[Mailman-Users] Integrating mailman with Sendmail

[Brad Knowles]

Bill Honneus (honneus) wrote:

> I'm a little confused about something regarding setting up Mailman to
> run using Sendmail.  The following are instructions for how to create
> the mailman user.  My first question is, why is the user created with no
> shell and no home?  The documentation does not explain the reason why
> this is needed.

Because Mailman doesn't need the shell or the home directory, and they pose 
a potential security risk if they are present.  So, leave them out and you 
avoid the potential security risk.

> First, I don't see how to login or sudo as mailman if the user is set up
> without a shell.

Neither sudo nor a plain "su" need to have a shell for the user.  All you're 
changing is your effective UID (EUID), but the rest of your environment 
comes from your real UID that you used to log in with.

>                   Second, both steps refer to a home directory that does
> not exist if the user is set up with no home.

You're confusing the root of the directory structure where the Mailman code 
is installed with the /etc/passwd concept of "home directory".  You can have 
/usr/local/mailman be the root of the directory structure for Mailman (and 
called the "Mailman home directory"), without having a home directory 
specified in /etc/passwd for this user.

Yes, this can be confusing.

>                                                In other words, the
> instructions seem to contradict the basic instruction for how to set up
> the mailman user.

In the alternative, you could go ahead and list this directory as the home 
directory in /etc/passwd, but doing that doesn't really buy you anything 
from the security or systems operations standpoint.

> Please help me better understand what is needed here.

Hope this helps.

-- 
Brad Knowles <brad at shub-internet.org>
LinkedIn Profile: <http://tinyurl.com/y8kpxu>