[Mailman-Developers] mailman and AFS?

Christopher Lindsey lindsey@ncsa.uiuc.edu
Wed, 31 Mar 1999 15:36:33 -0600 (CST)

Well, I'm about to try doing some funky stuff that's going to require
source changes, etc.  But before I jump into it, I've got some 

I want to setup mailman here at NCSA and gradually start phasing
out majordomo.  Here's the current set up:

   4 mail servers
   NFS-RAID sharing mail spools, procmail recipes, etc.
   AFS (this is a common filesystem everywhere)
   8 round-robined Web servers (DocumentRoot served from AFS)

Because AFS is the only available common filesystem for both 
the mail servers and the Web servers, I'll need to setup mailman

Now for the tricky part.  AFS doesn't use standard UNIX permissions,
but instead depends on ACLs (ours uses Kerberos V for authentication).
To be able to write into the AFS space, any program or shell must
have a valid AFS token.

I can do this by creating a "keytab" file; basically, that randomizes
the password but lets me use it in shell scripts, etc.  I just need
to kinit against this file, do my operations, then do a kdestroy.

Now for my questions:

   o where should I put these calls?  I'm guessing that they should be
     in  wrapper, but do I also need to put it into every binary
     in $prefix/cgi-bin?  It appears that way...

   o am I going to run into any locking issues with multiple email and
     Web servers, or does mailman handle this?  If so, how?  AFS (like NFS)
     often has problems with flock() or fcntl() locking (so dot-locking
     is the preferred method).

   o does mailman actually do any permissions checking on files or 
     directories?  These checks would fail in AFS
Any pointers and/or answers would be appreciated.