Postfix and ownership of the alias file
I recently migrated all my lists to a new Solaris system running 2.1.14+patch but I'm having trouble determining who should own the aliases file and what uid/gid is used for what.
Apache httpd runs as the user httpd Mailman runs as the user mailman Postfix runs as the user postfix
I compiled with:
./configure --with-username=mailman --with-cgi-gid=httpd --with-groupname=mailman --with-mail-gid=nobody --with-var-prefix=/var/mailman --with-urlhost=list.pitt.edu --with-mailhost=list.pitt.edu
Aliases is owned by root:mailman
With this setup everything on the command line works such as bin/new_list and I can send mail to lists. What does not work is creating lists via the Web interface which gives: command failed: /usr/sbin/postalias /var/mailman/data/aliases (status: 1, Not owner)
If I change the ownership of the aliases to httpd:mailman that error goes away and I can create lists via the Web, but mail stops flowing with: Group mismatch error. Mailman expected the mail wrapper script to be executed as group "nobody", but the system's mail server executed the mail script as group "httpd". Try tweaking the mail server to run the script as group "nobody", or re-run configure, providing the command line option `--with-mail-gid=httpd'.
The postfix guys in irc said NOT to have it owned by the user postfix, so I'm confused. Who should own the aliases file? What should my --with-mail-gid be?
The errors suggest that the ownership should be httpd:mailman with --with-mail-gid=httpd, but that seems silly. I think it should be postfix:mailman and --with-mail-gid=postfix but then how would Apache, running as httpd, be able to do anything?
-- Jeff White Linux/Unix Systems Engineer University of Pittsburgh - CSSD Jaw171@pitt.edu
Jeff White wrote:
I recently migrated all my lists to a new Solaris system running 2.1.14+patch but I'm having trouble determining who should own the aliases file and what uid/gid is used for what.
Apache httpd runs as the user httpd Mailman runs as the user mailman Postfix runs as the user postfix
I compiled with:
./configure --with-username=mailman --with-cgi-gid=httpd --with-groupname=mailman --with-mail-gid=nobody --with-var-prefix=/var/mailman --with-urlhost=list.pitt.edu --with-mailhost=list.pitt.edu
Aliases is owned by root:mailman
Normally for Mailman/Postfix integration, Mailman is configured with --with-mail-gid=mailman and data/aliases.db is owned by mailman:mailman. The owner of data/aliases is not important, but the group should be 'mailman'.
With this setup everything on the command line works such as bin/new_list and I can send mail to lists. What does not work is creating lists via the Web interface which gives: command failed: /usr/sbin/postalias /var/mailman/data/aliases (status: 1, Not owner)
If I change the ownership of the aliases to httpd:mailman that error goes away and I can create lists via the Web, but mail stops flowing with: Group mismatch error. Mailman expected the mail wrapper script to be executed as group "nobody", but the system's mail server executed the mail script as group "httpd". Try tweaking the mail server to run the script as group "nobody", or re-run configure, providing the command line option `--with-mail-gid=httpd'.
Are you sure you mean 'aliases'? Normally, only the ownership of aliases.db is significant. See the DELIVERY RIGHTS section in 'man 8 local'.
-- Mark Sapiro mark@msapiro.net The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
participants (2)
-
Jeff White
-
Mark Sapiro