Various fixes and features

* Feature: Add $masquerade_exception variable to exclude list of hosts from masquerade.
  * Fix: Add OSTYPE macro to sendmail.mc and submit.mc. It's mandatory according to documentation.
  * Fix: require sendmail package before building certs.

sendmail/manifests/init.pp

@@ -127,6 +127,9 @@ class sendmail::client::msa inherits sendmail::client {
 #   $mail_domain:
 #       SMTP domain name.
 #
+#   $masquerade_exception:
+#       Everything is masqueraded to $mail_domain except these hosts.
+#
 #   $sendmail_auth_mech:
 #       List of authentication mechanisms to use. Defaults to PLAIN and LOGIN.
 #
@@ -142,6 +145,10 @@ class sendmail::server inherits sendmail::common {
         $sendmail_auth_mech = [ "PLAIN", "LOGIN", ]
     }
 
+    if !$masquerade_exception {
+        $masquerade_exception = []
+    }
+
     $ssl_key = basename($sendmail_ssl_key)
     $ssl_cert = basename($sendmail_ssl_cert)
     if $sendmail_ssl_chain {
@@ -157,6 +164,7 @@ class sendmail::server inherits sendmail::common {
             File["/etc/sysconfig/sendmail"] {
                 content => "DAEMON=yes\nQUEUE=1h\n",
             }
+            $ostype = "linux" # For Sendmail's OSTYPE macro
         }
         default: {
             fail("sendmail::server not supported in '${::operatingsystem}'")
@@ -227,10 +235,11 @@ class sendmail::server inherits sendmail::common {
     }
 
     file { "/etc/mail/certs":
-        ensure => directory,
+        ensure  => directory,
-        mode   => "0755",
+        mode    => "0755",
-        owner  => "root",
+        owner   => "root",
-        group  => "root",
+        group   => "root",
+        require => Package["sendmail"],
     }
     exec { "populate-etc-mail-certs":
         path    => "/bin:/usr/bin:/sbin:/usr/sbin",

sendmail/templates/sendmail.mc.erb

@@ -8,6 +8,7 @@ include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
 include(`/usr/share/sendmail/cf/m4/cf.m4')dnl
 <% end -%>
 VERSIONID(`puppet sendmail::server')dnl
+OSTYPE(`<%= ostype -%>')dnl
 dnl #
 define(`confDEF_USER_ID', ``8:12'')dnl
 define(`confTO_CONNECT', `1m')dnl
@@ -53,8 +54,11 @@ dnl #
 DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
 DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
 dnl #
-LOCAL_DOMAIN`localhost.localdomain')dnl
+LOCAL_DOMAIN(`localhost.localdomain')dnl
 MASQUERADE_AS(`<%= mail_domain %>')dnl
+<% masquerade_exception.each do |exception| -%>
+MASQUERADE_EXCEPTION(`<%= exception %>')dnl
+<% end -%>
 FEATURE(masquerade_envelope)dnl
 FEATURE(allmasquerade)dnl
 FEATURE(masquerade_entire_domain)dnl

sendmail/templates/submit.mc.erb

@@ -22,6 +22,7 @@ include(`/usr/share/sendmail/cf/m4/cf.m4')dnl
 DOMAIN(`debian-msp')dnl
 <% end -%>
 VERSIONID(`puppet setup')dnl
+OSTYPE(`<%= ostype -%>')dnl
 define(`confCF_VERSION', `Submit')dnl
 define(`__OSTYPE__',`')dnl dirty hack to keep proto.m4 from complaining
 define(`_USE_DECNET_SYNTAX_', `1')dnl support DECnet