[Mailman-Users] Web interface stopped working after ubuntu update

[Nick Wyman]

Mark,

Thank you for looking.

> The error is "Operation not permitted". My best guess is this is
> occurring at this point in the wrapper
> 
> #ifdef HAVE_SETREGID
>         status = setregid(getegid(), -1);
>         if (status)
>                 fatal(logident, SETREGID_FAILURE, "%s", strerror(errno));
> #endif /* HAVE_SETREGID */

Indeed this is the case.  I recompiled the wrapper with this code block disabled and the web interface functioned again.

Note that the mailman user and group are "list" while apache runs as user and group "www-data".

> 
> Do other CGIs (e.g. admin, admindb, private, options) fail the same way.

Yes, all the cgi-bin executables return the same error message.

> 
> There should at least be something logged in /var/log/apache2/error.log
> or wherever the error log is for the vhost. There is a 'syslog' call in
> the wrapper, but it only writes the "Operation not permitted" message
> that was displayed in the browser.
> 
> If you can find the exit status of the wrapper in the apache log, those
> codes are defined as
> 
> /* Exit codes, so it's easier to distinguish what caused fatal errors when
>  * looking at syslogs.
>  */
> #define GROUP_MISMATCH 2
> #define SETREGID_FAILURE 3
> #define EXECVE_FAILURE 4
> #define MAIL_USAGE_ERROR 5
> #define MAIL_ILLEGAL_COMMAND 6
> #define ADDALIAS_USAGE_ERROR 7
> #define GROUP_NAME_NOT_FOUND 8

I could not find this information in any log file.  However, via print instrumentation, I have reduced the problem to the setregid call.

I'm unable to explain why this command is suddenly failing.