Mailman GID problem
jeffrey at goldmark.org
Sat Apr 21 14:33:21 UTC 2007
On Apr 21, 2007, at 12:46 AM, Paul Schmehl wrote:
> Clearly that last part is wrong.
> bash-2.05b# ls -lsa /usr/local/mailman/data/aliases*
> 6 -rw-r--r-- 1 root mailman 4383 Oct 14 2005 /usr/local/
> 4 -rw-r----- 1 mailman mailman 3984 Sep 8 2005 /usr/local/
> 48 -rw-r----- 1 mailman mailman 49152 May 5 2006 /usr/local/
> I can't imagine why both files need to be group writeable. The
> only time the file is written to (AFAIK) is when you add a mailing
> list, and mailman owns the file and has write access. The only
> time the db is written to is when you run postalias, and you should
> always run that as root, either directly or through sudo.
Mailman will call postalias itself when you create a new list. At
least if it is properly configured for postfix. In the install from
ports with the postfix option I have
POSTFIX_ALIAS_CMD = '/usr/local/sbin/postalias'
in Defaults.py, though I haven't spotted where that is actually called.
>> However it is the owner of the file containing the pipe alias that
>> matters to postfix local deliveries. See local(8).
> Why? Postfix only needs read access to know what aliases it needs
> to deliver to. I don't see anything in local(8) that says postfix
> requires ownership of the alias file or the aliases db.
Look in the DELIVERY RIGHTS section of the man page
Deliveries to external files and external commands are made
rights of the receiving user on whose behalf the delivery is
the absence of a user context, the local(8) daemon uses the
rights of the :include: file or alias database. When those
owned by the superuser, delivery is made with the rights
the default_privs configuration parameter.
I discussed that in some earlier post when trying to explain why I
.db files should be owned by root or nobody (the value of
> Now that I've looked at the Makefile, you are correct.
Well, with so many guesses, I had to be close to right on one of them.
> For Postfix it selects nobody which is incorrect.
My guess is that Jean reading the mailman documentation looked for
what Postfix's equivalent of "mailnull" was and found that it was
> It should be selecting mailman. However, if you build the port like
> this: make -DWITH-MAIL-GID=mailman (or use pkgtools.conf as I do),
> you override the options and the port compiles correctly.
I'm far from grokking the ports and pkg systems. I guess that the
pkg install gives you a sort of default mailman which isn't compiled
for any particularly MTA, while the port gave us the opportunity to
configure for POSTFIX and one bit of that configuration is wrong.
Thanks everyone for putting up with my somewhat long-winded learning
Jeffrey Goldberg http://www.goldmark.org/jeff/
More information about the freebsd-ports