[opendmarc-users] new Ubuntu config questions

Juri Haberland juri at sapienti-sat.org
Tue Jul 31 01:56:44 PDT 2018 

On 2018-07-30 08:20, Michael Fox wrote:
> Thanks Juri,  Some follow-up below...
> 
>> > 1)  PidFile:

> For configuring the socket, the init script checks the config file for 
> a
> configured socket and, if configured, doesn't issue the command line
> argument for the socket.  It seems it should do the same for the 
> PidFile
> (and any other command line option).  Or else, what's the point of 
> offering
> the PidFile option in the config file?  Right?  Perhaps this is a 
> package
> maintainer issue (whoever rights the init script)?

Yes, that's the right person to address these issues - but looking at 
the Ubuntu package repository, the current version is migrated to 
systemd with some of your issues already fixed.

>> > 2)  Public Suffix list:

>> It is used, but it looks like you found a little bug - error logging
>> should trigger here, but didn't. Will look into it.
> 
> More Info:

> I tried configuring "PublicSuffixList
> /usr/share/publicsuffix/public_suffix_list.dat"
> But then startup failed:

> I set it back to the directory name and startup worked:

That is odd - in my testings startup only fails, if the path (file or 
directory) does not exist. If it is an existing (and readable) file or 
directory, startup works.

> So ... maybe the comment in the config file sample is incorrect and it
> really is supposed to the directory name and not a path to a file?

No, looking at the source it indeed expects a file, but (at least on 
Linux, don't know about *BSD) giving it a directory doesn't produce a 
failure as it should - it just runs with an empty public suffix list.

In the version that I have in my PPA is a patch included that 
(unfortunately) introduces another bug: Even if the file (or dir) does 
not exists, startup works and the error is silently ignored. I need to 
investigate this further and fix the patch.

Bottom line:
This option really expects a file - if it fails with that, there must be 
a typo somewhere.

>> > 3)  History File:

> So, here's what I did that appears to be working (Ubuntu package 
> maintainer
> please take note):
> $ sudo mkdir /var/lib/opendmarc
> $ sudo chown opendmarc:opendmarc /var/lib/opendmarc
> opendmarc.conf:
>   HistoryFile /var/lib/opendmarc/opendmarc.dat
>   RecordAllMessages true    (for now, while I'm testing)
> Add logrotate config to rotate the file weekly

No, logrotate is not needed as the idea is to run opendmarc-import* at 
0:00 UTC to import the data into a database and generate the reports 
with opendmarc-resports. The file will be deleted/reset by these 
scripts.

>> > Lastly, is there a way to display all of the values of all config
>> variables

> If you're familiar with Postfix, I'm thinking of something like 
> "postconf
> -p" to spit out all options and values so we can see what opendmarc 
> thinks
> they are. In this case, maybe "opendmarc -e" could spit out the
> "environment".

Nice idea, but this will certainly not happen any time soon, as 
development on OpenDMARC is quite slow - that's why I publish the 
enhanced version in my PPA, which you really should give a try, as 1.3.1 
has many bugs.

Cheers,
   Juri

More information about the opendmarc-users mailing list