[Mailman-Developers] Mailman 2.1.26 Security release Feb 4, 2018

Sebastian Hagedorn Hagedorn at uni-koeln.de
Wed Feb 7 16:38:00 EST 2018 

>> FWIW, I just installed 2.1.26 on a test system, and that command does
>> not work for me:
>>
>> $ mailman-config
>>  File "/usr/lib/mailman/bin/mailman-config", line 34
>>    print "mail_group:      %s" % ""mail", "postfix", "mailman",
>> "nobody", "daemon""
>>                                     
>>   ^ SyntaxError: invalid syntax
>>
>> Both that line and the following (for cgi_group) are double-quoted:
>>
>> print "cgi_group:       %s" % ""apache""
> ...
>> configure_opts: "--with-python=/usr/bin/python2.7 --without-permcheck"
>
>
>
> The issue is you're running configure --without-permcheck and you
> haven't specified --with-mail-gid and --with-cgi-gid.
>
> If you don't specify those, configure looks for an existing group for
> mail-gid from "mailman other mail daemon" and for cgi-gid from "www
> www-data nobody". If you don't specify --without-permcheck, configure
> complains if it doesn't find a group in the system from the list, but if
> you do specify --without-permcheck and configure doesn't find a group it
> uses the whole "mailman other mail daemon" and/or "www www-data nobody"
> string which causes the issue you're seeing in mailman-config.
>
> There will also be group mismatch errors in the configured wrappers in
> this case.

Hm, part of that was an artifact of running configure manually instead of 
using the SPEC file I usually use to build Mailman. With the latter and my 
"fix" I get the following:

$ mailman-config
Configuration and build information for Mailman

Mailman version: 2.1.26
Build Date:      Wed Feb  7 13:23:45 CET 2018

prefix:          /usr/lib/mailman
var_prefix:      /var/lib/mailman
mailman_user:    mailman
mailman_group:   mailman
mail_group:      mail postfix mailman nobody daemon
cgi_group:       apache

configure_opts: "--prefix=/usr/lib/mailman 
--with-var-prefix=/var/lib/mailman --with-config-dir=/etc/mailman 
--with-lock-dir=/var/lock/mailman --with-log-dir=/var/log/mailman 
--with-pid-dir=/var/run/mailman --with-queue-dir=/var/spool/mailman 
--with-python=/usr/bin/python2.7 --with-mail-gid=mail postfix mailman 
nobody daemon --with-cgi-id=apache --with-cgi-gid=apache 
--with-mailhost=localhost.localdomain --with-urlhost=localhost.localdomain 
--without-permcheck"

So it's still using --without-permcheck, but the other options are there.
--
Sebastian Hagedorn - Weyertal 121, Zimmer 2.02
Regionales Rechenzentrum (RRZK)
Universität zu Köln / Cologne University - Tel. +49-221-470-89578

More information about the Mailman-Developers mailing list