[Mailman-Users] Group mismatch ( YES I KNOW THIS IS A FAQ BUT..)

Mark Sapiro mark at msapiro.net
Fri Jun 10 18:05:14 CEST 2011 

On 6/10/2011 2:28 AM, Peter Sørensen wrote:
> 
> When trying to make the virtual postfix/mailman integration, I ran across a post recommending to use mailman 2.1.14
> Ok - I removed the mailman package from Ubuntu , actually 2.1.13 - downloaded the 2.1.14 source
> Ran configure, make and make install all seems OK.


And you have conflated your Debian/Ubuntu package configuration and the
standard GNU Mailman configuration.


> I have added following to mm_cfg.py
> 
> ##################################################
> MTA = "Postfix"
> # Put YOUR site-specific settings below this line.
> POSTFIX_STYLE_VIRTUAL_DOMAINS = [ 'test.sdu.dk',
>                                 'some.other.domain',
>                                    ......
> 
> add_virtualhost('test.sdu.dk','test.sdu.dk'
> add_virtualhost('some.other.domain','some.other.domain')


OK


> called check_perms -f
> called genaliases
> and checked that i have the files :
> my at mls2:/usr/local/mailman$ ll data/alia*
> -rw-rw---- 1 mailman mailman 114222 2011-06-10 09:04 data/aliases
> -rw-rw---- 1 mailman mailman 172032 2011-06-10 09:04 data/aliases.db
> my at mls2:/usr/local/mailman$ ll data/virt*
> -rw-rw---- 1 mailman mailman  86149 2011-06-10 09:04 data/virtual-mailman
> -rw-rw---- 1 mailman mailman 176128 2011-06-10 09:04 data/virtual-mailman.db


OK


> Added to postfix main.cf:
> transport_maps = hash:/etc/postfix/transport

See below:


> alias_maps = hash:/etc/aliases, hash:/usr/local/mailman/data/aliases
> alias_database = hash:/etc/aliases, hash:/usr/local/mailman/data/aliases


You don't need hash:/usr/local/mailman/data/aliases in alias_database.
This only makes Postfix's newaliases command do extra work. See
<http://www.list.org/mailman-install/postfix-integration.html>.


> virtual_alias_maps = hash:/usr/local/mailman/data/virtual-mailman
> mailman_destination_recipient_limit = 1


The above, the transport maps entries below, and the mailman transport
in master.cf are for postfix-to-mailman.py delivery which is an
incompatible alternative to delivery vfia aliases and virtual maps.


> AND in transport i have entries like:
> test.sdu.dk              mailman:
> some.other.domain   mailman:
> ....
> 
> Then when trying to send a mail to a new list I get the following in mail.log
> 
> Jun 10 08:44:22 mls2 Mailman mail-wrapper: Group mismatch error.  Mailman expected the mail#012wrapper script to be executed as group "mailman", but#012the system's mail server executed the mail script as#012group "nogroup".  Try tweaking the mail server to run the#012script as group "mailman", or re-run configure, #012providing the command line option `--with-mail-gid=nogroup'.
> Jun 10 08:44:22 mls2 postfix/local[28200]: 3E460FFDF2: to=<mailman-bounces at mls2.sdu.dk>, relay=local, delay=0.03, delays=0.01/0/0/0.02, dsn=5.3.0, status=bounced (Command died with status 2: "/usr/local/mailman/mail/mailman bounces mailman". Command output: Group mismatch error.  Mailman expected the mail wrapper script to be executed as group "mailman", but the system's mail server executed the mail script as group "nogroup".  Try tweaking the mail server to run the script as group "mailman", or re-run configure,  providing the command line option `--with-mail-gid=nogroup'. )


This looks like a delivery via aliases which should work if the
ownership of data/aliases.db is as above.


> OK I go to the mailman source and recompile as suggested and get
> 
> Jun 10 07:28:29 mls2 Mailman mail-wrapper: Group mismatch error.  Mailman expected the mail#012wrapper script to be executed as group "nogroup", but#012the system's mail server executed the mail script as#012group "mailman".  Try tweaking the mail server to run the#012script as group "nogroup", or re-run configure, #012providing the command line option `--with-mail-gid=mailman'.
> Jun 10 07:28:29 mls2 postfix/local[22760]: 711C8FFD9D: to=<its at mls2.sdu.dk>, orig_to=<its at test.sdu.dk>, relay=local, delay=14, delays=14/0.02/0/0.03, dsn=5.3.0, status=bounced (Command died with status 2: "/usr/local/mailman/mail/mailman post its". Command output: Group mismatch error.  Mailman expected the mail wrapper script to be executed as group "nogroup", but the system's mail server executed the mail script as group "mailman".  Try tweaking the mail server to run the script as group "nogroup", or re-run configure,  providing the command line option `--with-mail-gid=mailman'. )


And Postfix invoking the wrapper as group 'mailman' is what should have
happened above.

Now you should reconfigure with --with-mail-gid=mailman and try again.
I'm guessing that for the first try above when Postfix invoked the
wrapper as 'nogroup', the owner of data/aliases.db was root, and somehow
in the re-configure/install process, it got changed to 'mailman' which
is what it should be.


> Permissions on mailman wrapper are:
> ll /usr/local/mailman/mail/mailman
> -rwxr-sr-x 1 root mailman 23741 2011-06-10 07:30 /usr/local/mailman/mail/mailman*
> 
> Postfix alias file has permissions:
> ll /etc/alias*
> -rw-r--r-- 1 root mailman   775 2011-06-09 15:45 /etc/aliases
> -rw-r--r-- 1 root mailman 12288 2011-06-10 07:43 /etc/aliases.db
> 
>>From what I can see,  the postfix should use the owner of the mail wrapper script and get the corresponding group and
> execute with that.


No. It uses the owner of the aliases.db file in which it found the alias
and uses that user's primary group.

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

More information about the Mailman-Users mailing list