[Mailman-Users] Archive access Forbidden

Mark Sapiro mark at msapiro.net
Tue Dec 29 16:32:46 CET 2009 

David Southwell wrote:

>Thank you in advance for replies. The list is now working fine however access 
>to the archive is blocked
[...]
>dns1# pwd                         
>/usr/local/mailman                
>dns1# ls -l                       
>total 36                          
>drwxrwsr-x  11 mailman  mailman  2048 Dec 29 09:03 Mailman
>drwxrwsr-x   4 www      www       512 Dec 28 13:07 archives


This and everything subordinate to it needs to be group mailman.


>drwxrwsr-x   2 root     mailman  1024 Dec 28 13:07 bin     
>drwxrwsr-x   2 root     mailman   512 Dec 28 13:07 cgi-bin 
>drwxrwsr-x   2 root     mailman   512 Dec 28 13:07 cron
>drwxrwsr-x   2 mailman  mailman   512 Dec 28 15:54 data
>drwxrwsr-x   2 root     mailman   512 Dec 28 13:07 icons
>drwxrwsr-x   6 mailman  mailman   512 Dec 28 15:45 lists
>drwxrwsr-x   2 root     mailman   512 Dec 29 14:00 locks
>drwxrwsr-x   2 mailman  mailman   512 Dec 29 09:04 logs
>drwxrwsr-x   2 root     mailman   512 Dec 28 13:07 mail
>drwxrwsr-x  37 root     mailman   512 Dec 28 13:07 messages
>drwxrwsr-x   5 root     mailman   512 Dec 28 13:07 pythonlib
>drwxrwsr-x  11 mailman  mailman   512 Dec 28 15:54 qfiles
>drwxrwsr-x   2 root     mailman   512 Dec 28 13:07 scripts
>drwxrwsr-x   2 root     mailman   512 Dec 28 13:07 spam
>drwxrwsr-x  38 root     mailman   512 Dec 28 13:07 templates
>drwxrwsr-x   4 root     mailman   512 Dec 28 13:07 tests
>dns1# cd archives
>dns1# ls -l
>total 4
>drwxrws---  10 www  www  512 Dec 28 15:45 private


The owner of archives/private needs to be the user the web server runs
as. I would think that would be 'www', but then I don't understand why
public archive access doesn't work.

See <http://www.list.org/mailman-install/node9.html> for info on
archives/private. Normally, it is o+x, but if not, it needs to be
owned by the web server user but still group mailman.

check_perms should fix a lot of this, but you may also need to do

chggrp -R mailman /usr/local/mailman/archives/

and possibly

for d in `find /usr/local/mailman/archives/ -type d -print` ; do
   chmod g+s $d
done

With the ownership and permissions you have here, Mailman shouldn't be
able to even store anything in the archives.

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

More information about the Mailman-Users mailing list