[Mailman-Users] Mailman in chrooted OpenBSD

Mark Sapiro msapiro at value.net
Sat Sep 8 03:31:00 CEST 2007

Patrick Valencia wrote:
>Matter of fact, when I configure it, the DCGI_GROUP="\"www\"" and so does
>the DMAIL_GROUP.  I think it's taking the 67 as a gid and finding the group
>it belongs to.

That's right. See my other reply.

>I'm still not exactly sure how it can't see the gid when it
>goes to run the cgi script  I thought it would be able to, especially since
>the set_gid bit is enabled.


The setgid bit sets the effective group, but for security reasons the
wrapper checks the original group by resolving the original gid to a
name and seeing if that name matches what it was told to expect. If it
can't resolve the original gid to a name, it gives the error.

>Would it help if I added a /var/www/etc/group
>file with 67 mapped to 'www'?

If that would allow the wrapper to resolve gid 67 to the name "www",
then yes, that would do it.

Mark Sapiro <msapiro at value.net>       The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

More information about the Mailman-Users mailing list