[Mailman-Users] Integrating mailman with Sendmail
brad at shub-internet.org
Thu May 1 17:29:55 CEST 2008
Bill Honneus (honneus) wrote:
> I'm a little confused about something regarding setting up Mailman to
> run using Sendmail. The following are instructions for how to create
> the mailman user. My first question is, why is the user created with no
> shell and no home? The documentation does not explain the reason why
> this is needed.
Because Mailman doesn't need the shell or the home directory, and they pose
a potential security risk if they are present. So, leave them out and you
avoid the potential security risk.
> First, I don't see how to login or sudo as mailman if the user is set up
> without a shell.
Neither sudo nor a plain "su" need to have a shell for the user. All you're
changing is your effective UID (EUID), but the rest of your environment
comes from your real UID that you used to log in with.
> Second, both steps refer to a home directory that does
> not exist if the user is set up with no home.
You're confusing the root of the directory structure where the Mailman code
is installed with the /etc/passwd concept of "home directory". You can have
/usr/local/mailman be the root of the directory structure for Mailman (and
called the "Mailman home directory"), without having a home directory
specified in /etc/passwd for this user.
Yes, this can be confusing.
> In other words, the
> instructions seem to contradict the basic instruction for how to set up
> the mailman user.
In the alternative, you could go ahead and list this directory as the home
directory in /etc/passwd, but doing that doesn't really buy you anything
from the security or systems operations standpoint.
> Please help me better understand what is needed here.
Hope this helps.
Brad Knowles <brad at shub-internet.org>
LinkedIn Profile: <http://tinyurl.com/y8kpxu>
More information about the Mailman-Users