Bill Honneus (honneus) wrote:
I'm a little confused about something regarding setting up Mailman to run using Sendmail. The following are instructions for how to create the mailman user. My first question is, why is the user created with no shell and no home? The documentation does not explain the reason why this is needed.
Because Mailman doesn't need the shell or the home directory, and they pose a potential security risk if they are present. So, leave them out and you avoid the potential security risk.
First, I don't see how to login or sudo as mailman if the user is set up without a shell.
Neither sudo nor a plain "su" need to have a shell for the user. All you're changing is your effective UID (EUID), but the rest of your environment comes from your real UID that you used to log in with.
Second, both steps refer to a home directory that does not exist if the user is set up with no home.
You're confusing the root of the directory structure where the Mailman code is installed with the /etc/passwd concept of "home directory". You can have /usr/local/mailman be the root of the directory structure for Mailman (and called the "Mailman home directory"), without having a home directory specified in /etc/passwd for this user.
Yes, this can be confusing.
In other words, the instructions seem to contradict the basic instruction for how to set up the mailman user.
In the alternative, you could go ahead and list this directory as the home directory in /etc/passwd, but doing that doesn't really buy you anything from the security or systems operations standpoint.
Please help me better understand what is needed here.
Hope this helps. -- Brad Knowles <[EMAIL PROTECTED]> LinkedIn Profile: <http://tinyurl.com/y8kpxu> ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp