--On Friday, April 20, 2007 11:38:03 -0500 Jeffrey Goldberg
<[EMAIL PROTECTED]> wrote:
On Apr 20, 2007, at 10:42 AM, David Southwell wrote:
Extract from /var/maillog
Apr 20 08:24:58 dns1 Mailman mail-wrapper: Group mismatch error.
Mailman
expected the mail wrapper script to be executed as group "nobody",
but the
system's mail server executed the mail script as group "mailman". Try
tweaking the mail server to run the script as group "nobody", or re-
run
configure, providing the command line option `--with-mail-
gid=mailman'.
I've given a complementary response on the mailman-users list (to which
I'm also cc'ing this)
Nothing I say below takes away from what I said in that previous post.
The answers to the questions I've asked would have resolved this problem
long ago.
There appears to be a bug in the pkg-install file that comes with the
current mailman port. When one installs (through FreeBSD ports) mailman
selecting postfix as the MTA, the MAIL_GID correctly gets set to "nobody"
But in the pkg-install script all of the mailman files get set with
echo "---> Creating Mailman directory (/usr/local/mailman)"
(umask 002 && /bin/mkdir -p "/usr/local/mailman") || exit 1
/usr/sbin/chown -R "mailman:mailman" "/usr/local/mailman" || exit 1
/bin/chmod g+s "/usr/local/mailman" || exit 1
Which is correct for everything except for /usr/local/mailman/data which
should actually be set with
chown -R nobody:mailman /usr/local/mailman/data
I don't know enough about ports to actually find the source pkg-install
fine (the one I looked at and quoted from is after make has edited it
with sed). So I'm not certain whether the problem is in the Makefile or
in the source for the pkg-install.
I experienced the same problem David had just a few weeks ago, but I
attributed the problem (which I fixed by manually doing the chown) to me
having moved my mailman set up from one machine to another. So I thought
that I had the wrong permissions for /usr/local/mailman/data as a
consequence of the move and not because the mailman FreeBSD port was
broken.
When I saw some of David's problems I started to have some suspicions,
but I wasn't able to get enough information from him to really look at
the ownerships the port set up.
*If* what you say is true, then this should fix it:
--- pkg-install.orig Fri Apr 20 13:42:17 2007
+++ pkg-install Fri Apr 20 13:42:47 2007
@@ -43,6 +43,7 @@
(umask 002 && /bin/mkdir -p "%%MAILMANDIR%%") || exit 1
/usr/sbin/chown -R "%%USER%%:%%GROUP%%" "%%MAILMANDIR%%" || exit 1
/bin/chmod g+s "%%MAILMANDIR%%" || exit 1
+ /usr/sbin/chown -R "nobody" "%%MAILMANDIR%%/data" || exit 1
fi
;;
I haven't tested it, so use it at your own risk.
Paul Schmehl ([EMAIL PROTECTED])
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/
