[NTLUG:Discuss] Mailman weirdness

Stephen Davidson gorky at freenet.carleton.ca
Thu Nov 13 09:56:11 CST 2003 

Greg Edwards wrote:
> Stephen Davidson wrote:
> 
> 
> Ok I think we may be on to something here.
> 
> As far as ownership and permissions, mailman and sendmail don't have 
> anything in common when it comes to files.  When you setup mailman you 
> give it the gid that your MTA uses and the gid that your web server 
> uses.  Beyond that mailman just needs a valid owner/group (default 
> mailman) setting.  The mailman progs use setgid to access files while 
> running.  On disk they end up with mailman group and owner.
> 
> My config setup was
> 
> ./configure  --prefix=/server/mailman --with-mail-gid=mail 
> --with-cgi-gid=apache
> 
> I use sendmail and apache.
> 
> My /server/mailman and entire mailman top dir is
> 
> drwxrwsr-x   NN   mailman   mailman     subdir
> 
> I have my mailman directory on my mail server over an nfs mount (autofs) 
> from my webserver.  The export requires that suid be allowed.  The cgi 
> dir needs follow sym links allowed in apache.
> 
Ok, we seem to be on the right track.  This was my orignial setup (more or less).
Much of this was handled automatically by the RPM install;

/var/lib/mailman
drwxrwsr-x   NN   root   mailman     subdir

On my test machine, this seems to work perfectly.  On the deploy server, newaliases
wont parse the data directory or the aliases file when run as root.  Sendmail complained
about incorrect owner issues.  So I "played" with owners, and permissions for a while.
What I eventually came up with to allow newaliases to work was the following;

mailman at tankjr:~> groups
mailman mail trusted
steve at tankjr:~> ls -l /var/lib/mailman/
total 36
drwx------    2 mailman  mailman      4096 2003-11-10 20:46 Mail
drwxrwsr-x    4 root     mailman      4096 2003-11-07 20:29 archives
drwxrwsr-x    2 mailman  mailman      4096 2003-11-12 17:26 data
-rw-------    1 mailman  mailman       343 2003-11-10 20:47 dead.letter
drwxrwsr-x    5 root     mailman      4096 2003-11-09 08:52 lists
drwxrwsr-x    2 root     mailman      4096 2003-11-13 09:45 locks
drwxrwsr-x    2 root     mailman      4096 2003-11-11 00:32 logs
drwxrwsr-x   10 root     mailman      4096 2003-11-07 20:35 qfiles
drwxrwsr-x    2 root     mailman      4096 2003-03-17 11:46 spam

steve at tankjr:~> ls -l /var/lib/mailman/data/
total 32
-rw-rw-r--    1 mailman  mail         2335 2003-11-09 08:52 aliases
-rw-rw-r--    1 root     mail        12288 2003-11-10 21:03 aliases.db
-rw-rw-r--    1 mailman  mailman      2045 2003-11-12 17:26 heldmsg-munch-1.pck
-rw-r--r--    1 root     mail           10 2003-11-07 20:29 last_mailman_version
-rw-rw----    1 mailman  mail            6 2003-11-10 20:01 master-qrunner.pid
-rw-rw----    1 mailman  mailman      2611 2003-11-12 17:26 pending.pck

The two root owned files in the data direcctory are automatically generated by
system processes.  The other two group memberships were to allow Sendmail and
the Admin webpages to work properly.

And at this point, the lists are definately sending messages
as required.  And I can modify stuff both via command line script (after I
newgrp mail) and from the Admin webpages.  It is just the subscribe and
unsubscribe pages that don't work.

Regards,
Steve

-- 
Java/J2EE Developer/Integrator
Co-Chair, Dallas/FortWorth J2EE Sig
214-724-7741

More information about the Discuss mailing list