[Mailman-Users] Archives, the "Forbidden Zone"

Sun Nov 21 09:11:54 CET 2004

Let me start with a big "Thank You" to the Mailman authors for their
great work on this fine list management software. I have been using
Mailman for over four years and have had very few problems.

Recently I installed Fedora Core 3 and I am in the process of setting up
the system to once again host several Mailman lists. However, I have run
into a problem that I am unable to solve. It is the typical "403
Forbidden" problem often seen by newbies when attempting to view the
archives of a list.

I have searched the mailman-users archives. I have searched Google
Groups. I have read the INSTALL.REDHAT and UPGRADING files included in
the mailman rpm, as well as several other pertinent files. I have found
nothing that can explain why I continue to see the 403 Forbidden error.

First off, the lists have been imported from backup, so there is the
possibility something went wrong in that. However, check_perms reports
no problems. And "check_db -a" also reports nothing. I also ran the
'update' command successfully. Sending mail to the lists appears to be
working, as does the administrative interface. The only problem really
is accessing the archives.

Now before you tell me that I need to set up the Apache configuration,
let me say that the mailman rpm in FC3 includes a .conf file already. I
have pasted it in below for your reference. And I suppose you will ask
"What about the permissions on the files/directories?" Ah, I'm one step
ahead of you there. See the detailed output below the .conf file.

So the question becomes, what is preventing the browser from accessing
the archives?

nathan

P.S. You can see the problem for yourself at
http://www.bluemarsh.com/mailman/listinfo

------------------------------------------------------------
#
#  httpd configuration settings for use with mailman.
#

ScriptAlias /mailman/ /usr/lib/mailman/cgi-bin/
<Directory /usr/lib/mailman/cgi-bin/>
    AllowOverride None
    Options ExecCGI
    Order allow,deny
    Allow from all
</Directory>

Alias /pipermail/ /var/lib/mailman/archives/public/
<Directory /var/lib/mailman/archives/public/>
    Options Indexes MultiViews FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>

# Uncomment the following line, replacing www.example.com with your
server's
# name, to redirect queries to /mailman to the listinfo page
(recommended).

RedirectMatch ^/mailman[/]*$ http://www.bluemarsh.com/mailman/listinfo
------------------------------------------------------------

Apache user can read the files:
------------------------------------------------------------
# echo "head /var/lib/mailman/archives/private/jswat-
announce/index.html" | su -fm apache
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
  <HEAD>
     <title>The jswat-announce Archives</title>
     <META NAME="robots" CONTENT="noindex,follow">
     <META http-equiv="Content-Type" content="text/html; charset=us-
ascii">
  </HEAD>
  <BODY BGCOLOR="#ffffff">
     <h1>The jswat-announce Archives </h1>
     <p>

[To double-check, apache cannot read root's files.]
# echo "head /root/.bashrc" | su -fm apache
head: cannot open `/root/.bashrc' for reading: Permission denied
------------------------------------------------------------

Directory permissions in detail:
------------------------------------------------------------
# ls -l /
drwxr-xr-x   22 root root  4096 Nov 16 00:05 var

# ls -l /var
drwxr-xr-x  23 root    root     4096 Nov 19 16:09 lib

# ls -l /var/lib
drwxrwsr-x   6 root   mailman 4096 Nov 20 23:00 mailman

# ls -l /var/lib/mailman
drwxrwsr-x  4 mailman mailman 4096 Jun 16  2003 archives

# ls -l /var/lib/mailman/archives
drwxrws--x  13 mailman mailman 4096 Nov 20 22:33 private
drwxrwsr-x   2 mailman mailman 4096 Nov 20 22:33 public

# ls -l /var/lib/mailman/archives/private
drwxrwsr-x   9 mailman mailman 4096 Oct 17 03:27 jswat-announce
drwxrwsr-x   2 mailman mailman 4096 Feb 24  2004 jswat-announce.mbox

# ls -l /var/lib/mailman/archives/private/jswat-announce
drwxrwsr-x  2 mailman mailman 4096 Apr 29  2004 2004-April
-rw-rw-r--  1 mailman mailman  805 Apr 29  2004 2004-April.txt
-rw-rw-r--  1 mailman mailman  544 Apr 30  2004 2004-April.txt.gz
drwxrwsr-x  2 mailman mailman 4096 Aug 17 00:05 2004-August
-rw-rw-r--  1 mailman mailman  699 Aug 17 00:05 2004-August.txt
-rw-rw-r--  1 mailman mailman  512 Aug 17 03:27 2004-August.txt.gz
drwxrwsr-x  2 mailman mailman 4096 Feb 27  2004 2004-February
-rw-rw-r--  1 mailman mailman 1674 Feb 27  2004 2004-February.txt
-rw-rw-r--  1 mailman mailman  935 Feb 28  2004 2004-February.txt.gz
drwxrwsr-x  2 mailman mailman 4096 May  9  2004 2004-May
-rw-rw-r--  1 mailman mailman  435 May  9  2004 2004-May.txt
-rw-rw-r--  1 mailman mailman  361 May 10  2004 2004-May.txt.gz
drwxrwsr-x  2 mailman mailman 4096 Oct 16 17:28 2004-October
-rw-rw-r--  1 mailman mailman  810 Oct 16 17:28 2004-October.txt
-rw-rw-r--  1 mailman mailman  549 Oct 17 03:27 2004-October.txt.gz
drwxrwsr-x  2 mailman mailman 4096 Sep 22 00:17 2004-September
-rw-rw-r--  1 mailman mailman 1455 Sep 22 00:17 2004-September.txt
-rw-rw-r--  1 mailman mailman  827 Sep 22 03:27 2004-September.txt.gz
drwxrws---  2 mailman mailman 4096 Oct 16 17:28 database
-rw-rw-r--  1 mailman mailman 3229 Oct 16 17:28 index.html
-rw-rw----  1 mailman mailman  915 Oct 16 17:28 pipermail.pck
------------------------------------------------------------