![](https://secure.gravatar.com/avatar/8b2a87c2864f47ee60be03f75610127c.jpg?s=120&d=mm&r=g)
Dear all,
please accept my apologies for re-sending my question regarding mailman and https. But since the original posting has taken place, I have neither received an answer of found any further information.
----- Forwarded message from Lukas Ruf <ruf@rawip.org> -----
I run several mailing list on various virtual hosts with mailman 2.1.2 on a Linux 2.4 server. This works just great! (Thanks to the developers!).
However, I would like to secure all administrative web-pages by https. Searching the web and <http://list.org/docs.html> has not really led me to an understanding on how to achieve this.
I would be very happy if anyone could give me either pointers or concrete hints for this problems! Thanks in advance!
PS: https for the VirtualHosts in my Apache works already fine. I tried to achieve this by inserting 'redirect permanent /mailman "https://.."' -- without the intended effect, however.
----- End forwarded message -----
Thanks in advance,
wbr, Lukas
Lukas Ruf | Wanna know anything about raw | <http://www.lpr.ch> | IP? -> <http://www.rawip.org> | eMail Style Guide: <http://www.rawip.org/style.html>|
![](https://secure.gravatar.com/avatar/d19f48f90665a9e11f86bc18f4836308.jpg?s=120&d=mm&r=g)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Lukas Ruf wrote:
Set this in mm_cfg.py:
DEFAULT_URL_PATTERN = 'https://%s/mailman/'
Then restart the qrunners and use the fix_url.py script to update existing lists. You also need to run bin/arch as well to recreate the archives if there are attachments in the archives of any lists.
And see this excellent FAQ entry:
4.29. Where can I change a list or the default URL used for the
web interface?
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq04.029.htp
There's a section on using SSL which links to another FAQ entry which has more details. Combined, these two entries should answer your question pretty well.
This doesn't work for the admin forms since the POST data doesn't get redirected.
Todd OpenPGP -> KeyID: 0xD654075A | URL: www.pobox.com/~tmz/pgp
When the people fear their government, there is tyranny; when the government fears the people, there is liberty.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) Comment: When crypto is outlawed bayl bhgynjf jvyy unir cevinpl.
iD8DBQE/wkIyuv+09NZUB1oRApoGAKDLfuvvw6va/QRIM+jdUBwC4BQzNQCcCYDH AUasajJJbdU19N6YatTdShg= =xa9M -----END PGP SIGNATURE-----
![](https://secure.gravatar.com/avatar/8b2a87c2864f47ee60be03f75610127c.jpg?s=120&d=mm&r=g)
Thanks for the answer! I have changed the settings. However, when I try running fix_url.py it does not work. I read the FAQ and googled the web...
Running fix_url.py resulted in
komsys-pc-ruf:/home/mailman/bin# ./withlist -l -r
/home/mailman/bin/fix_url.py any -u https://www.lpr.ch -v
Importing /home/mailman/bin/fix_url...
Traceback (most recent call last):
File "./withlist", line 275, in ?
main()
File "./withlist", line 247, in main
mod = __import__(module)
ImportError: No module named /home/mailman/bin/fix_url
Does anyone know what I am doing wrong???
Thanks!
wbr, Lukas
Lukas Ruf | Wanna know anything about raw | <http://www.lpr.ch> | IP? -> <http://www.rawip.org> | eMail Style Guide: <http://www.rawip.org/style.html>|
![](https://secure.gravatar.com/avatar/d19f48f90665a9e11f86bc18f4836308.jpg?s=120&d=mm&r=g)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Lukas Ruf wrote:
I'll take a stab at it even though I should know better than to answer anything at this ungodly hour...
I think you just need to change your withlist invocation to:
./withlist -l -r fix_url any -u www.lpr.ch -v
I'm assuming that 'any' is a real list name. If it's not and you just want to run this for all lists, then the -a/--all option for withlist might be what you want. The reason you just use fix_url instead of the full path to the fix_url script is that the -r option to withlist wants it's argument in the form [module.]callable, not as a path to a file.
I also think you don't want to use the https:// with the -u option. You just want to use the FQDN that you would supply to add_virtualhost() in mm_cfg.py. And if www.lpr.ch is the DEFAULT_URL_HOST, you don't even need to use that option at all. You might just have it there from experimenting to see why the withlist call was failing.
Hopefully I haven't given you any really bad or incomplete information here. If so, I'll be too busy sleeping soundly now to hear you muttering my name when it doesn't work still. :)
Todd OpenPGP -> KeyID: 0xD654075A | URL: www.pobox.com/~tmz/pgp
I am willing to make the mistakes if someone else is willing to learn from them.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) Comment: When crypto is outlawed bayl bhgynjf jvyy unir cevinpl.
iD8DBQE/4Eaouv+09NZUB1oRAqN8AJ9+gLTyzZ0YhWlD2rv6FcvwLoi3gQCgqc6p lCvoyrfDanW0gUR4HH/8Kdc= =pVNv -----END PGP SIGNATURE-----
![](https://secure.gravatar.com/avatar/8b2a87c2864f47ee60be03f75610127c.jpg?s=120&d=mm&r=g)
Hi Todd,
thanks for the reply.
well, yeah ,-)
I think you just need to change your withlist invocation to:
./withlist -l -r fix_url any -u www.lpr.ch -v
this exactly did, what I expected it to do!
I'm assuming that 'any' is a real list name.
that's true.
If it's not and you just want to run this for all lists, then the -a/--all option for withlist might be what you want.
I assume this is not possible for multiple virtual domains!
ok, I understand!
I wanted https to work....
unfortunately, it isn't.
Have a good sleep! It has worked as expected ;-)
Thanks!
wbr, Lukas
Lukas Ruf | Wanna know anything about raw | <http://www.lpr.ch> | IP? -> <http://www.rawip.org> | eMail Style Guide: <http://www.rawip.org/style.html>|
![](https://secure.gravatar.com/avatar/d19f48f90665a9e11f86bc18f4836308.jpg?s=120&d=mm&r=g)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Lukas Ruf wrote:
No, I wouldn't think it would do what you wanted in that case. :)
That part gets picked up from DEFAULT_URL_PATTERN. You said later that it worked as expected, so I assume that means even the https part.
Todd OpenPGP -> KeyID: 0xD654075A | URL: www.pobox.com/~tmz/pgp
The power of accurate observation is frequently called cynicism by those who don't have it. -- George Bernard Shaw
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) Comment: When crypto is outlawed bayl bhgynjf jvyy unir cevinpl.
iD8DBQE/4K3Fuv+09NZUB1oRAgH1AKCkHXmQmWLL/I2iQfiBVxJbyBNNEwCg7cp7 2Z7vFw0bwAhj9DvTHndLetE= =VI7L -----END PGP SIGNATURE-----
![](https://secure.gravatar.com/avatar/8b2a87c2864f47ee60be03f75610127c.jpg?s=120&d=mm&r=g)
yes!
wbr, Lukas
Lukas Ruf | Wanna know anything about raw | <http://www.lpr.ch> | IP? -> <http://www.rawip.org> | eMail Style Guide: <http://www.rawip.org/style.html>|
![](https://secure.gravatar.com/avatar/d19f48f90665a9e11f86bc18f4836308.jpg?s=120&d=mm&r=g)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Lukas Ruf wrote:
Set this in mm_cfg.py:
DEFAULT_URL_PATTERN = 'https://%s/mailman/'
Then restart the qrunners and use the fix_url.py script to update existing lists. You also need to run bin/arch as well to recreate the archives if there are attachments in the archives of any lists.
And see this excellent FAQ entry:
4.29. Where can I change a list or the default URL used for the
web interface?
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq04.029.htp
There's a section on using SSL which links to another FAQ entry which has more details. Combined, these two entries should answer your question pretty well.
This doesn't work for the admin forms since the POST data doesn't get redirected.
Todd OpenPGP -> KeyID: 0xD654075A | URL: www.pobox.com/~tmz/pgp
When the people fear their government, there is tyranny; when the government fears the people, there is liberty.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) Comment: When crypto is outlawed bayl bhgynjf jvyy unir cevinpl.
iD8DBQE/wkIyuv+09NZUB1oRApoGAKDLfuvvw6va/QRIM+jdUBwC4BQzNQCcCYDH AUasajJJbdU19N6YatTdShg= =xa9M -----END PGP SIGNATURE-----
![](https://secure.gravatar.com/avatar/8b2a87c2864f47ee60be03f75610127c.jpg?s=120&d=mm&r=g)
Thanks for the answer! I have changed the settings. However, when I try running fix_url.py it does not work. I read the FAQ and googled the web...
Running fix_url.py resulted in
komsys-pc-ruf:/home/mailman/bin# ./withlist -l -r
/home/mailman/bin/fix_url.py any -u https://www.lpr.ch -v
Importing /home/mailman/bin/fix_url...
Traceback (most recent call last):
File "./withlist", line 275, in ?
main()
File "./withlist", line 247, in main
mod = __import__(module)
ImportError: No module named /home/mailman/bin/fix_url
Does anyone know what I am doing wrong???
Thanks!
wbr, Lukas
Lukas Ruf | Wanna know anything about raw | <http://www.lpr.ch> | IP? -> <http://www.rawip.org> | eMail Style Guide: <http://www.rawip.org/style.html>|
![](https://secure.gravatar.com/avatar/d19f48f90665a9e11f86bc18f4836308.jpg?s=120&d=mm&r=g)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Lukas Ruf wrote:
I'll take a stab at it even though I should know better than to answer anything at this ungodly hour...
I think you just need to change your withlist invocation to:
./withlist -l -r fix_url any -u www.lpr.ch -v
I'm assuming that 'any' is a real list name. If it's not and you just want to run this for all lists, then the -a/--all option for withlist might be what you want. The reason you just use fix_url instead of the full path to the fix_url script is that the -r option to withlist wants it's argument in the form [module.]callable, not as a path to a file.
I also think you don't want to use the https:// with the -u option. You just want to use the FQDN that you would supply to add_virtualhost() in mm_cfg.py. And if www.lpr.ch is the DEFAULT_URL_HOST, you don't even need to use that option at all. You might just have it there from experimenting to see why the withlist call was failing.
Hopefully I haven't given you any really bad or incomplete information here. If so, I'll be too busy sleeping soundly now to hear you muttering my name when it doesn't work still. :)
Todd OpenPGP -> KeyID: 0xD654075A | URL: www.pobox.com/~tmz/pgp
I am willing to make the mistakes if someone else is willing to learn from them.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) Comment: When crypto is outlawed bayl bhgynjf jvyy unir cevinpl.
iD8DBQE/4Eaouv+09NZUB1oRAqN8AJ9+gLTyzZ0YhWlD2rv6FcvwLoi3gQCgqc6p lCvoyrfDanW0gUR4HH/8Kdc= =pVNv -----END PGP SIGNATURE-----
![](https://secure.gravatar.com/avatar/8b2a87c2864f47ee60be03f75610127c.jpg?s=120&d=mm&r=g)
Hi Todd,
thanks for the reply.
well, yeah ,-)
I think you just need to change your withlist invocation to:
./withlist -l -r fix_url any -u www.lpr.ch -v
this exactly did, what I expected it to do!
I'm assuming that 'any' is a real list name.
that's true.
If it's not and you just want to run this for all lists, then the -a/--all option for withlist might be what you want.
I assume this is not possible for multiple virtual domains!
ok, I understand!
I wanted https to work....
unfortunately, it isn't.
Have a good sleep! It has worked as expected ;-)
Thanks!
wbr, Lukas
Lukas Ruf | Wanna know anything about raw | <http://www.lpr.ch> | IP? -> <http://www.rawip.org> | eMail Style Guide: <http://www.rawip.org/style.html>|
![](https://secure.gravatar.com/avatar/d19f48f90665a9e11f86bc18f4836308.jpg?s=120&d=mm&r=g)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Lukas Ruf wrote:
No, I wouldn't think it would do what you wanted in that case. :)
That part gets picked up from DEFAULT_URL_PATTERN. You said later that it worked as expected, so I assume that means even the https part.
Todd OpenPGP -> KeyID: 0xD654075A | URL: www.pobox.com/~tmz/pgp
The power of accurate observation is frequently called cynicism by those who don't have it. -- George Bernard Shaw
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) Comment: When crypto is outlawed bayl bhgynjf jvyy unir cevinpl.
iD8DBQE/4K3Fuv+09NZUB1oRAgH1AKCkHXmQmWLL/I2iQfiBVxJbyBNNEwCg7cp7 2Z7vFw0bwAhj9DvTHndLetE= =VI7L -----END PGP SIGNATURE-----
![](https://secure.gravatar.com/avatar/8b2a87c2864f47ee60be03f75610127c.jpg?s=120&d=mm&r=g)
yes!
wbr, Lukas
Lukas Ruf | Wanna know anything about raw | <http://www.lpr.ch> | IP? -> <http://www.rawip.org> | eMail Style Guide: <http://www.rawip.org/style.html>|
participants (2)
-
Lukas Ruf
-
Todd