Hi,
Sorry if this is actually a FAQ entry -- I looked at many FAQs and on-line resources and haven't found a working solution yet.
I've been using Mailman for many years, very appreciative of the work. I am trying to move some lists to a machine running Fedora 22, with mailman 2.1.20 and apache 2.4.17, using the fedora-supplied packages.
Mailman is installed to /usr/lib/mailman, with list data in /var/lib/mailman, and there is a mailman user and group (uid = gid = 41). I migrated several lists, wiped and successfully re-made their Archives, and created a fresh list for testing called test1.
I followed the migration directions as best as possible, run check_perms -f, and the files in /usr/lib/mailman/cgi-bin are set g+s. The files in /var/lib/mailman/lists/test1 have group=mailman.
I can subscribe and manage all the groups through the web interface, and mail sent to to 'test1' group works, but the archives are not created. /var/log/mailman/error shows
Jan 14 11:35:01 2016 (9055) Archive file access failure: /var/lib/mailman/archives/private/test1.mbox/test1.mbox [Errno 13] Permission denied: '/var/lib/mailman/archives/private/test1.mbox/test1.mbox' Jan 14 11:35:01 2016 (9055) Uncaught runner exception: [Errno 13] Permission denied: '/var/lib/mailman/archives/private/test1.mbox/test1.mbox' Jan 14 11:35:01 2016 (9055) Traceback (most recent call last): File "/usr/lib/mailman/Mailman/Queue/Runner.py", line 119, in _oneloop self._onefile(msg, msgdata) File "/usr/lib/mailman/Mailman/Queue/Runner.py", line 190, in _onefile keepqueued = self._dispose(mlist, msg, msgdata) File "/usr/lib/mailman/Mailman/Queue/ArchRunner.py", line 73, in _dispose mlist.ArchiveMail(msg) File "/usr/lib/mailman/Mailman/Archiver/Archiver.py", line 200, in ArchiveMail self.__archive_to_mbox(msg) File "/usr/lib/mailman/Mailman/Archiver/Archiver.py", line 169, in __archive_to_mbox mbox = self.__archive_file(afn) File "/usr/lib/mailman/Mailman/Archiver/Archiver.py", line 157, in __archive_file return Mailbox.Mailbox(open(afn, 'a+')) IOError: [Errno 13] Permission denied: '/var/lib/mailman/archives/private/test1.mbox/test1.mbox'
Jan 14 11:35:01 2016 (9055) SHUNTING: 1452792899.410995+4ddf5a7718ff13c171a78e27a2caaf5429312510
I get similar errors if I manually run mailman/bin/unshunt.
Apache does load mod_suexec.so, but (as far as I can tell) it's not used anywhere.
I've tried making the permissions on the files and directories /var/lib/mailman/ very liberal, but still see problems either with the mbox file or (from other, existing lists that have been migrated) with 'config.pck.tmp.SERVERNAME...', and the mail is not even sent.
Any suggestions on what to try or how to better diagnose the problem? Is there a known issue with the fedora packages that suggest using a source build of Mailman or Apache?
Thanks very much for any suggestions,
--Matt Newville
On 01/14/2016 12:06 PM, Matt Newville wrote:
So ArchRunner can't write to /var/lib/mailman/archives/private/test1.mbox/test1.mbox.
Apache does load mod_suexec.so, but (as far as I can tell) it's not used anywhere.
This would only affect web accesses in any case.
What are the owner, group and mode on every directory and the file in the path /var/lib/mailman/archives/private/test1.mbox/test1.mbox and every directory in the path /var/lib/mailman/lists/listname and the config.pck* files for the other list names with config.pck.* problems?
And is ArchRunner and the other runners running as the 'mailman' user.
I'm not aware of anything specific.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Hi Mark,
Thanks very much for the reply. The Runner programs did have mailman as their user and group. Following the clue given by the quote in your signature, what I "gathered from coincidence" was that the system had SELinux set to enforcing, but that there was no SELinux rule to allow the mailman scripts to be run from httpd process.
Archiving is now working happily. Thanks again!
--Matt
On Fri, Jan 15, 2016 at 12:01 AM, Mark Sapiro <mark@msapiro.net> wrote:
On 01/15/2016 08:36 AM, Matt Newville wrote:
I tend to forget about that, but yes, SELinux is often the cause of mysterious lack of permissions. I have added this brief FAQ <http://wiki.list.org/x/17891944>.
Archiving is now working happily. Thanks again!
Good!
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
On 01/14/2016 12:06 PM, Matt Newville wrote:
So ArchRunner can't write to /var/lib/mailman/archives/private/test1.mbox/test1.mbox.
Apache does load mod_suexec.so, but (as far as I can tell) it's not used anywhere.
This would only affect web accesses in any case.
What are the owner, group and mode on every directory and the file in the path /var/lib/mailman/archives/private/test1.mbox/test1.mbox and every directory in the path /var/lib/mailman/lists/listname and the config.pck* files for the other list names with config.pck.* problems?
And is ArchRunner and the other runners running as the 'mailman' user.
I'm not aware of anything specific.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Hi Mark,
Thanks very much for the reply. The Runner programs did have mailman as their user and group. Following the clue given by the quote in your signature, what I "gathered from coincidence" was that the system had SELinux set to enforcing, but that there was no SELinux rule to allow the mailman scripts to be run from httpd process.
Archiving is now working happily. Thanks again!
--Matt
On Fri, Jan 15, 2016 at 12:01 AM, Mark Sapiro <mark@msapiro.net> wrote:
On 01/15/2016 08:36 AM, Matt Newville wrote:
I tend to forget about that, but yes, SELinux is often the cause of mysterious lack of permissions. I have added this brief FAQ <http://wiki.list.org/x/17891944>.
Archiving is now working happily. Thanks again!
Good!
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
participants (2)
-
Mark Sapiro -
Matt Newville