You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by Warren Togami <wt...@redhat.com> on 2009/07/07 21:31:29 UTC
Optional rules, where from?
I think as a packager I will need to pre-package the rules, because I
will get too many complaints about the "run sa-update first"
requirement. Due to security requirements in our package build system,
it may not run sa-update during package build-time in order to grab
rules. I will need to include a rules tarball.
Should there be an "official" rules tarball?
Or is there an official way to grab the latest rules from svn?
Warren Togami
wtogami@redhat.com
Re: Optional rules, where from?
Posted by Justin Mason <jm...@jmason.org>.
On Wed, Jul 8, 2009 at 11:00, Mark Martinec<Ma...@ijs.si> wrote:
> On Wednesday 08 July 2009 11:29:24 Justin Mason wrote:
>> There will be a rules tarball alongside the main "code" tarball. See
>> what's on http://people.apache.org/~jm/devel/ for 3.3.0-alpha1;
>> there's one there.
>>
>> That can be installed using "sa-update --install /tmp/709395.tar.gz".
>>
>> Does that work?
>
> Btw, seems like the gpg key used to sign it (265FA05B) is not
> the one the sa-update prints the URL for:
>
>
>
> error: GPG validation failed!
> The update downloaded successfully, but it was not signed with a trusted GPG
> key. Instead, it was signed with the following keys:
>
> 265FA05B
>
> Perhaps you need to import the channel's GPG key? For example:
>
> wget http://spamassassin.apache.org/updates/GPG.KEY
> sa-update --import GPG.KEY
That's true -- it's just an example. in this case it's a different key used.
However in this case we _should_ be using the main rules-signing key,
not the distro-signing key, so that sa-update doesn't need special
flags. my mistake. could you open a bug?
--j.
Re: Optional rules, where from?
Posted by Mark Martinec <Ma...@ijs.si>.
On Wednesday 08 July 2009 11:29:24 Justin Mason wrote:
> There will be a rules tarball alongside the main "code" tarball. See
> what's on http://people.apache.org/~jm/devel/ for 3.3.0-alpha1;
> there's one there.
>
> That can be installed using "sa-update --install /tmp/709395.tar.gz".
>
> Does that work?
Btw, seems like the gpg key used to sign it (265FA05B) is not
the one the sa-update prints the URL for:
error: GPG validation failed!
The update downloaded successfully, but it was not signed with a trusted GPG
key. Instead, it was signed with the following keys:
265FA05B
Perhaps you need to import the channel's GPG key? For example:
wget http://spamassassin.apache.org/updates/GPG.KEY
sa-update --import GPG.KEY
Mark
Re: Optional rules, where from?
Posted by Justin Mason <jm...@jmason.org>.
There will be a rules tarball alongside the main "code" tarball. See
what's on http://people.apache.org/~jm/devel/ for 3.3.0-alpha1;
there's one there.
That can be installed using "sa-update --install /tmp/709395.tar.gz".
Does that work?
--j.
On Tue, Jul 7, 2009 at 22:07, Warren Togami<wt...@redhat.com> wrote:
> On 07/07/2009 03:31 PM, Warren Togami wrote:
>>
>> I think as a packager I will need to pre-package the rules, because I
>> will get too many complaints about the "run sa-update first"
>> requirement. Due to security requirements in our package build system,
>> it may not run sa-update during package build-time in order to grab
>> rules. I will need to include a rules tarball.
>>
>> Should there be an "official" rules tarball?
>> Or is there an official way to grab the latest rules from svn?
>
> For now I'm installing rules in the RPM package in /usr/share/spamassassin/
> where it used to be in 3.2.x. It seems to work, and sa-update works. I
> hope this continues to work.
>
> I only hope for an official documented way of building a rules tarball.
>
> Warren
>
>
Re: Optional rules, where from?
Posted by Warren Togami <wt...@redhat.com>.
On 07/07/2009 03:31 PM, Warren Togami wrote:
> I think as a packager I will need to pre-package the rules, because I
> will get too many complaints about the "run sa-update first"
> requirement. Due to security requirements in our package build system,
> it may not run sa-update during package build-time in order to grab
> rules. I will need to include a rules tarball.
>
> Should there be an "official" rules tarball?
> Or is there an official way to grab the latest rules from svn?
For now I'm installing rules in the RPM package in
/usr/share/spamassassin/ where it used to be in 3.2.x. It seems to
work, and sa-update works. I hope this continues to work.
I only hope for an official documented way of building a rules tarball.
Warren
Re: Optional rules, where from?
Posted by "Kevin A. McGrail" <km...@pccc.com>.
Warren,
My suggestion would be parameters be added to sa-update that:
A) download the rules, and not install them, ignoring the check for what
current rules are installed
B) install updates from a tar file that DOES check for the current rules
The goal being that someone like Warren could do something like
sa-update --download-only
and
sa-update --rules-tar=/tmp/709395.tar.gz
This could also be used for people who want to maintain boxes and distribute
tar balls in a different manner.
Regards,
KAM
----- Original Message -----
From: "Warren Togami" <wt...@redhat.com>
To: <de...@spamassassin.apache.org>
Sent: Tuesday, July 07, 2009 3:31 PM
Subject: Optional rules, where from?
>I think as a packager I will need to pre-package the rules, because I will
>get too many complaints about the "run sa-update first" requirement. Due
>to security requirements in our package build system, it may not run
>sa-update during package build-time in order to grab rules. I will need to
>include a rules tarball.
>
> Should there be an "official" rules tarball?
> Or is there an official way to grab the latest rules from svn?
>
> Warren Togami
> wtogami@redhat.com
>