[Mailman-Users] set gid didn't work?

[Barry A. Warsaw]

Short answer: I don't think it's a Mailman issue, per se.  I think
you've still got Qmail configuration problems.

I don't know how much you know about Unix processes, user ids, and
group ids, but an excellent reference on the subject (and really
almost /all/ things *nix) is W. Richard Stevens' "Advanced Programming
in the UNIX Environment".  Very highly recommended.

>>>>> "A" == Amanda  <arandall at auntminnie.com> writes:

    A>  - Where in the name of common sense is gid 401? When it says
    A> "GOT gid 401" where is it getting it? Who/what is passing a gid
    A> at that point?

When an MTA, e.g. Qmail in your case, tries to deliver a message to a
program, it will execute that program with certain user and group
ids.  Each MTA has a different way of deciding which uid and gid to
use when running a filter program.  I'm not sure about the exact
details of Qmail, but there /has/ to be a way to configure Qmail to
change the uid and gid.

For Mailman purposes, we don't care about the uid.  In your case,
Qmail is executing Mailman's mail-wrapper program with gid 401, which
Mailman determines through the getgid() system call.  Note, there's no
gid "getting passed" here; the (real) gid is an attribute of a Unix
process.

Now, Mailman's --with-mail-gid configure option says essentially sets
the MAIL_GID C macro to the numeric equivalent of the option's value.
Thus, say you've got a line like the following in your /etc/group
file:

qmail:x:400:

This is saying that the symbolic group name `qmail' has a gid of 400.
--with-mail-gid will allow you to use either a symbolic group name or
a numeric group id, but it will not allow you to specify one that
isn't in your /etc/group file.

So, the Qmail configuration problem you've got is that it's attempting
to execute filter programs using a gid that's not in your /etc/group
file.  You can either reconfigure Qmail to execute filter programs
with group=qmail/gid=400, or you can add a dummy group to your
/etc/group file like so:

qmailprogs:x:401:

(Note the exact format of /etc/group, or even whether you /use/ an
/etc/group as opposed to a NIS map or some other network information
system, is site dependent).

If you go with the first solution, you'll then want to recompile
Mailman --with-mail-gid=qmail but if you go with the second solution,
you'll want to recompile --with-mail-gid=qmailprogs

There's one more solution that might help: forget --with-mail-gid and
use a "make variable".  Because of the --with-mail-gid restriction
that the numeric gid must be in /etc/group, and because for you it is
not, let's assume you can't actually modify the /etc/group file, and
you can't get qmail to execute programs with gid 400.

In this case, after a "make clean", re-run Mailman's configure script
without the --with-mail-gid switch.  When you then run "make install",
do it like this instead:

    % make MAIL_GID=401 install

or perhaps

    % MAIL_GID=401 make install

(if you're using a Bourne shell derivative, like bash).
    
    A> - Did I actually do enough to get a clean
    A> install of Mm, or are there additional steps I can take to
    A> ensure that I'm really getting a clean install?

A "make clean" ought to be enough to solve this particular problem,
although even that may not be necessary.  Just rerunning configure,
"make install" ought to be enough -- when you figure out the right gid
to use!
    
    A>   - Are there
    A> any suggestions for installing and configuring this thing in a
    A> manner in which it might actually work?

I hope the above explains the issues in enough details to get it
working.  Just to re-iterate, I don't believe you have a Mailman
problem, but instead, qmail isn't quite configured correctly.

    A> We're now getting to the point where my head's going to be on a
    A> chopping block if I cannot make it work. I'm more than slightly
    A> panicked about that.

Well, we wouldn't want that!  Hopefully you can now get things
working.

Cheers,
-Barry