1. Compiling Dovecot From Sources 2. Compiling Dovecot From Mercurial 3. Compiling Dovecot with rpmbuild (Mandriva, RedHat, etc.) 4. SSL/TLS Support 1. Solaris and OpenSSL problems 5. Notify method 1. Linux 6. Optional Configure Options 1. SQL Driver Options 2. Authentication Backend Options 7. Dynamic Authentication Modules 8. Dynamic IMAP and POP3 Modules 9. Dynamic SQL drivers Compiling Dovecot From Sources ============================== For most people it is enough to do: ---%<------------------------------------------------------------------------- ./configure make sudo make install ---%<------------------------------------------------------------------------- That installs Dovecot under the '/usr/local' directory. The configuration file is in '/usr/local/etc/dovecot.conf'. Logging goes to syslog's mail facility by default, which typically goes to '/var/log/mail.log' or something similar. If you are in a hurry, you can then jump to<QuickConfiguration.txt>. If you have installed some libraries into locations which require special include or library paths, you can pass them in the 'CPPFLAGS' and 'LDFLAGS' environment variables. For example: ---%<------------------------------------------------------------------------- CPPFLAGS=-I/opt/openssl/include LDFLAGS=-L/opt/openssl/lib ./configure ---%<------------------------------------------------------------------------- Compiling Dovecot From Mercurial ================================ If you got Dovecot from Mercurial, for instance with ---%<------------------------------------------------------------------------- hg clone http://hg.dovecot.org/dovecot/ ---%<------------------------------------------------------------------------- you will first need to run './autogen.sh' to generate the 'configure' script and some other files. This requires that you have the 'autoconf', 'automake', 'libtool' and 'pkg-config' packages installed. It is also advisable to add '--enable-maintainer-mode' to the 'configure' script. Thus: ---%<------------------------------------------------------------------------- ./autogen.sh ./configure --enable-maintainer-mode make sudo make install ---%<------------------------------------------------------------------------- For later updates, you can use: ---%<------------------------------------------------------------------------- hg pull hg merge # if you've done any changes yourself hg update make sudo make install ---%<------------------------------------------------------------------------- Compiling Dovecot with rpmbuild (Mandriva, RedHat, etc.) ======================================================== Fetch the source rpm from ftp://ftp.surfnet.nl/ [ftp://ftp.surfnet.nl/vol/5/mandrakelinux/official/2007.0/SRPMS/contrib/release/] or any other mirror. At the moment of this writing dovecot-10.rc26.src.rpm can be found in the cooker subtree. If the current release is newer; updating the source rpm is not difficult. Unpack the source rpm with 'rpm -ivh dovecot-10.rc26.src.rpm' to a build environment (/usr/src/rpm...) Copy the newer tarball from the dovecot site to the SOURCES directory of the build environment. Change the dovecot.spec file in the SPECS directory to reflect the new release and the new name of the tarball. The maintainer seems to work with a bz2 tarball; a tar.gz tarball makes no difference Issue a rpmbuild -ba dovecot.spec. The resulting rpm will be placed in RPMS/i586 Install with rpm or urpmi. ---%<------------------------------------------------------------------------- rpm -ivh dovecot-1.0.rc26.src.rpm cd /usr/src/rpm mv ~/downloads/dovecot-1.0.rc28.tar.gz ./SOURCES cd SPECS vi dovecot.spec ...edit release and tarball name. Change default options if needed... rpmbuild -ba dovecot.spec cd ../RPMS/i586 urpmi ./dovecot-1.0.rc28-1mdv2007.0.i586.rpm ---%<------------------------------------------------------------------------- During this process missing prerequisites may be detected. Install them and rerun the build process. The spec file also need updating for the new add-ons (idxview and logview). SSL/TLS Support =============== Dovecot was initially built to support both OpenSSL and GNUTLS. GNUTLS has however had some problems and nowadays it does not work any more. Patches to fix it are welcome. OpenSSL is used by default now, and it should be automatically detected. If it is not, you are missing some header files or libraries, or they are just in a non-standard path. Make sure you have the 'openssl-dev' or a similar package installed, and if it is not in the standard location, set 'CPPFLAGS' and 'LDFLAGS' as shown in the first section above. [#nonstdpaths] By default the SSL certificate is read from '/etc/ssl/certs/dovecot.pem' and the private key from '/etc/ssl/private/dovecot.pem'. The '/etc/ssl' directory can be changed using the '--with-ssldir=DIR' configure option. Both can of course be overridden from the configuration file. Solaris and OpenSSL problems ---------------------------- Solaris 10 includes a bundled OpenSSL that does not function correctly with Dovecot when attempting to use SSL/TLS with the default dovecot config. This is because the default setting of ssl_cipher_list in 'dovecot.conf' is HIGH:!ALL; due to import restrictions in some countries (now apparently relaxed) the high level routines are part of the unbundled SUNWcry package and are not available if you don't have this package installed. This confuses the client as dovecot announces support for high level crypto and then cannot deliver. In any case, to resolve this you can alternatively (in decreasing order of simplicity): 1. Set 'ssl_cipher_list = MEDIUM:!LOW' in 'dovecot.conf' 2. Find and install the missing SUNWcry package. 3. Provide an alternate version of the openssl libraries that doesn't have the high grade routines removed for your protection (sigh). The bundled version of OpenSSL cannot be removed. Installing a newer OpenSSL from source or package (for instance, from http://sunfreeware.com/) will enable Dovecot to work correctly as long as you link against the new OpenSSL. Assuming you are building with the built-in ld, make and gcc, then your build should go something like this (notice the -R required by Sun's linker that sets the runtime linking path in the resulting programs so the OpenSSL libraries load from '/usr/local/ssl/lib'): ---%<------------------------------------------------------------------------- PATH=$PATH:/usr/sfw/bin:/usr/ccs/bin export PATH mv /usr/lib/pkgconfig/openssl.pc /usr/lib/pkgconfig/openssl.pc.orig CPPFLAGS=-I/usr/local/ssl/include \ LDFLAGS='-L/usr/local/ssl/lib -R/usr/local/ssl/lib' \ ./configure --with-ssl=openssl make make install ---%<------------------------------------------------------------------------- Notify method ============= Linux ----- Note that current 'inotify' is in the Linux kernel since version 2.6.13 and it is preferred over 'dnotify'. If your distribution does not have the required 'inotify' header file, you can get it from the inotify maintainer (this example requires cURL [http://curl.haxx.se/]): ---%<------------------------------------------------------------------------- mkdir -p /usr/local/include/sys cd /usr/local/include/sys curl ftp://ftp.kernel.org/pub/linux/kernel/people/rml/inotify/headers/inotify.h -O curl ftp://ftp.kernel.org/pub/linux/kernel/people/rml/inotify/headers/inotify-syscalls.h >> inotify.h ---%<------------------------------------------------------------------------- Optional Configure Options ========================== --help: gives a full list of available options --help=short: just lists the options added by the particular package (= Dovecot) Options are usually listed as '--with-something' or '--enable-something'. If you want to disable them, do it as '--without-something' or '--disable-something'. There are many default options that come from autoconf, automake or libtool. They are explained elsewhere. Here is a list of options that Dovecot adds. You should not usually have to change these, but they are described here just for completeness: --enable-ipv6: Enable IPv6 support. This is enabled by default if the system is detected to support it. --enable-debug: Enables some extra checks for debugging. This is mostly useful for developers. It does quite a lot of unnecessary work but should catch some programming mistakes more quickly. --enable-asserts: Enable assertion checks, enabled by default. Disabling them may slightly save some CPU, but if there are bugs they can cause more problems since they are not detected as early. --with-file-offset-size=BITS: Specifies if we use 32bit or 64bit file offsets. 64bit is the default if the system supports it (Linux and Solaris do). Dropping this to 32bit may save some memory, but it prevents accessing any file larger than 2 GB. --with-mem-align=BYTES: Specifies memory alignment used for memory allocations. It is needed with many non-x86 systems and it should speed up x86 systems too. Default is 8, to make sure 64bit memory accessing works. --with-ioloop=IOLOOP: Specifies what I/O loop method to use. Possibilities are 'select', 'poll', 'epoll' and 'kqueue'. The default is to use 'poll' if possible and fall back to 'select'. 'epoll' is faster than either of them, but it works only on Linux 2.6 kernels.'kqueue' is also faster, but works only on BSDs. --with-notify=NOTIFY: Specifies what file system notification method to use. Possibilities are 'dnotify', 'inotify' (both on Linux), 'kqueue' (FreeBSD) and 'none'. The default is to use dnotify if it is compilable, otherwise none. See Notify method [#notify] above for more information. --with-pop3d: Build POP3 server binary as well as IMAP server. It still has to be separately enabled from the configuration file before it is actually used. --with-deliver: Build Local Delivery Agent binary. --with-storages=FORMATS: Specifies what mailbox formats to support. Default is 'maildir,mbox'. SQL Driver Options ------------------ SQL drivers are typically used only for authentication, but they may be used as a lib-dict backend too, which can be used by plugins for different purposes. --with-sql-drivers: Build with specified SQL drivers. Defaults to all that were found with autodetection. --with-pgsql: Build with PostgreSQL support (requires pgsql-devel, libpq-dev or similar package) --with-mysql: Build with MySQL support (requires mysql-devel, libmysqlclient15-dev or similar package) --with-sqlite: Build with SQLite3 driver support (requires sqlite-devel, libsqlite3-dev or similar package) Authentication Backend Options ------------------------------ The basic backends are built if the system is detected to support them: --with-passwd: Build with NSS (typically '/etc/passwd') support --with-passwd-file: Build with passwd-like file support --with-shadow: Build with shadow password support --with-pam: Build with PAM support --with-checkpassword: Build with checkpassword support --with-bsdauth: Build with BSD authentication support (if supported by your OS) --with-static-userdb: Build with static userdb support --with-prefetch-userdb: Build with prefetch userdb support Some backends require extra libraries and are not necessarily wanted, so they are built only if specifically enabled: --with-sql: Build with generic SQL support (drivers are enabled separately) --with-ldap: Build with LDAP support (requires openldap-devel, libldap2-dev or similar package) --with-gssapi: Build with GSSAPI authentication support (requires krb5-devel, libkrb5-dev or similar package) --with-vpopmail: Build with vpopmail support (requires vpopmail sources or a devel package) Dynamic Authentication Modules ============================== Dovecot can also dynamically load authentication modules from the '$prefix/lib/dovecot/auth/' directory. Binary packages builders should use them for authentication modules which require external libraries (e. g. LDAP and vpopmail). There is no standard way to build them as modules currently, but something like this should work: ---%<------------------------------------------------------------------------- gcc -shared -fPIC -DHAVE_CONFIG_H -DUSERDB_LDAP -DPASSDB_LDAP \ -I../.. -I../lib -I../lib-settings \ db-ldap.c userdb-ldap.c passdb-ldap.c -o ldap.so -lldap gcc -shared -fPIC -DHAVE_CONFIG_H -DUSERDB_VPOPMAIL -DPASSDB_VPOPMAIL \ -I../.. -I../lib userdb-vpopmail.c passdb-vpopmail.c -o vpopmail.so \ -lvpopmail ---%<------------------------------------------------------------------------- Dynamic IMAP and POP3 Modules ============================= The 'mail_plugins' setting lists all plugins that Dovecot is supposed to load from the 'mail_plugin_dir' directory at program start. These plugins can do anything they want. They are only expected to contain the '<plugin name>_init' and '<plugin name>_deinit' functions which are called at startup and at exit. The plugin filename is prefixed with a number which specifies the order in which the plugins are loaded. This is important if one plugin depends on another. Dynamic SQL drivers =================== The SQL drivers can be used by dovecot-auth, but also by lib-dict. lib-dict then can be used by some plugins, for example enabling dict quota backend to keep the quota information in SQL database. You could place the SQL drivers into main plugin directory and create symlinks for them into auth/, imap/, pop3/ and lda/. ---%<------------------------------------------------------------------------- cd src/lib-sql gcc -shared -fPIC -DHAVE_CONFIG_H -DBUILD_PGSQL \ -I../.. -I../lib -I../lib-settings -I/usr/include/postgresql \ driver-pgsql.c -o driver_pgsql.so -L/usr/lib/postgresql -lpq gcc -shared -fPIC -DHAVE_CONFIG_H -DBUILD_MYSQL \ -I../.. -I../lib -I../lib-settings -I/usr/include/mysql \ driver-mysql.c -o driver_mysql.so -lmysqlclient ---%<------------------------------------------------------------------------- (This file was created from the wiki on 2007-06-15 04:42)