Re: [Mailman-Users] Permissions on Symbolic Links Files
I wrote (>>): with Mark Sapiro's comments interspersed (>):
I have on my Mailman 2.1.10 production system and my 2.1.11 test system both created from the SourceForge source and installed on Ubuntu dapper via packages I built:
mailman% ls -al /var/lib/mailman total 40 drwxrwsr-x 10 root list 4096 2007-02-28 11:11 . drwxr-xr-x 22 root root 4096 2008-04-04 13:31 .. lrwxrwxrwx 1 root root 20 2008-06-30 16:13 bin -> /usr/lib/mailman/bin lrwxrwxrwx 1 root root 21 2008-06-30 16:13 cron -> /usr/lib/mailman/cron lrwxrwxrwx 1 root root 24 2008-06-30 16:13 Mailman -> /usr/lib/mailman/Mailman lrwxrwxrwx 1 root root 24 2008-06-30 16:13 scripts -> /usr/lib/mailman/scripts <<Non-relevant lines from the "ls -al" listing have been removed.>> mailman% mailman# ls -al /usr/lib/mailman total 36 drwxr-xr-x 7 root list 4096 2007-02-28 11:11 . drwxr-xr-x 48 root root 12288 2008-06-09 12:24 .. drwxr-xr-x 2 root list 4096 2008-07-23 14:55 bin drwxr-xr-x 2 root list 4096 2008-07-23 14:55 cron drwxrwsr-x 2 root list 4096 2008-07-23 14:55 mail drwxr-xr-x 11 root list 4096 2008-07-23 14:55 Mailman drwxr-xr-x 2 root list 4096 2008-07-23 14:55 scripts mailman#
When I run check_perms it complains:
mailman# check_perms directory permissions must be 02775: /var/lib/mailman/Mailman directory permissions must be 02775: /var/lib/mailman/bin directory permissions must be 02775: /var/lib/mailman/cron directory permissions must be 02775: /var/lib/mailman/scripts Problems found: 4 Re-run as list (or root) with -f flag to fix mailman#As Mailman is running fine, I do not want to change the permissions on the symbolic links. Is this correct? I have 755 for the permissions on the real files to which the symbolic links point.
You can't change the permissions on a symlink itself anyway. Any attempt to do so will attempt to change the target.
Is check_perms reporting on the permissions of the symlinks or the permissions of the real files to which the symbolic links point?
The targets.
What problems would I see if I do not have group write not "02" on these four files?
Typically these directories are SETGID and group writable. The fact that they are not SETGID means that anything created subordinate to them will be created with the group of the creator and not the 'list' group. In practice the contents of these 4 directories are normally only read, so as long as everything is world readable, it will work.
But if you applied a patch to some .py file in the Mailman directory, Mailman processes running as group 'list' might not have permission to update the corresponding .pyc file.
I have to wonder why you are doing this with symlinks at all. It looks like what you really want is to run configure with
--prefix=/usr/lib/mailman (the default), and --with-var-prefix=/var/lib/mailman
or something similar.
When I built my Mailman 2.1.9 and .11 packages for Ubuntu dapper, I took the Ubuntu packaging and made as few changes as possible. All I wanted was that the files be placed in the correct directories for Ubuntu. I used the current source, and I removed all of the Debian/Ubuntu patches except one:
01_defaults.debian.dpatch
that makes three changes to the file Mailman/Defaults.py.in:
-IMAGE_LOGOS = '/icons/'
+IMAGE_LOGOS = '/doc/mailman/images/'
-DEFAULT_URL_PATTERN = 'http://%s/mailman/'
+DEFAULT_URL_PATTERN = 'http://%s/cgi-bin/mailman/'
-PIDFILE = os.path.join(DATA_DIR, 'master-qrunner.pid')
+PIDFILE = "/var/run/mailman/mailman.pid"
The other patch files were source changes that I did not want because they were undocumented, and I had no idea for which SourceForge code base they were written. I assumed that the SourceForge source needed no patches.
In the file
mailman-2.1.11/debian/rules
I made a few changes:
mailman# diff rules rules.original 38c38
< --with-mail-gid=list --with-cgi-gid=www-data \
--with-mail-gid=daemon --with-cgi-gid=www-data \
70,71c70 < # The following line was commented by BSFinkel 07/01/2008. < # Debian removs pythonlib in error to fix a problem.
< # rmdir debian/$(package)/var/lib/mailman/pythonlib
rmdir debian/$(package)/var/lib/mailman/pythonlib
126,128c125 < # The following line was commented by BSFinkel 07/01/2008 because < # the directory "admin" does not exist in Mailman 2.1.10 nor .11.
< # cp -a admin/www debian/mailman/usr/share/doc/$(package)/html
cp -a admin/www debian/mailman/usr/share/doc/$(package)/html
mailman#
Of course, the admin line was only commented in 2.1.11, not in 2.1.9. That rules file has two sections of code:
Makefile:
autoconf
./configure --prefix=/var/lib/$(package) --with-username=list
--with-groupname=list
--with-mail-gid=list --with-cgi-gid=www-data
--without-permcheck --with-mailhost=localhost
--with-urlhost=localhost
binary-arch: checkroot build
$(checkdir)
# rm -rf debian/mailman && install -d debian/mailman
dh_installdirs
dh_installdocs ACKNOWLEDGMENTS README* TODO BUGS NEWS FAQ
dh_installchangelogs
$(MAKE) doinstall prefix=$$(pwd)/debian/mailman/var/lib/$(package)
var_prefix=$$(pwd)/debian/mailman/var/lib/$(package)
icondir=$$(pwd)/debian/mailman/usr/share/images/mailman
ICONDIR=$$(pwd)/debian/mailman/usr/share/images/mailman
and I did not want to make any changes to the directories into which Ubuntu/Debian stores the Mailman files.
I am assuming that with a straight Debian/Ubuntu package install the same symlinks and directories that I have are present therein. Can someone who has an unmodifed Debian/Ubuntu package for Mailman confirm this? Thanks.
I ran the fixup:
mailman# check_perms directory permissions must be 02775: /var/lib/mailman/Mailman directory permissions must be 02775: /var/lib/mailman/bin directory permissions must be 02775: /var/lib/mailman/cron directory permissions must be 02775: /var/lib/mailman/scripts Problems found: 4 Re-run as list (or root) with -f flag to fix mailman# check_perms -f directory permissions must be 02775: /var/lib/mailman/Mailman (fixing) directory permissions must be 02775: /var/lib/mailman/bin (fixing) directory permissions must be 02775: /var/lib/mailman/cron (fixing) directory permissions must be 02775: /var/lib/mailman/scripts (fixing) Problems found: 4 Re-run as list (or root) with -f flag to fix mailman# !! check_perms -f No problems found mailman# ls -al /var/lib/mailman/Mailman lrwxrwxrwx 1 root root 24 2008-06-30 16:13 /var/lib/mailman/Mailman -> /usr/lib/mailman/Mailman mailman# ls -al /var/lib/mailman/bin lrwxrwxrwx 1 root root 20 2008-06-30 16:13 /var/lib/mailman/bin -> /usr/lib/mailman/bin mailman# ls -al /var/lib/mailman/cron lrwxrwxrwx 1 root root 21 2008-06-30 16:13 /var/lib/mailman/cron -> /usr/lib/mailman/cron mailman# ls -al /var/lib/mailman/scripts lrwxrwxrwx 1 root root 24 2008-06-30 16:13 /var/lib/mailman/scripts -> /usr/lib/mailman/scripts mailman# ls -ald /usr/lib/mailman/Mailman drwxrwsr-x 11 root list 4096 2008-07-23 14:55 /usr/lib/mailman/Mailman mailman# ls -ald /usr/lib/mailman/bin drwxrwsr-x 2 root list 4096 2008-07-23 14:55 /usr/lib/mailman/bin mailman# ls -ald /usr/lib/mailman/cron drwxrwsr-x 2 root list 4096 2008-07-23 14:55 /usr/lib/mailman/cron mailman# ls -ald /usr/lib/mailman/scripts drwxrwsr-x 2 root list 4096 2008-07-23 14:55 /usr/lib/mailman/scripts mailman#
Barry S. Finkel Computing and Information Systems Division Argonne National Laboratory Phone: +1 (630) 252-7277 9700 South Cass Avenue Facsimile:+1 (630) 252-4601 Building 222, Room D209 Internet: BSFinkel@anl.gov Argonne, IL 60439-4828 IBMMAIL: I1004994
Barry Finkel wrote:
126,128c125 < # The following line was commented by BSFinkel 07/01/2008 because < # the directory "admin" does not exist in Mailman 2.1.10 nor .11.
< # cp -a admin/www debian/mailman/usr/share/doc/$(package)/html
cp -a admin/www debian/mailman/usr/share/doc/$(package)/htmlmailman#
Of course, the admin line was only commented in 2.1.11, not in 2.1.9.
Between 2.1.9 and 2.1.10, all the documentation was moved from the 'code' branches to a separate branch. In 2.1.9, the doc/ directory contained primarily the LaTex source for the mailman-admin, mailman-install and mailman-member manuals and and the admin/www directory contained the HTML, Postscript, PDF and plain text versions plus the HTML (and the files from which it is generated) for the http://www.list.org/ web site.
Beginning in 2.1.10, the doc/ directory contains most of what was previously in the admin/www/ directory, the exception being the files for the http://www.list.org/ web site.
The bottom line is if you want the docs in the debian/mailman/usr/share/doc directory, you can change
cp -a admin/www debian/mailman/usr/share/doc/$(package)/html
to
cp -a doc debian/mailman/usr/share/doc/$(package)/html
instead of commenting it and the result will be similar to 2.1.9.
That rules file has two sections of code:
Makefile: autoconf ./configure --prefix=/var/lib/$(package) --with-username=list
--with-groupname=list
--with-mail-gid=list --with-cgi-gid=www-data
--without-permcheck --with-mailhost=localhost
--with-urlhost=localhost
binary-arch: checkroot build $(checkdir) # rm -rf debian/mailman && install -d debian/mailman dh_installdirs dh_installdocs ACKNOWLEDGMENTS README* TODO BUGS NEWS FAQ dh_installchangelogs $(MAKE) doinstall prefix=$$(pwd)/debian/mailman/var/lib/$(package)
var_prefix=$$(pwd)/debian/mailman/var/lib/$(package)
icondir=$$(pwd)/debian/mailman/usr/share/images/mailman
ICONDIR=$$(pwd)/debian/mailman/usr/share/images/mailman
and I did not want to make any changes to the directories into which Ubuntu/Debian stores the Mailman files.
I am assuming that with a straight Debian/Ubuntu package install the same symlinks and directories that I have are present therein. Can someone who has an unmodifed Debian/Ubuntu package for Mailman confirm this? Thanks.
I can't confirm this based on the package, but it appears from the above that everything is configured to be installed in /var/lib/mailman, but that some (but not all) of the 'PREFIX' directories are actually installed by the package in /usr/lib/mailman. If that is the case, then the symlinks are necessary.
participants (2)
-
b19141@anl.gov -
Mark Sapiro