mailman web access to archives failure:

David Southwell david at vizion2000.net
Tue Dec 29 18:38:09 UTC 2009


> David Southwell wrote:
> >> David Southwell wrote:
> >> [...]
> >>
> >>> Thank you Boris
> >>>
> >>> After reading your files I changed the httpd.conf to follow your format
> >>> but it still did not work :-(.
> >>>
> >>> Here are my entries:
> >>>
> >>>
> >>> # This should be changed to whatever you set DocumentRoot to.
> >>> #
> >>> <Directory "/usr_www/virtualwebs/vizion2000.net">
> >>>     #
> >>>     # Possible values for the Options directive are "None", "All",
> >>>     # or any combination of:
> >>>     #   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI
> >>> MultiViews
> >>>     #
> >>>     # Note that "MultiViews" must be named *explicitly* --- "Options
> >>> All" # doesn't give it to you.
> >>>     #
> >>>     # The Options directive is both complicated and important.  Please
> >>> see # http://httpd.apache.org/docs/2.2/mod/core.html#options
> >>>     # for more information.
> >>>     #
> >>>     Options Indexes FollowSymLinks
> >>>
> >>>     #
> >>>     # AllowOverride controls what directives may be placed in .htaccess
> >>> files. # It can be "All", "None", or any combination of the keywords: #
> >>> Options FileInfo AuthConfig Limit
> >>>     #
> >>>     AllowOverride None
> >>>
> >>>     #
> >>>     # Controls who can get stuff from this server.
> >>>     #
> >>>     Order allow,deny
> >>>     Allow from all
> >>>
> >>> </Directory>
> >>> ScriptAlias /mailman     " /usr/local/mailman/cgi-bin"
> >>> <Directory "/usr/local/mailman/cgi-bin/">
> >>>         Options ExecCGI
> >>>         Order allow,deny
> >>>         Allow from all
> >>>      </Directory>
> >>> Alias /pipermail "/usr/local/mailman/archives/public"
> >>> <Directory "/usr/local/mailman/archives/public/">
> >>>  Options  ExecCGI FollowSymLinks
> >>>        Order allow,deny
> >>>           Allow from all
> >>> Options Indexes MultiViews
> >>>   AddDefaultCharset Off
> >>> DirectoryIndex index.html
> >>>     </Directory>
> >>> #
> >>>
> >>> Seems I am struggling with this.
> >>>
> >>> Thanks again for all your help. Lets hope I can someone can spot
> >>> something soon. These things are usually caused by a daft error on my
> >>> part!!
> >>>
> >>> David
> >>> _______________________________________________
> >>
> >> Hi David,
> >>
> >> Can you post a listing of the contents of the directory
> >> /usr/local/mailman/archives/public/?
> >>
> >> Also, please visit
> >> http://www.vizion2000.net/pipermail/bps_comp_print_reminders/ and post
> >> the request errors from httpd-error.log.
> >>
> >> Thank you,
> >> Greg
> >
> > Hi Greg
> >
> > Thanks for staying with this - here is the info you asked for:
> >
> > dns1# cd /usr/local/mailman/archives/public/
> > dns1# ls -l
> > total 0
> > lrwxr-xr-x  1 www  www  55 Dec 19 17:58 bps_comp_print_chat ->
> > /usr/local/mailman/archives/private/bps_comp_print_chat
> > lrwxr-xr-x  1 www  www  60 Dec 19 17:57 bps_comp_print_reminders ->
> > /usr/local/mailman/archives/private/bps_comp_print_reminders
> > lrwxr-xr-x  1 www  www  60 Dec 19 17:56 bps_comps_print_announce ->
> > /usr/local/mailman/archives/private/bps_comps_print_announce
> > dns1#
> >
> > error-log shows:
> > [Tue Dec 29 17:46:00 2009] [error] [client 62.49.197.50] Symbolic link
> > not allowed or link target not accessible:
> > /usr/local/mailman/archives/public/bps_comp_print_reminders
> >
> > Sudden thought I had not mentioned:
> >
> > This server is running SSL
> > (Apache/2.2.14 mod_ssl/2.2.14)
> >
> > Is there any chance that could possibly affect access to the archives??
> > Everything else works. Incidentally /usr/local/mailman/ and its
> > subdirectories are on a separate physical drive to the document root 
> > which is
> > /usr_www/virtualwebs/vizion2000.net/
> > Thanks again
> >
> > David
> 
> Hi David,
> 
> I don't think it's an issue with the version of Apache, but rather a
> permissions issue on your "private" directory.
> 
> The quickest way to determine where the problem lies is by running
> Apache inside of truss (http://bit.ly/DFWAr).  With the proper command
> line arguments, truss should reveal the cause of the "link target not
> accessible" error.
> 
> However, you can also try to figure it out by determining the uid/gid of
> your Apache processes and inspecting the permissions in the mailman
> directory hierarchy.
> 
> Type this:
> 
>     egrep '^(Group|User)' /usr/local/etc/apache22/httpd.conf
> 
> Note the results.  On my system, it prints:
> 
>     User www
>     Group www
> 
> Next, run each of the following commands in order, noting if any of the
> permissions prevent the Apache uid/gid from accessing the directory.
> 
>     ls -ld /
>     ls -ld /usr
>     ls -ld /usr/local
>     ls -ld /usr/local/mailman
>     ls -ld /usr/local/mailman/archives
>     ls -ld /usr/local/mailman/archives/private
>     ls -ld /usr/local/mailman/archives/private/bps_comp_print_reminders
> 
> My guess is that you'll find some permissions that need to be loosened
> slightly.  I'm not familiar with mailman, so I'm assuming that the web
> interface scripts run with the uid/gid of the Apache process. If they
> don't for some reason, you'll need to know their uid/gid to do this
> analysis.
>

Here-tis 
dns1# egrep '^(Group|User)' /usr/local/etc/apache22/httpd.conf
User www
Group www
dns1#  ls -ld /
drwxr-xr-x  36 root  wheel  1024 Dec 19 11:36 /
dns1#  ls -ld /
drwxr-xr-x  36 root  wheel  1024 Dec 19 11:36 /
dns1# ls -ld /usr
drwxr-xr-x  23 root  wheel  512 Dec 12 14:21 /usr
dns1# ls -ld /usr/local
drwxr-xr-x  27 root  wheel  512 Dec 15 15:54 /usr/local
dns1# ls -ld /usr/local/mailman
drwxrwsr-x  20 mailman  mailman  512 Dec 28 13:07 /usr/local/mailman
dns1# ls -ld /usr/local/mailman/archives
drwxrwsr-x  4 root  mailman  512 Dec 28 13:07 /usr/local/mailman/archives
dns1# ls -ld /usr/local/mailman/archives/private
drwxrws---  10 mailman  mailman  512 Dec 28 15:45 
/usr/local/mailman/archives/private
dns1# ls -ld /usr/local/mailman/archives/private/bps_comp_print_reminders
drwxrwsr-x  2 mailman  mailman  512 Dec 19 17:57 
/usr/local/mailman/archives/private/bps_comp_print_reminders
dns1#
david


More information about the freebsd-ports mailing list