Re: [Mailman-Users] Error on attempt to create a List in Mailman 2.1.7-15.12.1 from Mailman Web admin UI
Christian,
Your suggestion fixed the problem ! Thank You.
You have to set it to wwwrun:mailman, in order for the apache server to
have write access to it too.
It needs write access for creating lists via webinterface.
This was changed by the last update of mailman via SLES 10 updates,
therefore is a distro bug.
Bob Perez
>>>
From: Mailman Admin
To:Mark Sapiro
CC:Bob Perez ,
Date: 6/25/2012 1:24 AM
Subject: Re: [Mailman-Users] Error on attempt to create a List in Mailman
2.1.7-15.12.1 from Mailman Web admin UI
Hello Bob Perez, Hello Mark Sapiro
On 2012-06-24 15:36, Mark Sapiro wrote:
> On 6/23/2012 12:33 PM, Bob Perez wrote:
>>
>> I see the error in the log with the list name I try to create ("list1", etc)
>> admin(10317): OSError: [Errno 13] Permission denied:
>> '/var/lib/mailman/archives/private/list1.mbox'
>>
>> So looks like a permission problem. I ran ./check_perms and then check_db -
>> Did not help.
>
> What does "ls -ld /var/lib/mailman/archives/private" show?
>
> What does "ls -l /usr/lib/mailman/cgi-bin/create" (assuming that's the
> correct path to the create wrapper) show?
>
>> I think if I do a chmod 755 -R /usr/lib/mailman/ , I may break something in
>> mailman. Did not do this.
>
> Good.
>
>> I see that the user "mailman" in the "mailman group is the owner of the
>> mailman files and directories, but after running the ./check_perms now
>> "root" is the owner of the "mailman" group, however he is not a part of the
>> group, so I made him a member - Same problem, even after restaring mailman
>> with ./mailmanctl restart
>
> In general, the 'owner' of mailman's files doesn't matter. Everything is
> controlled by group permissions. All the qrunners run as group
> "mailman". The web CGI wrappers are supposed to be SETGID and group
> "mailman" so they run with effective group "mailman".
>
I fell into that too.
The problem is, that even after bin/fixurl is run, the archive directory
/var/lib/mailman/archives/private/ has owner:group = mailman:mailman .
You have to set it to wwwrun:mailman, in order for the apache server to
have write access to it too.
It needs write access for creating lists via webinterface.
This was changed by the last update of mailman via SLES 10 updates,
therefore is a distro bug.
Kind regards,
Christian Mack
--
Mailman-Users mailing list Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Error on attempt to create a List in Mailman 2.1.7-15.12.1 from Mailman Web admin UI
Mark,
What does "ls -ld /var/lib/mailman/archives/private" show?
Answer: "drwxr-x--- 6 root mailman 160 June 22 13:50
/var/lib/mailman/archives/private"
What does "ls -l /usr/lib/mailman/cgi-bin/create" (assuming that's the
correct path to the create wrapper) show?
Answer: I have no directory called "create" in the /var/lib/mailman/
directory structure
Thanks,
Bob Perez
>>>
From: Mark Sapiro
To:Bob Perez
CC:
Date: 6/24/2012 7:37 AM
Subject: Re: [Mailman-Users] Error on attempt to create a List in Mailman
2.1.7-15.12.1 from Mailman Web admin UI
On 6/23/2012 12:33 PM, Bob Perez wrote:
>
> I see the error in the log with the list name I try to create ("list1", etc)
> admin(10317): OSError: [Errno 13] Permission denied:
> '/var/lib/mailman/archives/private/list1.mbox'
>
> So looks like a permission problem. I ran ./check_perms and then check_db -
> Did not help.
What does "ls -ld /var/lib/mailman/archives/private" show?
What does "ls -l /usr/lib/mailman/cgi-bin/create" (assuming that's the
correct path to the create wrapper) show?
> I think if I do a chmod 755 -R /usr/lib/mailman/ , I may break something in
> mailman. Did not do this.
Good.
> I see that the user "mailman" in the "mailman group is the owner of the
> mailman files and directories, but after running the ./check_perms now "root"
> is the owner of the "mailman" group, however he is not a part of the group,
> so I made him a member - Same problem, even after restaring mailman with
> ./mailmanctl restart
In general, the 'owner' of mailman's files doesn't matter. Everything is
controlled by group permissions. All the qrunners run as group
"mailman". The web CGI wrappers are supposed to be SETGID and group
"mailman" so they run with effective group "mailman".
--
Mark Sapiro The highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan
--
Mailman-Users mailing list Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Error on attempt to create a List in Mailman 2.1.7-15.12.1 from Mailman Web admin UI
Stephen J. Turnbull writes: > > > The httpd doesn't need access to the archives; the mailman CGI does. > > > So the CGI wrapper should be setgid mailman. Is it? > > > > > > > Yes it is. > > Is /var/lib/mailman/archives/private/ group-writable? If not, I'm > stumped; it should be possible for the CGIs to write to it then. That should say "if *it is*, then I'm stumped. If not, we need to figure out why not, IME check_perms -f fixes that. -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Error on attempt to create a List in Mailman 2.1.7-15.12.1 from Mailman Web admin UI
Mailman Admin writes: > On 2012-06-25 09:37, Stephen J. Turnbull wrote: > > Mailman Admin writes: > > > > > The problem is, that even after bin/fixurl is run, the archive directory > > > /var/lib/mailman/archives/private/ has owner:group = mailman:mailman . > > > You have to set it to wwwrun:mailman, in order for the apache server to > > > have write access to it too. > > > > The httpd doesn't need access to the archives; the mailman CGI does. > > So the CGI wrapper should be setgid mailman. Is it? > > > > Yes it is. Is /var/lib/mailman/archives/private/ group-writable? If not, I'm stumped; it should be possible for the CGIs to write to it then. -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Error on attempt to create a List in Mailman 2.1.7-15.12.1 from Mailman Web admin UI
Hello Stephen J. Turnbull On 2012-06-25 09:37, Stephen J. Turnbull wrote: > Mailman Admin writes: > > > The problem is, that even after bin/fixurl is run, the archive directory > > /var/lib/mailman/archives/private/ has owner:group = mailman:mailman . > > You have to set it to wwwrun:mailman, in order for the apache server to > > have write access to it too. > > The httpd doesn't need access to the archives; the mailman CGI does. > So the CGI wrapper should be setgid mailman. Is it? > Yes it is. ls -ld /usr/lib/mailman/cgi-bin/ drwxr-sr-x 2 root mailman 4096 Jun 14 08:37 /usr/lib/mailman/cgi-bin/ ls -l /usr/lib/mailman/cgi-bin/ total 144 -rwxr-sr-x 1 root mailman 10832 May 18 19:18 admin -rwxr-sr-x 1 root mailman 10840 May 18 19:18 admindb -rwxr-sr-x 1 root mailman 10840 May 18 19:18 confirm -rwxr-sr-x 1 root mailman 10840 May 18 19:18 create -rwxr-sr-x 1 root mailman 10840 May 18 19:18 editarch -rwxr-sr-x 1 root mailman 10840 May 18 19:18 edithtml -rwxr-sr-x 1 root mailman 10840 May 18 19:18 listinfo -rwxr-sr-x 1 root mailman 10840 May 18 19:18 options -rwxr-sr-x 1 root mailman 10840 May 18 19:18 private -rwxr-sr-x 1 root mailman 10840 May 18 19:18 rmlist -rwxr-sr-x 1 root mailman 10840 May 18 19:18 roster -rwxr-sr-x 1 root mailman 10840 May 18 19:18 subscribe > > This was changed by the last update of mailman via SLES 10 updates, > > therefore is a distro bug. > > +1 to that, though. > Kind regards, Christian Mack -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Error on attempt to create a List in Mailman 2.1.7-15.12.1 from Mailman Web admin UI
Mailman Admin writes: > The problem is, that even after bin/fixurl is run, the archive directory > /var/lib/mailman/archives/private/ has owner:group = mailman:mailman . > You have to set it to wwwrun:mailman, in order for the apache server to > have write access to it too. The httpd doesn't need access to the archives; the mailman CGI does. So the CGI wrapper should be setgid mailman. Is it? > This was changed by the last update of mailman via SLES 10 updates, > therefore is a distro bug. +1 to that, though. -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Error on attempt to create a List in Mailman 2.1.7-15.12.1 from Mailman Web admin UI
Hello Bob Perez, Hello Mark Sapiro
On 2012-06-24 15:36, Mark Sapiro wrote:
> On 6/23/2012 12:33 PM, Bob Perez wrote:
>>
>> I see the error in the log with the list name I try to create ("list1", etc)
>> admin(10317): OSError: [Errno 13] Permission denied:
>> '/var/lib/mailman/archives/private/list1.mbox'
>>
>> So looks like a permission problem. I ran ./check_perms and then check_db -
>> Did not help.
>
> What does "ls -ld /var/lib/mailman/archives/private" show?
>
> What does "ls -l /usr/lib/mailman/cgi-bin/create" (assuming that's the
> correct path to the create wrapper) show?
>
>> I think if I do a chmod 755 -R /usr/lib/mailman/ , I may break something in
>> mailman. Did not do this.
>
> Good.
>
>> I see that the user "mailman" in the "mailman group is the owner of the
>> mailman files and directories, but after running the ./check_perms now
>> "root" is the owner of the "mailman" group, however he is not a part of the
>> group, so I made him a member - Same problem, even after restaring mailman
>> with ./mailmanctl restart
>
> In general, the 'owner' of mailman's files doesn't matter. Everything is
> controlled by group permissions. All the qrunners run as group
> "mailman". The web CGI wrappers are supposed to be SETGID and group
> "mailman" so they run with effective group "mailman".
>
I fell into that too.
The problem is, that even after bin/fixurl is run, the archive directory
/var/lib/mailman/archives/private/ has owner:group = mailman:mailman .
You have to set it to wwwrun:mailman, in order for the apache server to
have write access to it too.
It needs write access for creating lists via webinterface.
This was changed by the last update of mailman via SLES 10 updates,
therefore is a distro bug.
Kind regards,
Christian Mack
--
Mailman-Users mailing list Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Error on attempt to create a List in Mailman 2.1.7-15.12.1 from Mailman Web admin UI
On 6/23/2012 12:33 PM, Bob Perez wrote:
>
> I see the error in the log with the list name I try to create ("list1", etc)
> admin(10317): OSError: [Errno 13] Permission denied:
> '/var/lib/mailman/archives/private/list1.mbox'
>
> So looks like a permission problem. I ran ./check_perms and then check_db -
> Did not help.
What does "ls -ld /var/lib/mailman/archives/private" show?
What does "ls -l /usr/lib/mailman/cgi-bin/create" (assuming that's the
correct path to the create wrapper) show?
> I think if I do a chmod 755 -R /usr/lib/mailman/ , I may break something in
> mailman. Did not do this.
Good.
> I see that the user "mailman" in the "mailman group is the owner of the
> mailman files and directories, but after running the ./check_perms now "root"
> is the owner of the "mailman" group, however he is not a part of the group,
> so I made him a member - Same problem, even after restaring mailman with
> ./mailmanctl restart
In general, the 'owner' of mailman's files doesn't matter. Everything is
controlled by group permissions. All the qrunners run as group
"mailman". The web CGI wrappers are supposed to be SETGID and group
"mailman" so they run with effective group "mailman".
--
Mark Sapiro The highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan
--
Mailman-Users mailing list Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
[Mailman-Users] Error on attempt to create a List in Mailman 2.1.7-15.12.1 from Mailman Web admin UI
To All,
When I and a customer of mine attempt to create a List in Mailman under SLES10
in the Mailman Web admin UI, we get the below error. I have look at Google and
mailman-users list archives and cannot find a solution yet.
NOTE: If I go to /usr/lib/mailman/bin/ and execute the command ./newlist
IT WORKS FINE , but not under the web console.
I have Sendmail working with Mailman. Postfix is not an option.
NOTE: the below info, under the Error is the Mailman error log :
/var/lib/mailmain/logs/error log during the attempt to create any list from the
Mailman Webpage
I see the error in the log with the list name I try to create ("list1", etc)
admin(10317): OSError: [Errno 13] Permission denied:
'/var/lib/mailman/archives/private/list1.mbox'
So looks like a permission problem. I ran ./check_perms and then check_db - Did
not help.
I think if I do a chmod 755 -R /usr/lib/mailman/ , I may break something in
mailman. Did not do this.
I see that the user "mailman" in the "mailman group is the owner of the mailman
files and directories, but after running the ./check_perms now "root" is the
owner of the "mailman" group, however he is not a part of the group, so I made
him a member - Same problem, even after restaring mailman with ./mailmanctl
restart
I noticed that /var/lib/mailman/archives/private was owned by the "mailman"
owner, so I did a chown -R for the owner "root" that is a member of the
"mailman" group, still same error.
Thanks for your assistance,Bob Perez (bpe...@novell.com)
> ERROR <<<
Bug in Mailman version 2.1.7
We're sorry, we hit a bug!
Please inform the webmaster for this site of this problem. Printing of
traceback and other system information has been explicitly inhibited, but the
webmaster can find this information in the Mailman error logs.
< End Error >>>
>> Mailman Error log called "error"
Jun 22 12:54:38 2012 admin(10317):
admin(10317): [- Mailman Version: 2.1.7 -]
admin(10317): [- Traceback --]
admin(10317): Traceback (most recent call last):
admin(10317): File "/usr/lib/mailman/scripts/driver", line 101, in run_main
admin(10317):main()
admin(10317): File "/usr/lib/mailman/Mailman/Cgi/create.py", line 56, in main
admin(10317):process_request(doc, cgidata)
admin(10317): File "/usr/lib/mailman/Mailman/Cgi/create.py", line 190, in
process_request
admin(10317):mlist.Create(listname, owner, pw, langs, emailhost)
admin(10317): File "/usr/lib/mailman/Mailman/MailList.py", line 491, in Create
admin(10317):self.InitVars(name, admin, crypted_password)
admin(10317): File "/usr/lib/mailman/Mailman/MailList.py", line 402, in
InitVars
admin(10317):baseclass.InitVars(self)
admin(10317): File "/usr/lib/mailman/Mailman/Archiver/Archiver.py", line 96,
in InitVars
admin(10317):os.mkdir(self.archive_dir()+'.mbox', 02775)
admin(10317): OSError: [Errno 13] Permission denied:
'/var/lib/mailman/archives/private/list1.mbox'
admin(10317): [- Python Information -]
admin(10317): sys.version= 2.4.2 (#1, May 6 2011, 13:26:21)
[GCC 4.1.2 20070115 (SUSE Linux)]
admin(10317): sys.executable = /usr/bin/python
admin(10317): sys.prefix = /usr
admin(10317): sys.exec_prefix = /usr
admin(10317): sys.path = /usr
admin(10317): sys.platform= linux2
admin(10317): [- Environment Variables -]
admin(10317): HTTP_COOKIE:
mailman+admin=28020069f4bce44f7328006264346138623165646437633961613863633962646339636332373238613939396030316633;
ZNPCQ003-38343200=cec434a7
admin(10317): SERVER_SOFTWARE: Apache/2.2.3 (Linux/SUSE)
admin(10317): SCRIPT_NAME: /mailman/create
admin(10317): SERVER_SIGNATURE: Apache/2.2.3 (Linux/SUSE) Server at
bperez12.lab.novell.com Port 80
admin(10317):
admin(10317): REQUEST_METHOD: POST
admin(10317): SERVER_PROTOCOL: HTTP/1.1
admin(10317): QUERY_STRING:
admin(10317): CONTENT_LENGTH: 150
admin(10317): HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:13.0)
Gecko/20100101 Firefox/13.0.1
admin(10317): HTTP_CONNECTION: keep-alive
admin(10317): HTTP_REFERER: http://bperez12.lab.novell.com/mailman/create
admin(10317): SERVER_NAME: bperez12.lab.novell.com
admin(10317): REMOTE_ADDR: 151.155.215.15
admin(10317): SERVER_PORT: 80
admin(10317): SERVER_ADDR: 151.155.215.12
admin(10317): DOCUMENT_ROOT: /srv/www/htdocs
admin(10317): PYTHONPATH: /usr/lib/mailman
admin(10317): SCRIPT_FILENAME: /usr/lib/mailman/cgi-bin/create
admin(10317): SERVER_ADMIN: [no address given]
admin(10317): HTTP_HOST: bperez12.lab.novell.com
admin(10317): REQUEST_URI: /mailman/create
admin(10317): HTTP_ACCEPT:
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
admin(10317): GATEWAY_INTERFACE: CGI/1.1
admin(10317): REMOTE_PORT: 5161
