[Mailman-Users] Permissions on public archives (apache 403)

Todd Zullinger tmz at pobox.com
Fri May 26 20:03:40 CEST 2006

Hash: SHA1

Michael Berkowski wrote:
>> What are the permissions on /var/lib/mailman? Are you running
>> SeLinux or any other 'extra' access controls?
> SELinux is running and /var/lib/mailman looks like:
> drwxrwsr-x   9 mailman mailman 4096 Apr 17 15:17 mailman

With SELinux, you also often want to see the security context.  The -Z
option to ls does this.  On my FC5 system, /var/lib/mailman has:

drwxrwsr-x  root     mailman  system_u:object_r:mailman_data_t /var/lib/mailman/

And to check if SELinux is the reason you're getting errors, you need
to look in /var/log/messages (or /var/log/audit/audit.log if the audit
daemon is installed)

Of course, reading the avc denial messages is the kind of black voodoo
that makes Apache's mod_rewrite look like it was written for 5 year
olds. :)

When I'm in doubt, I turn off SELinux and try the action I was having
problems with.  If it works you found you problem.  From there you'd
have to modify the SELinux policy or file a bug to have that done.
I've only just started toying with it, so I'm a long way from knowing
how to modify policy properly.  Anyway, you can use setenforce 0 to
turn off selinux temporarily if you want to check that.

- -- 
Todd        OpenPGP -> KeyID: 0xD654075A | URL: www.pobox.com/~tmz/pgp
Ever notice that even the busiest people are never too busy to tell
you just how busy they are?

Version: GnuPG v1.4.3 (GNU/Linux)
Comment: When crypto is outlawed bayl bhgynjf jvyy unir cevinpl.


More information about the Mailman-Users mailing list