[Mailman-Users] Perm Hosery in 2.0rc1?
Dan Mick
Dan.Mick at West.Sun.COM
Fri Oct 27 03:05:03 CEST 2000
That looks like the Openwall Security Patch issue; hard links
are restricted in some way I don't remember. Check the list archives;
Marc Merlin has an installation procedure that works around the problem,
and has posted about it several times.
> I'm trying to set up 2.0rc1, and I can't seem to get it working. There
> seems to be a problem with permissions. I've run check_perms and it
> only bitches about the docs/ directory, which I created (for HTML docs).
> I've found, however, that I get an error when I try to use the admin CGI,
> and it leaves a lockfile in locks/ that causes any subsequent attempts
> to hang. I've found I can make modifications through the admin CGI
> if I change the owner of lists/<listname>/config.db* to nobody (the
> user&group of Apache).
>
> However, if I do that, qrunner and the other cronned jobs fails with a
> permission error. Changing the ownership to 'mailman' lets these run.
>
> I created the list as root; the install doc didn't say it needed to be
> run as 'mailman'. Also, I just tested running 'newlist' as 'mailman',
> and it still failed with a permission error.
>
> It /appears/ that the CGI needs to use mail/wrapper, but maybe Apache
> does not let CGIs run Set[UG]ID programs?
>
> What it looks to me like
>
> Here's how I installed:
>
> $ ./configure --with-mail-gid=nobody --with-cgi-gid=nobody \
> --with-cgi-ext= && make
> (As non-root, non-mailman user)
>
> # make install
>
> This is an Immunix 6.2 system, which is basically a Red Hat 6.2 system
> rebuilt with the StackGuard compiler. I've replaced Sendmail with
> Postfix. The above GIDs are correct for Postfix and Apache.
>
> Just so you don't think I'm crazy, here are some perms that seem to
> be relevant:
>
> /home/mailman/lists/test]
> # ls -l
> total 22
> -rw-rw-r-- 1 mailman mailman 1706 Oct 26 17:14 admindbpreamble.html
> -rw-rw---- 1 mailman mailman 2815 Oct 26 17:14 config.db
> -rw-rw---- 1 nobody mailman 2815 Oct 26 17:16
config.db.tmp.mithra.wirex.com.19740
> -rw-rw-r-- 1 mailman mailman 189 Oct 26 17:14 handle_opts.html
> -rw-rw-r-- 1 mailman mailman 900 Oct 26 17:14 headfoot.html
> -rw-rw-r-- 1 mailman mailman 3136 Oct 26 17:14 listinfo.html
> -rw-rw-r-- 1 mailman mailman 0 Oct 26 17:14 next-digest
> -rw-rw-r-- 1 mailman mailman 0 Oct 26 17:14 next-digest-topics
> -rw-rw-r-- 1 mailman mailman 4106 Oct 26 17:14 options.html
> -rw-rw-r-- 1 mailman mailman 1169 Oct 26 17:14 roster.html
> -rw-rw-r-- 1 mailman mailman 198 Oct 26 17:14 subscribe.html
>
> # ls -l mail
> total 33
> -rwxr-sr-x 1 root mailman 32464 Oct 26 11:35 wrapper
>
> # ls -l locks
> total 2
> -rw-rw-r-- 2 nobody mailman 52 Oct 26 2000 test.lock
> -rw-rw-r-- 2 nobody mailman 52 Oct 26 2000
test.lock.mithra.wirex.com.20052
>
> And here's the backtrace from the CGI error:
>
> Oct 26 17:53:43 2000 admin(20362):
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> admin(20362): [----- Mailman Version: 2.0rc1 -----]
> admin(20362): [----- Traceback ------]
> admin(20362): Traceback (innermost last):
> admin(20362): File "/home/mailman/scripts/driver", line 96, in run_main
> admin(20362): main()
> admin(20362): File "/home/mailman/Mailman/Cgi/admin.py", line 138, in main
> admin(20362): mlist.Save()
> admin(20362): File "/home/mailman/Mailman/MailList.py", line 842, in Save
> admin(20362): self.__save(dict)
> admin(20362): File "/home/mailman/Mailman/MailList.py", line 818, in __save
> admin(20362): os.link(fname, fname_last)
> admin(20362): OSError: [Errno 1] Operation not permitted
>
> (I'll assume you don't need the rest of it. I can send it if you do.)
>
> Wil
> --
> W. Reilly Cooley, Esq. wcooley at wirex.com
>
>
>
>
> ------------------------------------------------------
> Mailman-Users maillist - Mailman-Users at python.org
> http://www.python.org/mailman/listinfo/mailman-users
More information about the Mailman-Users
mailing list