[Mailman-Users] No access to public archives

[Richard Barrett]

At 10:10 06/06/2003, phf1 at free.fr wrote:

>Hello,
>
>I don't understand why do I have access to archives when they are private but
>not when they are public ( I get a "Forbidden  You don't have permission to
>access ..." error)

This is because private archives are accessed by a mailman script 
$prefix/Mailman/Cgi/private.py which is executed via a wrapper which sets 
the process gid to run as mailman.

>I found that in archives/public I had no link to the private archives of this
>list, so I made a ln -s , but it did not resolve my problem.
>That was yesterday, today the links I created desappeared.
>
>I really don't know what to do.

Links for public lists not being present and then going missing after you 
have inserted them by hand is weird.

Have you checked the permissions on the $prefix/archives/public and private 
directories. They should look something like this.

mailman at mailman2:/mailman/run/archives> ls -l
total 12
drwxrws--x    8 mailman  mailman      4096 Jun  4 10:58 private
drwxrwsr-x    2 mailman  mailman      4096 Apr 30 14:16 public
mailman at mailman2:/mailman/run/archives> ls -l private/
total 24
drwxrwsr-x    2 mailman  mailman      4096 Mar 20 13:09 mailman
drwxrwsr-x    2 mailman  mailman      4096 Mar 20 13:09 mailman.mbox
drwxrwsr-x    9 mailman  mailman      4096 Jun  5 03:27 test1
drwxrwsr-x    2 mailman  mailman      4096 Mar 20 13:35 test1.mbox
drwxrwsr-x    6 mailman  mailman      4096 May  2 03:27 test2
drwxrwsr-x    2 mailman  mailman      4096 Apr 30 14:16 test2.mbox

I suggest you run $prefix/bin/check_perms -f to make sure that all of the 
file permissions for your installation are correct.

Then cycle a list's archive from private to public and then back to 
private. This should create a symlink to the list's archives in 
$prefix/archives/public and then delete it. Essentially changing list 
archives from private to public and vice versa is just a matter of creation 
and deletion of these symlinks.

If that symlink create/delete behaviour is not present then repost to the 
list including that information.

>Below is my httpd.conf:
>
><VirtualHost xx.xx.xx.xx>
>ServerName mailman.xx.com
>DocumentRoot /home/mailman/templates/fr/
>AddHandler cgi-script *
>ScriptAlias /mailman/ /home/mailman/cgi-bin/
>Alias /pipermail/ /home/mailman/archives/public/
>User mailman
>Group mailman
></VirtualHost>
><Directory /home/mailman/archives/public>
>         AddDefaultCharset Off
>         Options FollowSymLinks
>         order allow,deny
>         allow from all
></Directory>

I am fairly certain that the User and Group directives in this virtual host 
are not valid. The User and Group are used by the main Apache process 
(normally running as root) to set the uid and gid of the children it spawns 
that do the real work. As far as I know this spawning is not done on a 
virtual host basis.Whether the presence of these directives is causing a 
problem I do not know.

Further the way MM works, the tie up between the gid that CGI programs are 
normally run as and Mailman's CGI scripts is via the --with-cgi-gid option 
on the Mailman ./configure.

Mailman's wrappers for CGI scripts check that the script has been run with 
the gid specified by --with-cgi-gid and then executes the script with the 
mailman user's gid.

>Thank you for any help

------------------------------------------------------------------------------
Richard Barrett                                      http://www.openinfo.co.uk