[Mailman-Users] "create a new list" web interface

[Mark Sapiro]

jewel.brueggeman-makda at washburn.edu wrote:

>By diabling SELinux altogether it worked.  My only question is regarding
>what you said earlier, the working was a bit confusing for me:
>
>> > Then you need to remove any mailman aliases from /etc/aliases or
>> > whereever they were before if not
>> /usr/local/mailman/data/aliases, and
>> > run 'postalias /etc/aliases' (or wherever to update the
>> corresponding> .db file.
>
>I have alias_maps pointing to both /etc/aliases ad
>/usr/local/mailman/data/aliases.


This part is correct.
-

>Currently both alias files contain all
>of my lists.


This is not correct, but it get's complicated. The only list aliases
which are actually being used by Postfix are the ones in the file
which is mentioned first in the main.cf alias_maps directive.

Normally, you would remove all of Mailman's aliases for the mailman
list and all the other lists from /etc/aliases, but if the owner of
/etc/aliases.db is not the same (mailman?) as the owner of
/usr/local/mailman/data/aliases.db, this will break mail delivery to
Mailman, at least until you reconfigure Mailman with
--with-mail-gid=mailman and reinstall.


>So do I need to remove the "mailman" instance from the /etc/aliases file
>or all lists?  If I create a new list using the web interface it will
>should update both aliases or just the data/aliases? I apologize I am
>not understanding.


For Postfix/Mailman integration to work as intended, Mailman's aliases
(for all lists) should only be in data/aliases*. Then list creation
and deletion maintains these aliases. But, as I note above, this has
an effect on mail delivery to Mailman, because when Postfix finds an
alias which is a pipe to a command, Postfix runs that command (the
mailman/mail/mailman wrapper) as the user who owns the aliases.db file
in which it found that aliases and as the group which is that user's
primary group.

Now, if the aliases are coming from /etc/aliases.db which I suspect is
owned by root, Postfix is invoking the wrapper as root:root, and if
this is working and not giving a group mismatch error, the wrapper was
compiled with --with-mail-gid=root. If you then remove the aliases
from /etc/aliases, postfix will get them from data/aliases.db and will
run the pipe as the owner of that file and that owner's group (not the
group of the file).

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan