Bug#617242: mlmmj-make-ml does not ensure correct permissions for created files and directories
> On Nov 6, 2017, at 6:52 PM, Thomas Goirand wrote: > > Clearly, that's a *specific* setup for your own use case. Let me > describe a very different setup. > > With MLMMJ, it's possible to have use foo "own" the list, and have it > dropped in his home folder. In such a setup, the user could ssh to the > mlmmj folder, and customize, with ssh, the tunables of the list. The > "home" of the list would be somewhere in /home, owned by foo:foo. In > this type of setup, there's no need for a mlmmj:mlmmj user, and the user > could manually create the cron job with "crontab -e". > > I don't think it's up to the Debian package to be opinionated. At most, > we could imagine a debconf question (with no by default) asking if we > want to do what you describe above. But I don't think we should do it > inconditionally. It’s fine that mlmmj package leaves the tasks (create user/group, etc) to sysadmin. P.S. i’d prefer to use ‘/var/spool/mlmmj’ as HOME directory of mlmmj program instead of ‘/home/XXX’ and set it’s shell to /sbin/nologin’. Zhang Huangbin, founder of iRedMail project: http://www.iredmail.org/ Time zone: GMT+8 (China/Beijing). Available on Telegram: https://t.me/iredmail
Bug#617242: [Pkg-mlmmj-devel] Bug#617242: mlmmj-make-ml does not ensure correct permissions for created files and directories
> On Nov 6, 2017, at 11:07 AM, Chris Knadle wrote: > >> I have my umask set to 0027. If I run mlmmj-make-ml with sudo, then >> this umask is inherited, and used to create all the files and >> directories for a new mailing list, which is wrong. The files and >> directories should be explicitly chmodded to the correct permissions. > > The mlmmj package in Debian doesn't come with pre-configuration for a > specific MTA, nor setting up a user for mlmmj, instead giving > administrative guidance for basic setups with various MTAs, and allowing > for more complex configurations by leaving ownership and permissions > configuration to the administrator. As far as I can tell, the specific > permissions for files in /var/spool/mlmmj/ likely differ depending on > the specific setup used. > > Do you believe there are specific permissions that always neeed to be > used regardless of specific MTA and setup? I use mlmmj with Postfix, it’s configured by following mlmmj doc[1]. *) Postfix pipes email to command 'mlmmj-receive’. Postfix doesn’t need to know any further info about the mail message itself, we’d better run ‘mlmmj-receive’ as a non-privileged user/group. In my case, it's “mlmmj:mlmmj”. *) After take over the mail message, mlmmj is the only one program who processes the message, so the directory used to store mailing lists is better to be set to owner/group “mlmmj:mlmmj” with permission 0700 (or 0770). IMO, with Postfix integration, it should be a requirement to: - create user/group “mlmmj:mlmmj” - create directory /var/spool/mlmmj, and owned by “mlmmj:mlmmj” with permission 0700. - also setup a cron job to run command “mlmmj-maintd”[2] every 2 hours. [1] http://mlmmj.org/docs/readme-postfix/ [2] http://mlmmj.org/docs/mlmmj-maintd/ Zhang Huangbin, founder of iRedMail project: http://www.iredmail.org/ Time zone: GMT+8 (China/Beijing). Available on Telegram: https://t.me/iredmail
Bug#879677: mlmmj: Help update to the latest stable release: 1.3.0
Package: mlmmj Dear Maintainer, Please help update mlmmj package to the latest stable release 1.3.0. I understand Debian package policy doesn't allow to commit new version to stable branch, so please help update it in sid/testing branch. It should be easy by just updating the version number, then download mlmmj package. I tried the upgrade process with FreeBSD ports tree this way (update version number manually, then upgrade). Thank you very much for helping and your time. :) -- System Information: Debian Release: 9.2 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-4-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages mlmmj depends on: ii debconf [debconf-2.0] 1.5.61 ii libc6 2.24-11+deb9u1 ii postfix [mail-transport-agent] 3.1.6-0+deb9u1
