Re: [Mailman-Users] mailman on freeBSD 8.2: getgrgid error
On Wednesday, August 03, 2011 02:06:50 AM Mark Sapiro wrote: > Rekhesh Mohan wrote: > >Now here is something that spoiled my sleep: I wrote a small test > >program to call getgrgid(), and it prints getgrgid()->gr_name = www. > >When I added a print statement inside common.c, I get > >getgrgid()->gr_name = null (it goes to http error log, since http > >headers are not defined at this stage of the code). > > What are the permissions on /etc/group? Is it world readable? Yes. They are world readable. By the way, I'm making some progress here :) I can now confirm that issue is with system/OS security and not with mailman. getgrgid()->gr_name returns meaningful value only if a member of "wheel" group calls it. I added my apache-user "www" to wheel group (his primary group is still www) and mailman is happy - web interface is working. I am not sure about the security implications of apache user being a member of wheel group. Need to check if this is the default behaviour of freeBSD 8.2. I am searching for a machine where I can try a fresh and clean install of freeBSD + mailman. Please let me know If anyone here has a mailman working on freeBSD 8.2 --R -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Two questions ref virtual hosts and mailman
On Tue, Aug 2, 2011 at 16:37, Mark Sapiro wrote: > Tom Browder wrote: > >>Question 1: >>= >> >>Current situation: >> ... (detailed and helpful answers...) Thanks, Mark! I'm going to jump in again! By the way, I have a Perl script and module I use to destroy and regen the lists easily while testing if anyone is interested. Best regards, -Tom Thomas M. Browder, Jr. Niceville, Florida USA -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Two questions ref virtual hosts and mailman
Tom Browder wrote:
>Question 1:
>=
>
>Current situation:
>
>
>I have now pretty much a working solution for this situation (postfix
>and mailman installed with Ubuntu packages on 64-bit 10.04 LTS (Lucid
>Lynx) :
>
> 1 server
> 1 "real" domain: realdomain.com
> 2 virtual domains: virtual-1.org
>virtual-2.org
>
>All are accessed successfully through SSL/TLS (https).
>
>Desired situation:
>
>
>I can get new lists at the virtual domains okay, but here's what I
>would like to do: change the mailing list virtual domains to:
>
> 2 virtual domains: lists.virtual-1.org # this is my default domain for
> mailman
>lists.virtual-2.org
>
>BUT present the lists to the users as, say, i...@virtual-1.org
Every list has two attributes, a web_page_url with a host name of the
web domain and a host_name which is the name of the email domain. so,
yes, you can do what you want.
In mm_cfg.py you want
DEFAULT_URL_HOST = 'lists.virtual-1.org'
DEFAULT_EMAIL_HOST = 'virtual-1.org'
add_virtualhost(DEFAULT_URL_HOST, DEFAULT_EMAIL_HOST)
add_virtualhost('lists.virtual-2.org', 'virtual-2.org')
and only if you are using Mailman/Postfix integration
MTA = 'Postfix'
POSTFIX_STYLE_VIRTUAL_DOMAINS = ['virtual-1.org', 'virtual-2.org']
If you are using postfix_to_mailman.py, you want
MTA = None
and you want both virtual-1.org and virtual-2.org mapped to the mailman
transport in transport_maps, but this won't work if you have real
users with addresses @virtual-1.org or @virtual-2.org
See the FAQ at for more info.
After making those mm_cfg.py changes, run fix_url as follows
For lists in the virtual-1.org domain (DEFAULT_*_HOST), run
bin/withlist -l -r fix_url LISTNAME
For lists in the virtual-2.org domain, run
bin/withlist -l -r fix_url LISTNAME -u lists.virtual-2.org
Following that, if you are using Mailman/Postfix integration, run
bin/genaliases
to rebuild data/mailman* and data/virtual-mailman*.
>I had some mixed success early on, but other problems intervened. Now
>that the other problems have been solved, I want to blow everything
>away and start over but only if the "Desired situation" is feasible:
>
>Question 2:
>=
>
>Can I also do this on the real domain:
>
>Create a new subdomain and mailing lists:
>
> lists.realdomain.com <= let postfix and mailman handle this as a
>virtual domain
>
>And also as desired for "Question 1,"
>
> BUT present the lists to the users as, say, n...@realdomain.com
Just add another
add_virtualhost('lists.realdomain.com', 'realdomain.com')
in mm_cfg.py and treat this like the others, except if realdomain.com
is local in Postfix and has real users, you can't use
postfix_to_mailman.py[1], and you don't add 'realdomain.com' to the
POSTFIX_STYLE_VIRTUAL_DOMAINS list.
[1] You really can still use postfix_to_mailman.py, but you can't
simply put "realdomain.com: mailman" in your transport_maps table. You
have to do things like
somel...@realdomain.com: mailman
somelist-boun...@realdomain.com: mailman
somelist-conf...@realdomain.com: mailman
(etc)
for all 10 addresses for each realdomain.com list at which point, you
are much better off using regular Mailman/Postfix integration.
--
Mark Sapiro The highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan
--
Mailman-Users mailing list Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] mailman on freeBSD 8.2: getgrgid error
Rekhesh Mohan wrote: > >Now here is something that spoiled my sleep: I wrote a small test >program to call getgrgid(), and it prints getgrgid()->gr_name = www. >When I added a print statement inside common.c, I get >getgrgid()->gr_name = null (it goes to http error log, since http >headers are not defined at this stage of the code). What are the permissions on /etc/group? Is it world readable? -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, Californiabetter use your sense - B. Dylan -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
[Mailman-Users] Two questions ref virtual hosts and mailman
Question 1: = Current situation: I have now pretty much a working solution for this situation (postfix and mailman installed with Ubuntu packages on 64-bit 10.04 LTS (Lucid Lynx) : 1 server 1 "real" domain: realdomain.com 2 virtual domains: virtual-1.org virtual-2.org All are accessed successfully through SSL/TLS (https). Desired situation: I can get new lists at the virtual domains okay, but here's what I would like to do: change the mailing list virtual domains to: 2 virtual domains: lists.virtual-1.org # this is my default domain for mailman lists.virtual-2.org BUT present the lists to the users as, say, i...@virtual-1.org I had some mixed success early on, but other problems intervened. Now that the other problems have been solved, I want to blow everything away and start over but only if the "Desired situation" is feasible: Question 2: = Can I also do this on the real domain: Create a new subdomain and mailing lists: lists.realdomain.com <= let postfix and mailman handle this as a virtual domain And also as desired for "Question 1," BUT present the lists to the users as, say, n...@realdomain.com Best regards, -Tom Thomas M. Browder, Jr. Niceville, Florida USA -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Can I use /usr/sbin/postmap myself to updatevirtual-mailman.db?
Hi Mark. What you want to run is Mailman's bin/genaliases which will completely rebuild data/aliases and data/virtual-mailman based on the lists in the installation including those you added by copying and run the relevant postalias and postmap commands to update the .db files. Excellent! That worked for me. :-) Thank you so much, ---Ulf Dunkel -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Mailman error: Forbidden: You don't have permission to access /pipermail/grads/ on this server [SOLVED]
On Tue, Aug 2, 2011 at 06:31, Tom Browder wrote: > On Sun, Jul 31, 2011 at 13:08, Mark Sapiro wrote: >> Tom Browder wrote: > ... >>>However, I, as a list user, cannot get access to the archives for a >>>list. When I try to look at the archives through the link on the >>>Welcome message I get the following: >>> >>> Forbidden >>> >>> You don't have permission to access /pipermail/grads/ on this server. >>> >>>I tried changing the example line in the mailman.conf file from: >>> >>> Alias /pipermail/ /var/lib/mailman/archives/public/ > ... >>>I have searched this list for "pipermail" but see no similar problem. >>> >>>I'm sure I've missed a note somewhere but I'm not sure how to proceed. >>> The mailman docs talk about permissions and the mailman user but >>>Ubuntu installs all mailman files with root:list ownership which seems >>>to work for all else. All the directories under /var/lib/mailman have >>>these permissions: >>> >>> drwxrwsr-x 4 root list >> >> If that includes /var/lib/mailman/archives/private, then that's OK. >> Otherwise note that /var/lib/mailman/archives/private must be o+x or >> must have user:group xxx:list where xxx is the user that the web >> server uses to access files. > > Aha, I missed the fine details of one important directory: the > archives/private directory did not have these permissions: > > drwxrwsr-x 4 root list > > Instead it had these: > > drwxrws--- 4 root list > > As root I excuted > > chmod o+xr private > > and now all works as advertised! > > Thanks a heap, Mark. I shall file a bug with Ubuntu. This is already listed in Ubuntu bugs as number #543148. I added a comment about my situation. Best regards, -Tom Thomas M. Browder, Jr. Niceville, Florida USA -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] mailman on freeBSD 8.2: getgrgid error
On 01/08/2011 Mark wrote > Rekhesh Mohan wrote: > >AFAIK, src/common.c is checking the GID with getgid() followed by > >getgrgid(). Now, my machine uses blowfish instead of md5 for passwd. > >getgid() is returning 80 - which is fine since i have gid(www) = 80 > >on my system. However, getgrgid(gid) returns null :-| I gave up my > >fight at that point and decided to ask for help :) > > This appears to be a C library/OS issue that has nothing to do with > Mailman. getgrgid(gid) should return a struct group for the group > whose ID is gid. This structure should contain the information which > is a representation of the fields in the /etc/groups record for that > gid. If gid is valid, the return from getgrgid(gid) should not be > null. You are probably right. It may be an issue in C library/OS. I will try and discuss this in freeBSD lists. > >I tried to figure out the behaviour of these functions with a small > >test code: getgrgid() returns gr_passwd = * for blowfish, and > >gr_passwd = x for md5. Is that an issue with mailman or am I making > >mistakes somewhere else in the installation? > > Mailman only cares about getgrgid()->gr_name. Now here is something that spoiled my sleep: I wrote a small test program to call getgrgid(), and it prints getgrgid()->gr_name = www. When I added a print statement inside common.c, I get getgrgid()->gr_name = null (it goes to http error log, since http headers are not defined at this stage of the code). Anyways, thanks again for your help.. --R -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Mailman error: Forbidden: You don't have permission to access /pipermail/grads/ on this server [SOLVED]
On Sun, Jul 31, 2011 at 13:08, Mark Sapiro wrote: > Tom Browder wrote: ... >>However, I, as a list user, cannot get access to the archives for a >>list. When I try to look at the archives through the link on the >>Welcome message I get the following: >> >> Forbidden >> >> You don't have permission to access /pipermail/grads/ on this server. >> >>I tried changing the example line in the mailman.conf file from: >> >> Alias /pipermail/ /var/lib/mailman/archives/public/ ... >>I have searched this list for "pipermail" but see no similar problem. >> >>I'm sure I've missed a note somewhere but I'm not sure how to proceed. >> The mailman docs talk about permissions and the mailman user but >>Ubuntu installs all mailman files with root:list ownership which seems >>to work for all else. All the directories under /var/lib/mailman have >>these permissions: >> >> drwxrwsr-x 4 root list > > If that includes /var/lib/mailman/archives/private, then that's OK. > Otherwise note that /var/lib/mailman/archives/private must be o+x or > must have user:group xxx:list where xxx is the user that the web > server uses to access files. Aha, I missed the fine details of one important directory: the archives/private directory did not have these permissions: drwxrwsr-x 4 root list Instead it had these: drwxrws--- 4 root list As root I excuted chmod o+xr private and now all works as advertised! Thanks a heap, Mark. I shall file a bug with Ubuntu. Best regards. -Tom Thomas M. Browder, Jr. Niceville, Florida USA -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
