[Mailman-Users] Mailman Bug?/no Admin level web access

ewstahl at aol.com ewstahl at aol.com
Wed May 18 17:16:39 CEST 2005 

This AM I turned off SELinux and the firewall entirely. I then ran 
check_perms, and there were 4 errors, all but 1 with the cgi scripts. 
Apparently the whole cgi-bin folder had a group mismatch (something I 
did "to fix things" before I realized most of them actually worked and 
I forgot to change one back), the only list I had set up had a language 
error (something to do with EN?) and the admin and admindb scripts had 
a set-gid error, which mailman fixed and it now works. :-) SO, I guess 
you were correct that SELinux was somehow causing my troubles. 
Unfortunately, I didn't save a copy of the repairs from the terminal 
window when I was logged in as root and the error log still is blank. 
I'm having a hard time believing that the scripts were not set when I 
installed since I used the --with-cgi-gid option to configure, 
reconfigured/reinstalled when I found things were not working 
correctly, and the other 16 scripts were set properly and working. 
Perhaps SELinux needs to be turned off preinstall as a general rule? I 
tried checking in /var/logs/mail, /var/logs/maillog, and 
/var/spool/mail -there was no listing of errors in any logs. Mr. 
Dennis, if you want to discuss why I prefer not to use the RPM version 
of mailman, email me off list.

Elissa

-----Original Message-----
From: John Dennis <jdennis at redhat.com>
To: EWStahl at aol.com
Cc: msapiro at value.net; mailman-users at python.org; jwt at onjapan.net; 
shacker at birdhouse.org
Sent: Tue, 17 May 2005 22:04:56 -0400
Subject: Re: [Mailman-Users] Mailman Bug?/no Admin level web access

  On Tue, 2005-05-17 at 21:33 -0400, EWStahl at aol.com wrote:

> Mailman created a new file, but the others show as plain text and the
> new one as octet stream.

I'm afraid I don't understand. What "others" and what do you mean the
new log file is octet stream?

> Right now I'm at accept all on ports/firewall, with SELinux enabled
> and enforcing but turned off on the httpd daemon. I can access all of
> the pages except the Admin ones.

Please turn ALL of SELinux off. There are many parts of the security
policy that might come into play, not just httpd. For instance mailman
has its own security policy that is mated to the red hat mailman rpm's,
which you're not using, there is a tremendous opportunity here for
problems due to the mismatch. Let's try to eliminate SELinux as a factor
altogether.


--
John Dennis <jdennis at redhat.com>

More information about the Mailman-Users mailing list