Néstor Díaz Valencia wrote: > >I think this may have show up several times, but it looks like I can't >find a definitive reason why Mailman web interface cannot be run as >another user, other than www-data. > >In this case is an Ubuntu system 10.04 and we are deploying a server >where each host is inside a user, apache is serving the host with that >user identity and a proxy properly redirects requests. > >So, mailman web interface should be served by apache as user "mymailman" >and scripts reports that is not possible we must use "www-data".
You are encountering a group mismatch error. See the FAQ at <http://wiki.list.org/x/tYA9> for a more detailed explanation. Basically, The Mailman CGI web interface makes use of compiled binary wrappers in Mailman's cgi-bin directory which are group 'mailman' and SETGID so that the various CGI scripts run with effective group mailman. As a security measure, these wrappers are compiled to expect to be invoked by a process with a specific group id, in your case www-data, and will not run if invoked with a different group. If you install Mailman from source, you can set the expected group with the --with-cgi-gid= option to configure. Debian/Ubuntu may or may not provide a package specific way to do this for their Mailman package. The bottom line is for a single set of Mailman cgi-bin wrappers, they must always be invoked as the same group, but for standard GNU Mailman at least, that can be any group you want. One possible workaround for you is to set the primary group for your "mymailman" user(s) to www-data. If your "hosts" all have their own Mailman installation or at least their own set of cgi-bin wrappers, you should be able to get the wrappers to accept whatever group you want, but I don't know specifically how this would be done in the Debian/Ubuntu package. -- Mark Sapiro <m...@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
