<joyd...@infoservices.in> wrote: >On Fri, 2 Sep 2011 09:02:10 -0700 >Mark Sapiro <m...@msapiro.net> wrote: > >> J. Bakshi wrote: >> > >> >> > >> >> >regarding /var/lib/mailman/data/aliases.db permission issue; it is >already set to mailman >> >> > >> >> >-rw-rw-r-- 1 mailman mailman 12288 Sep 2 16:57 >/var/lib/mailman/data/aliases.db >> >> > >> >> >Still group 65533 which is nobody group is called !!! >> >> >> What do you get if you run >> >> sudo -u mailman /usr/lib/mailman/mail/mailman post typo3 </dev/null >> > >No error, just cursor returns
OK. So if you invoke the wrapper manually as user mailman, it doesn't complain about a group mismatch. And the owner of aliases.db is mailman, so according to the DELIVERY RIGHTS section of <http://www.postfix.org/local.8.html>, Postfix should be invoking the wrapper as mailman. Deliveries to external files and external commands are made with the rights of the receiving user on whose behalf the delivery is made. In the absence of a user context, the local(8) daemon uses the owner rights of the :include: file or alias database. When those files are owned by the superuser, delivery is made with the rights specified with the default_privs configuration parameter. Yet, Postfix is executing the pipe as 'nobody', so either it is finding the alias in some other database owned by root, or delivery is not via the 'local' transport. What is the complete log message in the Postfix log for the attempted delivery? -- Mark Sapiro <m...@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
