On Mon, 2005-01-31 at 11:01 +0100, Markus Darges wrote: > Hi, > > I cant' create a new list within the webinterface. Could someone tell > mit whether it's a known bug? Even if I change the permission of the > folder lists to 777 I get the same error. > My OS is Fedora Core 3. Mailman 2.1.5, Python2.4, Apache2.0.52
First, off I trust you are using Red Hat's mailman rpm for FC3. There is a possibility you may have run afoul of SELinux, but its very hard to tell from the information presented. SELinux is a security enhancement that restricts operations beyond the traditional UNIX permissions. In FC3 SELinux is enabled by default in what is called "targeted" mode, meaning SELinux is only used for "targeted" applications and services because those applications and services are open to the network and are much more vulnerable to exploit, mailman is one of the services under SELinux protection. The security policy is non-trival to author correctly it is possible we may have missed a corner case. Here are two simple things you can do to determine if SELinux is responsible for your access problems. 1) Look in /var/log/messages for any lines with "avc" in it, it will probably read something like "audit avc access denied ..." but I'm going from memory so don't use the full string I gave you to search for, I'm almost positive the exact string is slightly different. If the security policy is denying access it will log it in /var/log/messages and it should be pretty obvious. 2) Turn off SELinux, run your mailman action again, does the problem go away? If so, this is a sure sign its a bug in the security policy. To disable SELinux, su to root and run system-config-securitylevel, you'll see a dropdown box for SELinux, select the option to disable it. If this fixes the problem, then make sure you're fully up to date with the security policy, use your favorite package manager (e.g. yum) to update this rpm: selinux-policy-targeted. Go back and enable SELinux, do you still have the problem? If not great, if so then please file a bug here: https://bugzilla.redhat.com and be sure to include the operation being performed, the avc error messages from /var/log/messages, and the rpm versions of mailman and selinux-policy-targeted. -- John Dennis <[EMAIL PROTECTED]> ------------------------------------------------------ Mailman-Users mailing list [email protected] http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
