[Mailman-Users] Web interface stopped working after ubuntu update
Richard Shetron
guest2 at sgeinc.com
Thu Mar 30 10:43:15 EDT 2017
I had this problem during a ubuntu update. IIRC: I discovered that the
update changed the user/group id's of mailman from mailman:www-data to
list:list (or something like that) as it did a mailman update that
messed up the id's. It has been too long to remember the exact details.
The default ubuntu mailman install uses different permissions from a
regular mailman install from the mailman tarball. I may have removed
and then reinstalled mailman from the tarball/source. The ubuntu
mailman package was pretty old, IIRC.
I remember systemd and apparmor breaking a running system and spending
weeks fixing everything that was broken. It broke enough stuff and
caused enough problems that ubuntu has convinced me to find another *nix
distribution or even switch to bsd to get away from the disaster that is
systemd.
On 3/29/2017 3:31 PM, Nick Wyman wrote:
> Mark,
>
> Thank you for looking.
>
>> The error is "Operation not permitted". My best guess is this is
>> occurring at this point in the wrapper
>>
>> #ifdef HAVE_SETREGID
>> status = setregid(getegid(), -1);
>> if (status)
>> fatal(logident, SETREGID_FAILURE, "%s", strerror(errno));
>> #endif /* HAVE_SETREGID */
>
> Indeed this is the case. I recompiled the wrapper with this code block disabled and the web interface functioned again.
>
> Note that the mailman user and group are "list" while apache runs as user and group "www-data".
>
>>
>> Do other CGIs (e.g. admin, admindb, private, options) fail the same way.
>
> Yes, all the cgi-bin executables return the same error message.
>
>>
>> There should at least be something logged in /var/log/apache2/error.log
>> or wherever the error log is for the vhost. There is a 'syslog' call in
>> the wrapper, but it only writes the "Operation not permitted" message
>> that was displayed in the browser.
>>
>> If you can find the exit status of the wrapper in the apache log, those
>> codes are defined as
>>
>> /* Exit codes, so it's easier to distinguish what caused fatal errors when
>> * looking at syslogs.
>> */
>> #define GROUP_MISMATCH 2
>> #define SETREGID_FAILURE 3
>> #define EXECVE_FAILURE 4
>> #define MAIL_USAGE_ERROR 5
>> #define MAIL_ILLEGAL_COMMAND 6
>> #define ADDALIAS_USAGE_ERROR 7
>> #define GROUP_NAME_NOT_FOUND 8
>
> I could not find this information in any log file. However, via print instrumentation, I have reduced the problem to the setregid call.
>
> I'm unable to explain why this command is suddenly failing.
>
>
> ------------------------------------------------------
> Mailman-Users mailing list Mailman-Users at python.org
> https://mail.python.org/mailman/listinfo/mailman-users
> Mailman FAQ: http://wiki.list.org/x/AgA3
> Security Policy: http://wiki.list.org/x/QIA9
> Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
> Unsubscribe: https://mail.python.org/mailman/options/mailman-users/guest2%40sgeinc.com
>
More information about the Mailman-Users
mailing list