RE: key data is not secure

From: Steve Jenkins <>
Date: Wed, 12 Jan 2011 00:06:28 -0700

> Murray S. Kucherawy wrote:
> > Ah, OK. Maybe Steve would like to contribute his script to our
> > distributions? :-)

> Chris wrote:
> The script is significantly shorter and easier to understand (IMO) than the
> one currently in contrib, but it only works on redhat-based systems, so if you
> did want to put it in contrib, you would want to indicate that somehow.
> I made some (what I consider to be) improvements to Steve's script. I
> attached my modified version.
> Changes made to Steve's script:
> - using 'service opendkim start' while opendkim is already running no longer
> causes it to start another instance.
> - added reload handler. using 'service opendkim reload' with opendkim
> >= 2.3.0 will trigger config file reload.
> Feel free to add this to contrib, or modify it, or anything else you may want to
> do with it.

I also consider them improvements, Chris! Nice job.

Reviewing the startup script more closely just now (I was checking out Chris' awesome tweeks), I noticed that I inadvertently left the pidfile name as "" since this script was originally for the dkim-milter package. I messed with dkim-milter a long time ago but never could quite get it working how I wanted. OpenDKIM is SO much better. :)

So I just did ANOTHER update to the blog post (and the script) replacing "" with "" in both the script and the /etc/opendkim.conf file. I also added a version number to the script to help keep track of changes. The UPDATED updated version is attached, and we'll call it version 1.1.

Again - anyone who used a previous version of the script on my blog who decides to swap it out for this one (which is a good idea) MUST also change their /etc/opendkim.conf file to reference the updated pidfile name. If you only update the script and not the conf file, the daemon will start ok, but you won't be able to use service opendkim stop it.



Received on Wed Jan 12 2011 - 07:06:43 PST

This archive was generated by hypermail 2.3.0 : Mon Oct 29 2012 - 23:20:15 PST