[Mailman-Users] 'Read-only file system' when processing posts
Jesse B. Crawford
jesse at jbcrawford.us
Thu Mar 1 21:53:51 EST 2018
On 2018-03-01 12:50, Mark Sapiro wrote:
> On 03/01/2018 11:22 AM, Jesse B. Crawford wrote:
>> Yes, I can create rules by hand fine including as the mailman user.
>
>
> ???
>
> We're not talking about creating rules. We're talking about creating
> queue files in /usr/local/mailman/qfiles/in/
Sorry, this was a typo (or perhaps rather a brain-o). I mean files.
>> I've also checked the ownership and group on both aliases and the
>> virtual domain map. I'm still wondering if postfix might be using the
>> wrong user or group but I'm not sure how best to test that.
>
>
> Postfix pipes the mail to "/usr/local/mailman/mail/mailman post
> listname" as the user and primary group of the owner of the aliases.db
> file in which it finds the alias. Presumably, the group is correct or
> the wrapper at /usr/local/mailman/mail/mailman would be complaining of a
> group mismatch error, and presumably this wrapper is SETGID and
> Mailman's group so that it actually runs with Mailman's group as
> effective group.>
> Thus, the error is still a mystery to me assuming that Mailman's group
> can create files in /usr/local/mailman/qfiles/in/
Yes, I was thinking that the group must be correct since there is logic
to check that. I have also manually checked that the mailman group can
create files there.
> One thing you might check is whether Mailman can create queue entries.
> You might run as the mailman user, Mailman's
>
> bin/inject -l LISTNAME /path/to/file/containing/test/message
>
> This will create an entry in /usr/local/mailman/qfiles/in/ and Mailman's
> processing of this will remove that and make entries in
> /usr/local/mailman/qfiles/out/ and /usr/local/mailman/qfiles/archive/
> which will in turn be processed and removed. Does all this work?
This works fine, and in fact the injected test message is processed and
sent out properly. This was after suing to the mailman user, which is
only in group mailman. I've also tried from unrelated users that I
placed in the mailman group, and still had it succeed. I've also tried
running /usr/local/mailman/mail/mailman as Postfix and etc. and that's
succeeded. This seems to be something quite specific about how postfix
is invoking the script.
The one idea I've thought of so far is a chroot issue since parts of
Postfix run chrooted, but my understanding is that the 'local' delivery
is not run in a chroot, and checking the postfix master.cf bears this
out as it is marked 'n' in the chroot column. I can see from the
logs/bounces that the local delivery binary is the one that's invoking
mailman and encountering the error.
More information about the Mailman-Users
mailing list