Unable to access Mailman Web interface
If I browse to http://{my-node.my-domain.com}/mailman/admin, I get the following:
Bug in Mailman version 2.1.18-1
Bug in Mailman version 2.1.18-1 We're sorry, we hit a bug!
Please inform the webmaster for this site of this problem. Printing of traceback and other system information has been explicitly inhibited, but the webmaster can find this information in the Mailman error logs.
If that's supposed to be /var/log/mailman/error, the only thing in there is what I posted in my previous message. Maybe the two are related?
On Thu, 02 Jul 2015 08:24:12 -0700, you wrote:
Did that. 898 problems found! I hope I didn't break Postfix. Luckily I logged before and after in case I have to revert.
After check_perms fixed all problems, I re-ran it and got this:
Warning: Private archive directory is other-executable (o+x). This could allow other users on your system to read private archives. If you're on a shared multiuser system, you should consult the installation manual on how to fix this. No problems found
Which section should I be reading?
On 07/02/2015 09:01 AM, Steve Matzura wrote:
Check_perms only affects files and directories in Mailman's tree(s). Postfix should be unaffected.
<http://www.list.org/mailman-install/node9.html>, but the question is this. Are there users who can log in to a shell or sftp or whatever who should not have any access to private list archives? If the answer is no, o+x on /path/to/mailman/archives/private is not a problem. If the answer is yes, set it o-x and change its owner to the web server uid. If you set it o-x and don't change the owner, public archive access won't work.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
On Thu, 02 Jul 2015 16:39:36 -0700, you wrote:
Understood. Since this is really a new installation (I didn't copy archives from the old system because they're not really of any use), $prefix/archives doesn't exist yet. I'll keep the above in mind and implement it when list traffic commences on this installation.
On 07/03/2015 03:24 AM, Steve Matzura wrote:
$prefix/archives and the private/ and public/ sub-directories thereof are created on installation, and if Mailman is running there must be a 'mailman' site list and thus $prefix/archives/private/mailman/ and $prefix/archives/private/mailman.mbox/ subdirectories whether or not they contain any actual archives.
Further, If $prefix/archives/private didn't exist, check_perms would have thrown a "OSError: [Errno 2] No such file or directory:" exception instead of reporting it was o+x.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
On Fri, 03 Jul 2015 06:50:58 -0700, you wrote:
Interesting: My $prefix is /usr/lib/mailman. However, there is a /var/lib/mailman as that's where archives is. It's owned and grouped properly, and it does have the 1-bit set in the 'other' portion of its permissions mask. I can definitely fix that. But why does this all appear in /var/lib/mailman and not /usr/lib/mailman?
On 07/03/2015 03:59 PM, Steve Matzura wrote:
Mailman has two main configuration paths, $prefix for immutable code, etc. and $var_prefix for mutable data. By default, $var_prefix = $prefix, but in your case, you or the packager whose package you installed configured mailman with $prefix=/usr/lib/mailman and $var_prefix=/var/lib/mailman. This is not unusual.
I referred to $prefix rather than $var_prefix in a prior reply only because that was the term you used.
Also, please post to this list from your subscribed address <sm@noisynotes.com>. Posting from alternative addresses results in moderation delay and possible rejection or discard of your 'non-member' posts.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
On Sat, 04 Jul 2015 07:22:43 -0700, Mark wrote:
Because that's the only one I knew of. Blame Red Hat for this one. :-) I installed the package as-was from their repository. In fact, if I didn't read up on it, I'd never know what $prefix is or is meant to be, as it's neither a defined global environment variable nor symbol. No matter, that one's cleared up.
Also, please post to this list from your subscribed address
Oversight.
On 07/04/2015 08:23 AM, Steve Matzura wrote:
Because that's the only one I knew of. Blame Red Hat for this one. :-)
The RedHat/Centos package is even more complex. See the FAQ at <http://wiki.list.org/x/8486953>.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
On Sat, 04 Jul 2015 08:54:44 -0700, Mark Sapiro <mark@msapiro.net> wrote:
The RedHat/Centos package is even more complex. See the FAQ at <http://wiki.list.org/x/8486953>.
Thanks. Noted and saved for future reference.
participants (3)
-
Mark Sapiro
-
Steve Matzura
-
Steve Matzura