[Mailman-Users] 2 initial config problems (virtual hosts andpermissions)

Todd Freedom_Lover at pobox.com
Wed Mar 2 02:46:44 CET 2005 

FH wrote:
> ------ Original Message ------
> Received: Mon, 28 Feb 2005 10:30:31 PM EST
> From: Mark Sapiro <msapiro at value.net>
> To: FH <fhouston at usa.net>, <mailman-users at python.org>
> Subject: Re: [Mailman-Users] 2 initial config problems (virtual hosts
> andpermissions)
>
...
>> Have you tried bin/check_perms?
>
> Yep.  Here's a test run to show you what's going on:
>
> # ls -al data
> total 44
> drwxrwsr-x   2 root     mailman      512 Mar  1 11:25 ./
> drwxrwsr-x  20 root     mailman      512 Feb 28 16:02 ../
> -rw-r-----   1 root     mailman       41 Feb 28 16:22 adm.pw
> -rw-rw----   1 mailman  mailman     1165 Mar  1 11:25 aliases
> -rw-r-----   1 mailman  mailman        0 Mar  1 11:25 aliases.dir
> -rw-r-----   1 mailman  mailman     1024 Mar  1 11:25 aliases.pag
> -rw-r--r--   1 root     mailman       10 Feb 28 16:07 last_mailman_version
> -rw-rw----   1 mailman  mailman        5 Feb 28 16:21 master-qrunner.pid
> -rw-r--r--   1 root     mailman    14110 Feb 28 16:02 sitelist.cfg
>
> # bin/check_perms 
> No problems found

Unfortunately, check_perms won't catch the permission problem with the
alias database file(s).  You want aliases.dir and aliases.pag to be
group writable.  All the alias files should be owned by mailman and be
in group mailman.  Then postalias should work and you'll be able to
create lists from the web.

README.POSTFIX doesn't mention this, though I've found it to be
important.  I'll attach a small patch that makes check_perms catch
this and README.POSTFIX be more explicit. 

A Few things to note about this patch is that I made it against CVS
back in January of 2004 and posted it here then.  It may or may not
apply cleanly to 2.1.5 or the forthcoming 2.1.6.  Also, I'm used to
dealing with db databases (.db) instead of dbm databases (.dir and
.pag), and the code to check perms assumes db instead of dbm, so
you'll be on your own to fix those file perms even with a patch like
this.

-- 
Todd        OpenPGP -> KeyID: 0xD654075A | URL: www.pobox.com/~tmz/pgp
======================================================================
Liberty is the only thing you cannot have unless you are willing to
give it to others.
    -- William Allen White  -  1940

-------------- next part --------------
Index: README.POSTFIX
===================================================================
RCS file: /cvsroot/mailman/mailman/README.POSTFIX,v
retrieving revision 2.17
diff -u -r2.17 README.POSTFIX
--- README.POSTFIX	14 Sep 2003 04:58:35 -0000	2.17
+++ README.POSTFIX	15 Jan 2004 04:02:23 -0000
@@ -76,11 +76,12 @@
       % bin/genaliases
 
       Make sure that the owner of the data/aliases and data/aliases.db
-      file is `mailman' and that the group owner for those files is
-      `mailman'.  E.g.:
+      file is `mailman', that the group owner for those files is
+      `mailman', and that both files are group writable.  E.g.:
 
       % su
       % chown mailman:mailman data/aliases*
+      % chmod g+w data/aliases*
 
     - Hack your Postfix's main.cf file to include the following path
       in your alias_maps variable:
Index: Mailman/MTA/Postfix.py
===================================================================
RCS file: /cvsroot/mailman/mailman/Mailman/MTA/Postfix.py,v
retrieving revision 2.22
diff -u -r2.22 Postfix.py
--- Mailman/MTA/Postfix.py	14 Sep 2003 04:41:32 -0000	2.22
+++ Mailman/MTA/Postfix.py	15 Jan 2004 04:02:23 -0000
@@ -339,12 +339,21 @@
                 owner = pwd.getpwuid(stat[ST_UID])[0]
             except KeyError:
                 owner = 'uid %d' % stat[ST_UID]
-            print _('%(dbfile)s owned by %(owner)s (must be owned by %(user)s')
+            print _('%(dbfile)s owned by %(owner)s (must be owned by %(user)s'),
             state.ERRORS += 1
             if state.FIX:
                 print _('(fixing)')
                 uid = pwd.getpwnam(user)[2]
                 gid = grp.getgrnam(mm_cfg.MAILMAN_GROUP)[2]
                 os.chown(dbfile, uid, gid)
+            else:
+                print
+        if stat and (stat[ST_MODE] & targetmode) <> targetmode:
+            state.ERRORS += 1
+            octmode = oct(stat[ST_MODE])
+            print _('%(dbfile)s permissions must be 066x (got %(octmode)s)'),
+            if state.FIX:
+                print _('(fixing)')
+                os.chmod(dbfile, stat[ST_MODE] | targetmode)
             else:
                 print
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 318 bytes
Desc: not available
Url : http://mail.python.org/pipermail/mailman-users/attachments/20050301/12cded0a/attachment.pgp

More information about the Mailman-Users mailing list