[Mailman-Users] mailman user password
mark at msapiro.net
Sun Aug 2 16:05:51 CEST 2009
tanstaafl at libertytrek.org wrote:
>Is the mailman user supposed to be passwordless?
It doesn't matter. It's up to you and your own policy.
>I know I'm running a non vanilla version, but my question is mostly
>generic I think...
>Currently, the init script contains:
>su - mailman -c '/bin/mailmanctl -s start' >/dev/null 2>&1
This is the real issue. mailmanctl should always be run by root. Your
init script should just contain
/bin/mailmanctl -s start >/dev/null 2>&1
without the su - mailman
>When I do this from a non-root account:
>myuser at myhost ~ $ su - mailman -c '/bin/mailmanctl -s start' >/dev/null 2>&1
>I see this in the log:
>myhost su: pam_unix(su:auth): authentication failure;
>logname=myuser uid=1001 euid=0 tty=pts/2 ruser=myuser rhost= user=mailman
>myhost su: pam_authenticate: Authentication failure
>myhost su: FAILED su for mailman by myuser
>myhost su: - pts/2 myuser:mailman
>My problem is I don't know how this works/is supposed to work. Is
>mailmans passwd supposed to be empty/blank? That seems like a bad idea,
>but if not, how is it supposed to start without giving the password for
>the mailman account somehow?
You're supposed to start it as root. Unprivileged users aren't supposed
to be able to start, stop, restart Mailman.
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the Mailman-Users