Installation

Debian packages

We provide a repository for the stable release of Debian, also known as Etch or version 4.0 with apolicy and python-memcache packages. The etch backports is necessary too, follow the instructions bellow.

Import the GPG keys for integrity and authenticity: 

# wget http://www.apolicy.org/gpg/miguelfilho.gpg -O- -q | apt-key add -
OK
# wget http://backports.org/debian/archive.key -O- -q | apt-key add -
OK

Add to your sources.list: 

deb http://www.apolicy.org/debian etch main
deb http://www.backports.org/debian etch-backports main

With this you have a complete set of packages necessary to install apolicy. 

# aptitude update
# aptitude -t etch-backports install apolicy

Installation from source

Debian Etch 4.0 dependencies

# aptitude install python python-ipy python-dns python-twisted-core python-twisted-bin 
# wget http://ufpr.dl.sourceforge.net/sourceforge/pymilter/python-spf_2.0.3-0_all.deb
# dpkg -i python-spf_2.0.3-0_all.deb

{i} For all Ubuntu releases, make sure that the Universe repository is in your sources.list.

Ubuntu 6.06 dependencies

Add Dapper backports in sources.list. 

deb http://archive.ubuntu.com/ubuntu dapper-backports main universe

aptitude install python python-ipy python-dns python-twisted-core python-twisted-bin
aptitude install -t dapper-backports python-spf

Ubuntu 6.10, 7.04, 7.10, 8.04 dependencies

aptitude install python-ipy python-dns python-twisted-core python-twisted-bin python-spf

Fedora 7, 8, 9 dependencies

yum install python-twisted-core python-pyspf python-pydns python-IPy python-devel

Other distributions

apolicy depends on the following Python modules:

Your distribution might have most of them already packaged.

Installing

The following commands should do just fine for verify integrity and authenticity, you must be root: 

# wget http://www.apolicy.org/gpg/miguelfilho.gpg -O- -q | gpg --import
# wget http://download.gna.org/apolicy/apolicy-0.73.tar.gz
# wget http://download.gna.org/apolicy/apolicy-0.73.tar.gz.sig
# gpg --verify apolicy-0.73.tar.gz.sig
# tar zxf apolicy-0.73.tar.gz
# python setup.py install

<!> If you are updating from a previous installation, don't run python setup.py install, instead run this one: 

# python setup.py install_lib

The command above will preserve your configuration files.

Take a look at /etc/apolicy/main.conf for additional settings, and /etc/apolicy/policy.conf for the ACLs, actions and access configuration.

Init scripts

To start the daemon, you can use one of the init scripts supplied with the source.

Copy one of them to /etc/init.d, renaming to just apolicy.

Red Hat-like distributions: 

# chkconfig --add apolicy

Debian and derivatives: 

# update-rc.d apolicy defaults

Then use the your normal procedure to start/stop the service.

apolicy will listen by default on 127.0.0.1:10001.

By now the proccess must be running, check with ps and netstat. In case of any problem, check /var/log/syslog and /var/log/mail.log.

Configuring Postfix

Just add check_policy_service inet:127.0.0.1:10001 to smtpd_client_restrictions, smtpd_recipient_restrictions etc, and you are good to go.

Restart Postfix.

Logging

There is two log sources to get information, first is the log sent to syslog, using the mail facility. The other is the file /var/log/twistd.log. This file contains critical errors from the twisted daemon, keep an eye on this file too.

Debugging

You can turn debug on editing the configuration file /etc/apolicy/main.conf. Go to the bottom of the file and change this: 

[logger_apolicy]
level=INFO

To this: 

[logger_apolicy]
level=DEBUG

Then restart apolicy.

Installation (last edited 2008-05-25 15:05:51 by MiguelFilho)