[Mailman-Users] wrapper script run as nogroup

Richard Barrett r.barrett at openinfo.co.uk
Mon Nov 24 19:58:34 CET 2003 

On 24 Nov 2003, at 17:25, Todd wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Jeremy Gilbert wrote:
>> I'm having a hell of a time getting this working, but I keep
>> coming back to this problem.  I get this back whenever I send
>> e-mail to a list address.
>>
>> <test at xxxxxxxxxxxxxx.com>: Command died with status 2:
>>     "/usr/local/mailman/mail/mailman post test". Command output:
>> Group mismatch
>>     error.  Mailman expected the mail wrapper script to be
>> executed as group
>>     "mailman", but the system's mail server executed the mail
>> script as group
>>     "nogroup".  Try tweaking the mail server to run the script as
>> group
>>     "mailman", or re-run configure,  providing the command line
>> option
>>     `--with-mail-gid=nogroup'.
>>
>> This has probably been answered before, but the only answer I
>> could find in the archives related to changing the
>> --with-mail-gid=nogroup in the configure script.  This only
>> creates more problems for me, so I'd like to change Postfix to run
>> the wrapper as gid mailman.  However, I can't find how to do this.
>> I've followed all the instructions in INSTALL, README and
>> README.POSTFIX, but I'm obviously still missing something.
>
> What are the perms on /usr/local/mailman/mail/mailman?  Postfix should
> be executing the script as whatever group the wrapper has.
>

Your interpretation is not quite correct.

When it is run, and as a security precaution, the mailman wrapper 
checks the group of the process which is executing it is what it 
expects and then and only then runs the mail delivery script with the 
mailman gid. This expected gid is compiled into the mailman wrapper as 
the value of --with-mail-gid from ./configure.

The issue is not what gid the wrapper should run the Mailman mail 
delivery script as but what gid the wrapper expects the process running 
it to have.

The error message is saying that it is being run with the gid nogroup 
when it was told to expect to be run by a process with the gid mailman. 
If you want to stick with that then Postfix, repeat Postfix, has to 
execute with the gid mailman. Which may or may not be what you want.

> - --
> Todd        OpenPGP -> KeyID: 0xD654075A | URL: www.pobox.com/~tmz/pgp
> ======================================================================
> We have too many lawyers making laws. We need some un-lawyers
> un-making some laws.
>     -- Carl Strang, ex-mayor, Winter Haven, FL
>
>
-----------------------------------------------------------------------
Richard Barrett                               http://www.openinfo.co.uk

More information about the Mailman-Users mailing list