[Mailman-Users] Web interface stopped working after ubuntu update
Mark Sapiro
mark at msapiro.net
Wed Mar 29 16:44:26 EDT 2017
On 03/29/2017 12:31 PM, Nick Wyman wrote:
>
> Indeed this is the case. I recompiled the wrapper with this code block disabled and the web interface functioned again.
>
> Note that the mailman user and group are "list" while apache runs as user and group "www-data".
That is expected. The wrappers themselves are group "list" and SETGID.
They are compiled binaries rather than scripts so SETGID is honored.
Apache invokes the wrapper as group "www-data" so when it is invoked its
effective group is "list" and its real group is www-data which is
checked against the compiled in expected group.
All that is OK, but then the wrapper attempts to set the real GID to
that of "list". The reason for this is
/* We need to set the real gid to the effective gid because
there are
* some Linux systems which do not preserve the effective gid across
* popen() calls. This breaks mail delivery unless the
~mailman/data
* directory is chown'd to the uid that runs mail programs, and that
* isn't a viable alternative.
*/
Based on that comment, it's really only important for the mail wrapper,
but in any case, this is what is failing in your case with "Operation
not permitted". Why this would start occurring following an OS update, I
don't know. Possibly it is some apparmor config or something similar.
--
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the Mailman-Users
mailing list