(Maybe) wrong permissions on archives/private/listname/database
First of all: This problem could be occuring because I have messed things up by not being consistent in the way I upgrade Mailman. I have, from time to time, run "make install" and "make update" as root, mailman or myself. Yeah, I'm not the most organized person in the world, I know. :)
Anyway:
My Mailman is configured like this:
./configure --prefix=/local/Mailman --without-gcc
--with-python=/local/bin/python --with-cgi-gid=nobody
--with-mail-gid=mailman
My MTA pipes all the mailman stuff into /local/Mailman/mail/wrapper, running as the user "mailman" (which has default group "mailman").
For some of my lists, I have this situation:
$ ls -l archives/private/LISTNAME/ total 20 drwxrwsr-x 2 nobody mailman 512 Dec 1 16:51 1998-December -rw-rw-r-- 1 nobody mailman 939 Dec 1 16:51 1998-December.txt drwxrwsrwx 2 nobody mailman 512 Nov 13 18:26 1998-November -rw-rw-rw- 1 nobody mailman 2663 Nov 23 15:32 1998-November.txt drwxrwsrwx 2 nobody mailman 512 Oct 29 15:18 1998-October -rw-rw-rw- 1 nobody mailman 2898 Oct 29 15:18 1998-October.txt drwxrwsr-x 2 nobody mailman 512 Jan 19 14:03 1999-January -rw-rw-r-- 1 nobody mailman 2573 Jan 19 14:03 1999-January.txt drwx--S--- 2 nobody mailman 2048 Jan 19 14:03 database -rw-rw-rw- 1 nobody mailman 2246 Jan 19 14:03 index.html -rw-rw-rw- 1 nobody mailman 555 Jan 19 14:03 pipermail.pck
Are the permissions/owner on the "database" directory good? Why are some of the files world writable?
For some other lists, which seem to have set very similar archival options to the list above, the owner of the "database" directory are:
drwx--S--- 2 mailman mailman 1536 Jan 26 14:41 database
or
drwxrws--- 2 nobody mailman 1536 Jan 20 00:07 database
I suppose pipermail is running as user/group "mailman" when it does it's job, and that pipermail not getting access to the "database" directory is a bad thing, right?
Whenever I run "make update" as non-root, I get some warnings of the type:
/local/gnu/bin/install: /local/Mailman/Mailman/pythonlib/getpass.py: Permission denied Compiling /local/Mailman/Mailman/Archiver/Archiver.py ... Sorry: IOError: (13, 'Permission denied')
(which I now have fixed by chowning the necessary files/directories), and then some like this:
Listing /local/Mailman/archives/private/LISTNAME/database ... Can't list /local/Mailman/archives/private/LISTNAME/database
(which I'm not sure how to, or even *if*I*should*, fix).
So, should "make update" scream louder/suggest manual interaction when it discovers anomalies like this? Should there (somewhere) be a warning about not varying what user you run "make install" and "make update" as? And shouldn't "make update" (or something) revoke those scary world writable permission bits?
Harald
participants (1)
-
Harald Meland