Group mismatch error..on Freebsd 7.2 p3 amd64
Thanks in advance for any replies.
Despite scouring the web and trying the many different solutions that seem to be offered to this problem I have be unable to fix it. Is there a way of tracing the cause in my particular instance?
The entry in maillog does not say how to tweak postfix!
Freebsd 7.2 p3 amd64 on Intel quad core
I have run /usr/local/mailman dns1# ./bin/check_perms No problems found dns1# ./bin/genaliases dns1# ls -l /etc |grep aliases -rw-r--r-- 1 root wheel 5916 Dec 27 18:14 aliases -rw-r--r-- 1 root wheel 16384 Dec 27 18:48 aliases.db -rw-r--r-- 1 root wheel 2726 Dec 27 17:52 aliases~ dns1# ls -l ./data total 58 -rw-r----- 1 mailman mailman 41 Dec 19 17:46 adm.pw -rw-rw---- 1 mailman mailman 3760 Dec 28 09:40 aliases -rw-rw---- 1 mailman mailman 16384 Dec 28 09:40 aliases.db -rw-r--r-- 1 root mailman 10 Dec 28 09:23 last_mailman_version -rw-r--r-- 1 root mailman 14100 Dec 28 09:23 sitelist.cfg -rw-rw---- 1 root mailman 3284 Dec 28 09:40 virtual-mailman -rw-rw---- 1 mailman mailman 16384 Dec 28 09:40 virtual-mailman.db
I tried to get the mail script changed to run --with-mail-gid=nobody but either I did not issue the command correctly or if I did it made no difference.! If someone could post the comand line that works on a freebsd 7.2 system which they know to be correct I will try that again.
Extract from maillog:
TEST_15
Dec 28 09:25:41 dns1 postfix/pickup[33009]: 1278934D451: uid=1001
from=david@vizion2000.net
Dec 28 09:25:41 dns1 postfix/cleanup[44509]: 1278934D451: message-
id=200912280925.41000.david@vizion2000.net
Dec 28 09:25:41 dns1 postfix/qmgr[23289]: 1278934D451:
from=david@vizion2000.net, size=3166, nrcpt=2 (queue active)
Dec 28 09:25:41 dns1 Mailman mail-wrapper: Group mismatch error. Mailman
expected the mail wrapper script to be executed as group "mailman", but the
system's mail server executed the mail script as group "nobody". Try tweaking
the mail server to run the script as group "mailman", or re-run configure,
providing the command line option --with-mail-gid=nobody'. Dec 28 09:25:41 dns1 postfix/local[44512]: 1278934D451: to=<david@vizion2000.net>, relay=local, delay=0.07, delays=0.06/0.01/0/0, dsn=2.0.0, status=sent (delivered to mailbox) Dec 28 09:25:41 dns1 postfix/local[44511]: 1278934D451: to=<bps_comps_print_announce@vizion2000.net>, relay=local, delay=0.08, delays=0.06/0.01/0/0.01, dsn=5.3.0, status=bounced (Command died with status 2: "/usr/local/mailman/mail/mailman post bps_comps_print_announce". Command output: Group mismatch error. Mailman expected the mail wrapper script to be executed as group "mailman", but the system's mail server executed the mail script as group "nobody". Try tweaking the mail server to run the script as group "mailman", or re-run configure, providing the command line option
--
with-mail-gid=nobody'. )
Dec 28 09:25:41 dns1 postfix/cleanup[44509]: 18F7434D456: message-
id=20091228092541.18F7434D456@dns1.vizion2000.net
Dec 28 09:25:41 dns1 postfix/bounce[44514]: 1278934D451: sender non-delivery
notification: 18F7434D456
Dec 28 09:25:41 dns1 postfix/qmgr[23289]: 18F7434D456: from=<>, size=5719,
nrcpt=1 (queue active)
Dec 28 09:25:41 dns1 postfix/qmgr[23289]: 1278934D451: removed
Dec 28 09:25:41 dns1 postfix/local[44512]: 18F7434D456:
to=david@vizion2000.net, relay=local, delay=0, delays=0/0/0/0, dsn=2.0.0,
status=sent (delivered to mailbox)
Dec 28 09:25:41 dns1 postfix/qmgr[23289]: 18F7434D456: removed
Thanks
David
David Southwell wrote:
Despite scouring the web and trying the many different solutions that seem to be offered to this problem I have be unable to fix it. Is there a way of tracing the cause in my particular instance?
Yes.
The entry in maillog does not say how to tweak postfix!
No, but Postfix's 'man 8 local' manpage does in the 'DELIVERY RIGHTS' paragraph.
[...]
dns1# ls -l ./data total 58 -rw-r----- 1 mailman mailman 41 Dec 19 17:46 adm.pw -rw-rw---- 1 mailman mailman 3760 Dec 28 09:40 aliases -rw-rw---- 1 mailman mailman 16384 Dec 28 09:40 aliases.db
The ownership of the above aliases.db file is what controls the group with which Postfix invokes the mail wrapper. Postfix runs the wrapper with user:group of the owner of that file. I.e. group 'mailman', but not because the file is group 'mailman'; rather because the owner of the file is 'mailman' and 'mailman's primary group is 'mailman'.
[...]
I tried to get the mail script changed to run --with-mail-gid=nobody but either I did not issue the command correctly or if I did it made no difference.! If someone could post the comand line that works on a freebsd 7.2 system which they know to be correct I will try that again.
--with-mail-gid=nobody is wrong in the first place. it would be --with-mail-gid=mailman in your case, but this is not an option to the mail wrapper. It is an option to configure in the configure/make/make install process to build and install Mailman.
If you are running a FreeBSD package, you aren't doing this process, so --with-mail-gid=mailman is not applicable in your case. The FreeBSD package probably has a way to set this, but how is a FreeBSD package question that I can't answer. However, from the below, it appears that the wrapper already expects group 'mailman' which should be correct.
Extract from maillog: [...] Dec 28 09:25:41 dns1 postfix/local[44511]: 1278934D451: to=bps_comps_print_announce@vizion2000.net, relay=local, delay=0.08, delays=0.06/0.01/0/0.01, dsn=5.3.0, status=bounced (Command died with status 2: "/usr/local/mailman/mail/mailman post bps_comps_print_announce". Command output: Group mismatch error. Mailman expected the mail wrapper script to be executed as group "mailman", but the system's mail server executed the mail script as group "nobody". Try tweaking the mail server to run the script as group "mailman", or re-run configure, providing the command line option `-- with-mail-gid=nobody'. )
This indicates that the wrapper is expecting group 'mailman' which is correct, but either 'mailman's primary group is 'nobody' which is both wrong and unlikely, or Postfix found the alias for bps_comps_print_announce in /etc/aliases.db which is owned by root so it fell back to 'default_privs'.
I suspect the latter is the explanation. There should be no Mailman aliases in /etc/aliases. Mailman will maintain them automatically in data/aliases which should be referenced in Postfix' alias_maps.
-- Mark Sapiro mark@msapiro.net The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
David Southwell wrote:
Despite scouring the web and trying the many different solutions that seem to be offered to this problem I have be unable to fix it. Is there a way of tracing the cause in my particular instance?
Yes.
The entry in maillog does not say how to tweak postfix!
No, but Postfix's 'man 8 local' manpage does in the 'DELIVERY RIGHTS' paragraph.
[...]
dns1# ls -l ./data total 58 -rw-r----- 1 mailman mailman 41 Dec 19 17:46 adm.pw -rw-rw---- 1 mailman mailman 3760 Dec 28 09:40 aliases -rw-rw---- 1 mailman mailman 16384 Dec 28 09:40 aliases.db
The ownership of the above aliases.db file is what controls the group with which Postfix invokes the mail wrapper. Postfix runs the wrapper with user:group of the owner of that file. I.e. group 'mailman', but not because the file is group 'mailman'; rather because the owner of the file is 'mailman' and 'mailman's primary group is 'mailman'.
[...]
I tried to get the mail script changed to run --with-mail-gid=nobody but either I did not issue the command correctly or if I did it made no difference.! If someone could post the comand line that works on a freebsd 7.2 system which they know to be correct I will try that again.
--with-mail-gid=nobody is wrong in the first place. it would be --with-mail-gid=mailman in your case, but this is not an option to the mail wrapper. It is an option to configure in the configure/make/make install process to build and install Mailman.
If you are running a FreeBSD package, you aren't doing this process, so --with-mail-gid=mailman is not applicable in your case. The FreeBSD package probably has a way to set this, but how is a FreeBSD package question that I can't answer. However, from the below, it appears that the wrapper already expects group 'mailman' which should be correct.
Extract from maillog:
[...]
Dec 28 09:25:41 dns1 postfix/local[44511]: 1278934D451: to=bps_comps_print_announce@vizion2000.net, relay=local, delay=0.08, delays=0.06/0.01/0/0.01, dsn=5.3.0, status=bounced (Command died with status 2: "/usr/local/mailman/mail/mailman post bps_comps_print_announce". Command output: Group mismatch error. Mailman expected the mail wrapper script to be executed as group "mailman", but the system's mail server executed the mail script as group "nobody". Try tweaking the mail server to run the script as group "mailman", or re-run configure, providing the command line option `-- with-mail-gid=nobody'. )
This indicates that the wrapper is expecting group 'mailman' which is correct, but either 'mailman's primary group is 'nobody' which is both wrong and unlikely, or Postfix found the alias for bps_comps_print_announce in /etc/aliases.db which is owned by root so it fell back to 'default_privs'.
I suspect the latter is the explanation. There should be no Mailman aliases in /etc/aliases. Mailman will maintain them automatically in data/aliases which should be referenced in Postfix' alias_maps.
OK
You were right on the ball!! I removed mailman aliases which were indeed in /etc/aliases and the problem went away..
Well done Thanks
David
participants (2)
-
David Southwell
-
Mark Sapiro