[Mailman-Users] Permission issues
Mark Sapiro
msapiro at value.net
Thu Mar 8 06:06:19 CET 2007
Stefan Berglund wrote:
>
>Now I got some user/group issues.. It complains about postfix running the
>scripts(?) as "nobody" instead of "mailman". Some googling tells me that
>this is kindof common, and that postfix should use the same identity as the
>owner of the aliases file...?
>
>Right now I have this postfix config;
>
>alias_maps = hash:/etc/mail/aliases,
> hash:/usr/local/mailman/data/aliases
>
>..and user mailman owns both these files. Something wrong there..?
/etc/mail/aliases should not have any Mailman aliases, so its ownership
is not relevant to Mailman. It is the group of the file
/usr/local/mailman/data/aliases and /usr/local/mailman/data/aliases.db
that is important, not the owner. Postfix runs the pipe as the
user:group of the file it found the alias in. Mailman only cares about
the group.
>Also, I get some problem when I try to create a new list now, using the web
>interface. I get a "Oops, there was a bug" page, and looking at the mailman
>error log, it seems to be some kind of permission problem here also;
>
>...
>admin(29718): os.mkdir(self.archive_dir()+'.mbox', 02775)
>admin(29718): OSError: [Errno 13] Permission denied:
>'/usr/local/mailman/archives/private/testlist.mbox'
If this one weren't so obvious to me, I would have wanted to see the
full traceback preceeding the above lines.
>And, looking at the path mentioned;
># ls -ld /usr/local/mailman/archives/private
>drwxr-s--x 4 mailman mailman 4096 Mar 7 14:52 /usr/local/mailman/archives/private/
Premissions on /usr/local/mailman/archives/private/
should be drwxrws--- at a minimum, but they probably need to be
drwxrws--x for public archives to work.
What is happening here is the web create cgi is running as the web
server user and mailman group because of the SETGID bit on the
wrapper. It does not have permission to create
/usr/local/mailman/archives/private/testlist.mbox because
/usr/local/mailman/archives/private/ is not group writable.
>It feels like I've missed to do some settings of permissions.. I run gentoo,
>and followed some gentoo guide.. Did I miss something? Does anyone have any
>tips?
Did you run bin/check_perms?
Also, see
<http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq06.016.htp>
regarding mailman permissions, security and group mismatch errors.
--
Mark Sapiro <msapiro at value.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the Mailman-Users
mailing list