/usr/share/augeas/lenses/dist/opendkim.aug is in augeas-lenses 1.10.1-2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 | module Opendkim =
autoload xfm
(* Inifile.comment is saner than Util.comment regarding spacing after the # *)
let comment = Inifile.comment "#" "#"
let eol = Util.eol
let empty = Util.empty
(*
The Dataset spec is so broad as to encompass any string (particularly the
degenerate 'single literal string' case of a comma separated list with
only one item). So treat them as 'String' types, and it's up to the user to
format them correctly. Given that many of the variants include file paths
etc, it's impossible to validate for 'correctness' anyway
*)
let stringkv_rx = /ADSPAction|AuthservID|AutoRestartRate|BaseDirectory/
| /BogusKey|BogusPolicy|Canonicalization|ChangeRootDirectory/
| /DiagnosticDirectory|FinalPolicyScript|IdentityHeader|Include|KeyFile/
| /LDAPAuthMechanism|LDAPAuthName|LDAPAuthRealm|LDAPAuthUser/
| /LDAPBindPassword|LDAPBindUser|Minimum|Mode|MTACommand|Nameservers/
| /On-BadSignature|On-Default|On-DNSError|On-InternalError|On-KeyNotFound/
| /On-NoSignature|On-PolicyError|On-Security|On-SignatureError|PidFile/
| /ReplaceRules|ReportAddress|ReportBccAddress|ResolverConfiguration/
| /ScreenPolicyScript|SelectCanonicalizationHeader|Selector|SelectorHeader/
| /SenderMacro|SetupPolicyScript|SignatureAlgorithm|SMTPURI|Socket/
| /StatisticsName|StatisticsPrefix|SyslogFacility|TemporaryDirectory/
| /TestPublicKeys|TrustAnchorFile|UnprotectedKey|UnprotectedPolicy|UserID/
| /VBR-Certifiers|VBR-PurgeFields|VBR-TrustedCertifiers|VBR-Type/
| /BodyLengthDB|Domain|DontSignMailTo|ExemptDomains|ExternalIgnoreList/
| /InternalHosts|KeyTable|LocalADSP|MacroList|MTA|MustBeSigned|OmitHeaders/
| /OversignHeaders|PeerList|POPDBFile|RemoveARFrom|ResignMailTo/
| /SenderHeaders|SignHeaders|SigningTable|TrustSignaturesFrom/
let stringkv = key stringkv_rx .
del /[ \t]+/ " " . store /[a-zA-Z][^ \t\n#]+/ . eol
let integerkv_rx = /AutoRestartCount|ClockDrift|DNSTimeout/
| /LDAPKeepaliveIdle|LDAPKeepaliveInterval|LDAPKeepaliveProbes|LDAPTimeout/
| /MaximumHeaders|MaximumSignaturesToVerify|MaximumSignedBytes|MilterDebug/
| /MinimumKeyBits|SignatureTTL|UMask/
let integerkv = key integerkv_rx .
del /[ \t]+/ " " . store /[0-9]+/ . eol
let booleankv_rx = /AddAllSignatureResults|ADSPNoSuchDomain/
| /AllowSHA1Only|AlwaysAddARHeader|AuthservIDWithJobID|AutoRestart/
| /Background|CaptureUnknownErrors|Diagnostics|DisableADSP/
| /DisableCryptoInit|DNSConnect|FixCRLF|IdentityHeaderRemove/
| /LDAPDisableCache|LDAPSoftStart|LDAPUseTLS|MultipleSignatures|NoHeaderB/
| /Quarantine|QueryCache|RemoveARAll|RemoveOldSignatures|ResolverTracing/
| /SelectorHeaderRemove|SendADSPReports|SendReports|SoftwareHeader/
| /StrictHeaders|StrictTestMode|SubDomains|Syslog|SyslogSuccess/
| /VBR-TrustedCertifiersOnly|WeakSyntaxChecks/
let booleankv = key booleankv_rx .
del /[ \t]+/ " " . store /(true|false|yes|no|1|0)/ . eol
let entry = [ integerkv ] | [ booleankv ] | [ stringkv ]
let lns = (comment | empty | entry)*
let xfm = transform lns (incl "/etc/opendkim.conf")
|