[Mailman-Users] Hurray! My archive works again... User warning for check_perms!

[TGPlatt, WebMaster]

I'm pleased to report my mailman archive update process is working again. As
it turned out, what was keeping the feature from working was ownership
and/or permissions on files in /usr/mailman/archives/private/[LISTNAME] and
/usr/mailman/archives/private/[LISTNAME]/database directories. Somehow, (I'm
not sure how) many -- but not all -- files in those directories were owned
by root rather than by mailman and many of them also had permissions of 644
(rw-r--r--) RATHER than 664 (rw-rw-r--). That has been corrected now and ALL
files in the mailman directory structure are now owned by mailman PLUS the
permissions on virtually all data files are 664 and not 644.

 

This issue apparently goes back to when mailman was first laid down on our
old server in the early summer; because a check of the last backup taken
from the old server at the end of September shows ALL files in those
directories were owned by root and not by mailman. That was CLEARLY caused
by some error I made when installing and setting up mailman. 

 

I added, the "User warning for check_perms" because although the perms shown
on that final old-server backup were 664 for all mailman files in
/usr/mailman/archives/private/mylist directory and 660 for all files in
/usr/mailman/archives/private/mylist/database and check_perms reported "No
Problems Found", check_perms was flat wrong about that. The ownership on ALL
those files was wrong but check_perms failed to detect and report that
issue. This issue has been reported and should soon be fixed. But in the
meantime be cautions about putting too much faith in check_perms in mailman
v2.1.11.

 

The data files in those directories must ALL be owned by mailman. In our
case they were owned by ROOT! That prevented mailman's ARCHrunner from
updating the archive and produced the same errors every day for almost 3
months when mailman tried to update the archive. The errors were recorded
each day in the mailman error log (/usr/local/mailman/logs/error); but I
never checked the error log!  Duhhh! Also, because of those errors the
archives were not updated for 3 months and mailman's automatic cleanup
process was systematically discarding ALL new posts that hadn't been updated
after 7 days. Sadly, neither I nor anyone else was checking the archive
either. Double Duhhh!! So, in the end we lost 3 months worth of archive
updates.

 

The lessons here are: 

 

1.    Just because check_perms reports "No Problems Found", don't assume
everything is set right or working correctly. CHECK THE ERROR LOG and CHECK
THE ARCHIVES! Then, DOUBLE-CHECK both the file and directory permissions and
OWNERSHIPs in the archive directories for each of your mailman lists. There
is a post in the archives that briefly explains exactly what permissions
should be for both files and directories. You'll find that post here:

 

<http://mail.python.org/pipermail/mailman-users/2008-October/063748.html>.

 

2.       If you don't understand why your list's permissions and ownerships
are set the way they are, keep asking questions until you DO understand.
Otherwise you may wake up one day as I did and need to explain to your
client why 3 months of their conversations have unexpectedly gone missing.
:-(

 

A word to the wise.