[Mailman-Users] wrapper script run as nogroup

Todd Freedom_Lover at pobox.com
Wed Nov 26 18:56:40 CET 2003 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Simon White wrote:
> Postfix, by default, would use postdrop as the group for most stuff;
> this is described in the Postfix install instructions.
>
> Mailman, by default, would use the group mailman.
>
> However I really think you are going to need to recompile mailman
> with --with-mail-gid=postdrop or something along those lines. I've
> not heard of anyone just compiling both Postfix and Mailman with
> default options and it working.

I have mailman compiled using --with-mail-gid=mailman and it works
fine on the several redhat systems I use it on.  Postfix is built
using the same options as the rpms shipped from redhat, which means
setgid_group=postdrop.

Here's a snippet from the local manpage distributed with postfix on
how postfix determines what user to run things as:

    DELIVERY RIGHTS
        Deliveries to external files and external commands are made
        with the rights of the receiving user on whose behalf the
        delivery is made. In the absence of a user context, the local
        daemon uses the owner rights of the :include: file or alias
        database. When those files are owned by the superuser,
        delivery is made with the rights specified with the
        default_privs configuration parameter.

That should explain why you can run mailman compiled using
- --with-mail-gid=mailman and have postfix work properly.  I think
Jeremy's problem was a problem with the alias_maps or alias_database
settings.  If all the mailman aliases were in ~mailman/data/aliases*
and were owned by mailman:mailman, then postfix should have been
calling the wrapper with group mailman, as the wrapper was compiled to
expect.  That it was calling it as nogroup and that Jeremy had to
change the perms on the system alias files makes me think that there
were some mailman aliases in those files.  It's either that or
something else is borked on his postfix setup or that I'm still
missing something (which is always a distinct possibility).

- -- 
Todd        OpenPGP -> KeyID: 0xD654075A | URL: www.pobox.com/~tmz/pgp
======================================================================
The worth of a state, in the long run, is the worth of the individuals
composing it.
    -- John Stuart Mill

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: When crypto is outlawed bayl bhgynjf jvyy unir cevinpl.

iD8DBQE/xOlYuv+09NZUB1oRAv5IAJ44LtTVN1BEeMlFdJzvmplNe9buwACgnxeq
bwWl/pCULXZHyyY8wg/vIew=
=H716
-----END PGP SIGNATURE-----

More information about the Mailman-Users mailing list