Building opendmarc for Debian Jessie

I have been using Skelleton‘s guide1 to setup opendmarc on some mail server I am building.

My problem is the version of opendmarc that comes with Debian is 1.3.0 and this version has a bug2 which fails to honor the IgnoreAuthenticatedClients directive.

This is an attempt to build3 the newest version, 1.3.1, for Debian jessie.

Prepare the environment

  • Install all necessary packages:
    $ sudo apt -y install pbuilder debootstrap devscripts packaging-dev debian-keyring
  • Prepare a Debian jessie build environment:
    $ sudo pbuilder create --debootstrapopts --variant=buildd --mirror --distribution jessie --architecture amd64 --components main --debbuildopts -mJohn Doe \<john\>

Prepare the Debian environment for opendmarc 1.3.1

  • Download and extract the package:
    $ wget
    $ tar xvzf opendmarc-1.3.1.tar.gz
    $ cd opendmarc-1.3.1/
  • Prepare for Debian packaging:
    $ DEBFULLNAME="John Doe" DEBEMAIL="" dh_make -s -y --createorig
    • Rename the debian folder:
      $ mv debian debian.orig
  • Shamelessly copy *debian/** from the original:
    $ cd /tmp/
    $ apt-get source opendmarc
    $ cd opendmarc-1.3.1+dfsg/
    $ cp -a debian/ ~/opendmarc-1.3.1
  • Optional steps:
    • Change the Author name to yours in debian/control
    • Restore the debian/changelog file:

      $ cp debian.orig/changelog debian/

    • Get rid of the debian.orig folder:
      $ mv debian.orig/ ..
    • Edit the debian/changelog file with dch -e:
      opendmarc (1.3.1-1) unstable; urgency=medium<br />
        * Initial release: To fix the IgnoreAuthenticatedClients issue:

       -- John Doe </john><john>  Fri, 29 Apr 2016 13:43:22 +0300

Build opendmarc 1.3.1

  • Run pdebuild:
    $ pdebuild
  • You cab find the resultant debs under /var/cache/pbuilder/result/:
    $ ls -la /var/cache/pbuilder/result/
    total 868
    drwxr-xr-x 2 root      root        4096 Απρ  29 13:54 .
    drwxr-xr-x 8 root      root        4096 Απρ  29 12:56 ..
    -rw-r--r-- 1 theodotos theodotos  38534 Απρ  29 13:54 libopendmarc2_1.3.1-1_amd64.deb
    -rw-r--r-- 1 theodotos theodotos  64210 Απρ  29 13:54 libopendmarc-dev_1.3.1-1_amd64.deb
    -rw-r--r-- 1 theodotos theodotos   2348 Απρ  29 13:54 opendmarc_1.3.1-1_amd64.changes
    -rw-r--r-- 1 theodotos theodotos  75890 Απρ  29 13:54 opendmarc_1.3.1-1_amd64.deb
    -rw-rw-r-- 1 theodotos theodotos    846 Απρ  29 13:54 opendmarc_1.3.1-1.dsc
    -rw-r--r-- 1 theodotos theodotos 663859 Απρ  29 13:54 opendmarc_1.3.1-1.tar.gz
    -rw-r--r-- 1 theodotos theodotos  17136 Απρ  29 13:54 rddmarc_1.3.1-1_all.deb

You can now copy the debs over your mail server and test them.

Update: I did this before I had discovered that opendmarc 1.3.1 is in Debian jessie backports4. But an interesting drill nevertheless.


  1. ↩︎
  2. ↩︎
  3. ↩︎
  4.</john> ↩︎

Creating a new Debian package using pbuilder: gnujump

Yet another practical packaging session, this ine on how to build a Debian package from scratch. This one too is based on the packaging tutorial and practical sessions of Lucas Nussbaum.

We are going to download the source code of gnujump from upstream, and use the pbuilder tool to package it. The advantages of pbuider is that it creates a minimal chroot jail that helps you track any dependencies you might forgot to specify in debian/control. Also it gives you the opportunity to build Debian packages on Ubuntu and vice-versa. You can also build packages for releases other than your own.


  • A recent Debian or Ubuntu system.

Preparation of the pbuilder jail

Install pbuilder and relevant packages:

$ sudo apt-get -y install pbuilder debootstrap devscripts packaging-dev debian-keyring ubuntu-archive-keyring

NOTE: use ubuntu-keyring instead of ubuntu-archive-keyring if your build station is Ubuntu

Prepare the target environment. For example for Ubuntu trusty use can use this setup:

$ sudo pbuilder create --debootstrapopts --variant=buildd --mirror --distribution trusty --architecture amd64 --components main --debbuildopts -mJohn Doe <>

Prepare the new package

  1. Download the source:
    $ wget
  2. Extract the archive and change into the source tree:
    $ tar xvzf gnujump-1.0.8.tar.gz
    $ cd gnujump-1.0.8/

Prepare for debian packaging

  1. We are going to use the dh_make utility to prepare the debian directory and all the necessary files:
    $ DEBFULLNAME="John Doe" DEBEMAIL="" dh_make -s -y --createorig

    Check if all necessary files are there:

    $ find debian/

    Now Check the contents of the debian/changelog, debian/rules and debian/control files.

  2. We will need to make some changes in the debian/control file:

    Source: gnujump
    Section: games
    Priority: optional
    Maintainer: John Doe <john>
    Build-Depends: debhelper (>= 9), autotools-dev, libsdl1.2-dev, libsdl-image1.2-dev, libsdl-mixer1.2-dev
    Standards-Version: 3.9.5

    The libsdl1.2-dev, libsdl-image1.2-dev and libsdl-mixer1.2-dev have been discovered by repeatedly compiling and failing until you get it right. The you can use the apt-cache search and apt-file search commands to discover the packages corresponding to the missing dependencies.

  3. Edit the debian/rules file to look like this:

    DH_VERBOSE = 1
    include /usr/share/dpkg/
    export DEB_BUILD_MAINT_OPTIONS = hardening=+all
    export DEB_CFLAGS_MAINT_APPEND  = -Wall -pedantic
    export DEB_LDFLAGS_MAINT_APPEND = -Wl,--as-needed
            dh $@  --with autotools-dev
    CFLAGS += -lm

  4. Edit the debian/changelog, with dch -e, to look like this:
    gnujump (1.0.8-1) unstable; urgency=low
      * Initial release
     -- John Doe</john><john>  Mon, 22 Jun 2015 17:41:22 +0300

Build the package

Run this command from the source tree:

$ pdebuild

Give your password when asked. pdebuild will download and install all dependencies in the pbuilder jail and then build the package. Changes will be lost from the jail, the next time you use it but if all goes well, you should see these files under /var/cache/pbuilder/result:

$ ls -la /var/cache/pbuilder/result/
total 5776
drwxr-xr-x 2 root      root         4096 Ιούν 22 17:52 .
drwxr-xr-x 9 root      root         4096 Ιούν 22 11:26 ..
-rw-r--r-- 1 john john    1449 Ιούν 22 17:52 gnujump_1.0.8-1_amd64.changes
-rw-r--r-- 1 john john 1560574 Ιούν 22 17:52 <strong>gnujump_1.0.8-1_amd64.deb</strong>
-rw-rw-r-- 1 john john    9228 Ιούν 22 17:52 gnujump_1.0.8-1.debian.tar.xz
-rw-rw-r-- 1 john john     885 Ιούν 22 17:52 gnujump_1.0.8-1.dsc
-rw-rw-r-- 1 john john 2508641 Ιούλ 24  2012 gnujump_1.0.8.orig.tar.gz
-rw-rw-r-- 1 john john 1814056 Ιούν 22 17:41 gnujump_1.0.8.orig.tar.xz

Checking the result

  1. View the information related to the package file:
    $ dpkg -I /var/cache/pbuilder/result/gnujump_1.0.8-1_amd64.deb
    new debian package, version 2.0.
    size 1560574 bytes: control archive=5550 bytes.
        419 bytes,    11 lines      control              
      18390 bytes,   233 lines      md5sums              
    Package: gnujump
    Version: 1.0.8-1
    Architecture: amd64
    Maintainer: John Doe </john><john>
    Installed-Size: 2355
    Depends: libc6 (>= 2.14), libgl1-mesa-glx | libgl1, libsdl-image1.2 (>= 1.2.10), libsdl-mixer1.2, libsdl1.2debian (>= 1.2.11)
    Section: games
    Priority: optional
    Description: <insert up to 60 chars description>
     </insert><insert long description, indented with spaces>

As you can see our work is not finished. We need to add a description in debian/control and rebuild it.

  1. Check the contents of the package file:
    $ dpkg -I /var/cache/pbuilder/result/gnujump_1.0.8-1_amd64.deb

Install the package

Now we can install the package:

$ sudo dpkg -i /var/cache/pbuilder/result/gnujump_1.0.8-1_amd64.deb

Now run the gnujump software and check if it works.

This is not the whole story of course. You have to check the package against Lintian to see if it complies with the Debian Policy. And if it’s not compliant, you may need to use Quilt to patch it. You will need to fill debian/watch so you can track updates on the upstream with uscan. The work of a Debian packager never ends.