The wrappers in /usr/lib/mailman/cgi-bin and in /usr/lib/mailman/mail should all be group mailman and SETGID as in
Indeed they are with user set to mailman:
ls -l /usr/lib/mailman/cgi-bin/ total 264 -rwxr-sr-x 1 mailman mailman 23048 Feb 12 06:54 admin -rwxr-sr-x 1 mailman mailman 23048 Feb 12 06:54 admindb -rwxr-sr-x 1 mailman mailman 23048 Feb 12 06:54 confirm -rwxr-sr-x 1 mailman mailman 23048 Feb 12 06:54 create -rwxr-sr-x 1 mailman mailman 23048 Feb 12 06:54 edithtml -rwxr-sr-x 1 mailman mailman 23048 Feb 12 06:54 listinfo -rwxr-sr-x 1 mailman mailman 23048 Feb 12 06:54 options -rwxr-sr-x 1 mailman mailman 23048 Feb 12 06:54 private -rwxr-sr-x 1 mailman mailman 23048 Feb 12 06:54 rmlist -rwxr-sr-x 1 mailman mailman 23048 Feb 12 06:54 roster -rwxr-sr-x 1 mailman mailman 23056 Feb 12 06:54 subscribe
ls -l /usr/lib/mailman/mail total 24 -rwxr-sr-x 1 mailman mailman 23176 Feb 12 06:54 mailman
ls -l /usr/lib/mailman/mail/ total 24 -rwxr-sr-x 1 mailman mailman 23176 Feb 12 06:54 mailman
ls -l /usr/lib/mailman/mail/mailman -rwxr-sr-x 1 mailman mailman 23176 Feb 12 06:54 /usr/lib/mailman/mail/mailman
Thus, this is almost certainly a SELinux issue. Try disabling SELinux. If that solves the issue and you want to enable SELinux, you'll need to review/update your SELinux Policy.
I should have mentioned it’s been disabled for quite a while: getenforce Disabled
My partial workaround so far has been to: chmod 666 /var/lib/mailman/lists/*/config.pck chattr +i /var/lib/mailman/lists/*/config.pck
Bu when trying to access ta mailing list we get the below permission errors. Note we do have mod_security and mod_evasive running but I don’t see any logs in them.
Jul 24 09:00:03 2019 (6329) SHUNTING: 1563973203.350298+066f8e1903bdcdcd8f96222e2381a43c3d952002 Jul 24 09:00:05 2019 (6326) Uncaught runner exception: [Errno 1] Operation not permitted Jul 24 09:00:05 2019 (6326) Traceback (most recent call last): File "/usr/lib/mailman/Mailman/Queue/Runner.py", line 119, in _oneloop self._onefile(msg, msgdata) File "/usr/lib/mailman/Mailman/Queue/Runner.py", line 190, in _onefile keepqueued = self._dispose(mlist, msg, msgdata) File "/usr/lib/mailman/Mailman/Queue/IncomingRunner.py", line 133, in _dispose mlist.Save() File "/usr/lib/mailman/Mailman/MailList.py", line 613, in Save self.__save(dict) File "/usr/lib/mailman/Mailman/MailList.py", line 590, in __save os.link(fname, fname_last) OSError: [Errno 1] Operation not permitted
admin(1480): [----- Mailman Version: 2.1.29 -----] admin(1480): [----- Traceback ------] admin(1480): Traceback (most recent call last): admin(1480): File "/usr/lib/mailman/scripts/driver", line 117, in run_main admin(1480): main() admin(1480): File "/usr/lib/mailman/Mailman/Cgi/admin.py", line 210, in main admin(1480): mlist.Lock() admin(1480): File "/usr/lib/mailman/Mailman/MailList.py", line 164, in Lock admin(1480): self.__lock.lock(timeout) admin(1480): File "/usr/lib/mailman/Mailman/LockFile.py", line 243, in lock admin(1480): self.__write() admin(1480): File "/usr/lib/mailman/Mailman/LockFile.py", line 422, in __write admin(1480): fp = open(self.__tmpfname, 'w') admin(1480): IOError: [Errno 13] Permission denied: '/var/lock/mailman/algs-da.lock.dsm.dsm.fordham.edu.1480.0'
Thanks for the reply!