid_group</a>=xxx <a href="postconf.5.html#mail_owner">mail_owner</a>=yyy 145</pre> 146 147<p> With Postfix versions before 2.1 you achieve the same result 148by invoking the post-install script directly. </p> 149 150</ul> 151 152</body> 153 154</html> 155
