Mailman GID problem
Paul Schmehl
pauls at utdallas.edu
Sat Apr 21 05:47:03 UTC 2007
--On April 20, 2007 11:59:46 PM -0500 Jeffrey Goldberg
<jeffrey at goldmark.org> wrote:
>
> I am fairly confident that if that is working for you, than you are not
> running with /usr/local/mailman/mail/mailman that was compiled with the
> current port with the postfix option set. The binary mailman has a gid
> compiled into it. Given the current port WITH_POSTFIX.
>
bash-2.05b# uname -a
FreeBSD mail.stovebolt.com 5.4-SECURITY FreeBSD 5.4-SECURITY #0: Tue Apr
18 06:15:11 UTC 2006
bash-2.05b# pkg_info mailman*
Information for mailman-2.1.9_1:
bash-2.05b# less /usr/ports/mail/mailman/distinfo
MD5 (mailman/mailman-2.1.9.tgz) = dd51472470f9eafb04f64da372444835
SHA256 (mailman/mailman-2.1.9.tgz) =
1b7a2c853c21bfd22205167dc3678c634a3f981721d95d1cd923ca84967cc986
SIZE (mailman/mailman-2.1.9.tgz) = 7829201
Looks like I'm current. I build everything from ports. I've never
installed a package. Ever.
> Installing the current port WITH_POSTFIX will produce a mailman binary
> which will only allow itself to be run by "nobody". Yours must have
> "mailman" compiled in where "nobody" is in what I (and David) get.
>
> [jeffrey at dobby /usr/local/mailman/mail]$ strings mailman | tail
> leave
> post
> owner
> request
> unsubscribe
> Mailman mail-wrapper
> nobody
> Illegal command: %s
> Usage: %s program [args...]
> $FreeBSD: src/lib/csu/i386-elf/crtn.S,v 1.6 2005/05/19 07:31:06 dfr Exp $
>
bash-2.05b# strings /usr/local/mailman/mail/mailman | tail
join
leave
post
owner
request
unsubscribe
Mailman mail-wrapper
Illegal command: %s
Usage: %s program [args...]
$FreeBSD: src/lib/csu/i386-elf/crtn.S,v 1.5 2002/05/15 04:19:49 obrien Exp
$
>
> What is your result on your system? If you get "mailman" where I have
> "nobody" then one of my earlier suggestions (change MAIL_GID for the
> postfix setting from "nobody" to "mailman" in the port Makefile) may be
> the right thing. That is what is most consistent with the mailman
> install instructions.
>
bash-2.05b# strings /usr/local/mailman/mail/mailman | grep nobody
bash-2.05b# strings /usr/local/mailman/mail/mailman | grep mailman
/usr/local/mailman
/usr/local/mailman/scripts/
> From /usr/local/share/doc/mailman/mailman-install.txt
>
> In section 6.1.1 Integrating Postfix and Mailman
>
>
> * When you configure Mailman, use the --with-mail-gid=mailman
> switch;
>
> However, the current ports Makefile compiles mailman
> --with-mail-gid=nobody
>
I don't build mailman that way. I use pkgtools.conf.
bash-2.05b# grep -C2 mailman /usr/local/etc/pkgtools.conf
MAKE_ARGS = {
# Preset mailman so it will compile with the right group
'mail/mailman' => 'MAIL_GID=mailman'
}
> The same section also says
>
> Make sure that the owner of the data/aliases and data/aliases.db
> file is mailman, that the group owner for those files is mailman,
> or whatever user and group you used in the configure command, and
> that both files are group writable:
> % su
> % chown mailman:mailman data/aliases*
> % chmod g+w data/aliases*
>
Clearly that last part is wrong.
bash-2.05b# ls -lsa /usr/local/mailman/data/aliases*
6 -rw-r--r-- 1 root mailman 4383 Oct 14 2005
/usr/local/mailman/data/aliases
4 -rw-r----- 1 mailman mailman 3984 Sep 8 2005
/usr/local/mailman/data/aliases.bak
48 -rw-r----- 1 mailman mailman 49152 May 5 2006
/usr/local/mailman/data/aliases.db
I can't imagine why both files need to be group writeable. The only time
the file is written to (AFAIK) is when you add a mailing list, and mailman
owns the file and has write access. The only time the db is written to is
when you run postalias, and you should always run that as root, either
directly or through sudo.
>
> However it is the owner of the file containing the pipe alias that
> matters to postfix local deliveries. See local(8).
>
Why? Postfix only needs read access to know what aliases it needs to
deliver to. I don't see anything in local(8) that says postfix requires
ownership of the alias file or the aliases db.
>> There's nothing at all wrong with the check_perms script.
>
> I am coming to that conclusion. I now think that my second suggestion
> of changing the ports Makefile to set MAIL_GID to mailman instead of
> nobody when configuring for postfix is the correct direction to go.
>
Isn't that what the --with-mail-gid= is supposed to do?
>
> But I don't believe that that set-up will work with the configure
> options that get passed for compiling mailman with the current port.
>
> PORTNAME= mailman
> DISTVERSION= 2.1.9
> PORTREVISION= 1
> CATEGORIES?= mail
>
OK.
> Thus, with a bit more confidence that before I present the same Makefile
> diff I recommend:
>
> --- Makefile.orig Fri Apr 20 14:17:08 2007
> +++ Makefile Fri Apr 20 23:57:22 2007
> @@ -7,7 +7,7 @@
> PORTNAME= mailman
> DISTVERSION= 2.1.9
> -PORTREVISION= 1
> +PORTREVISION= 2
> CATEGORIES?= mail
> MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} \
> http://www.list.org/
> @@ -88,7 +88,7 @@
> .if defined(WITH_SENDMAIL) || defined(WITH_EXIM3) || defined(WITH_EXIM4)
> BROKEN= choose only one MTA integration
> .endif
> -MAIL_GID?= nobody
> +MAIL_GID?= mailman
> .endif
> .if defined(WITH_CHINESE)
>
Now that I've looked at the Makefile, you are correct. For Postfix it
selects nobody which is incorrect. It should be selecting mailman.
However, if you build the port like this: make -DWITH-MAIL-GID=mailman (or
use pkgtools.conf as I do), you override the options and the port compiles
correctly.
Paul Schmehl (pauls at utdallas.edu)
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/
More information about the freebsd-ports
mailing list