Re: [Mailman-Users] Mailman won't work - can you help?

[John Barrus]

The server is running as user "apache". If you look through the original 
message, you will see that I only ran the 
/usr/local/mailman/cgi-bin/admin as root to show that the command does 
in fact run. Of course, as root the program outputs an error. The 
program won't run at all when "apache" tries to execute it. 
Unfortunately, as "apache", I get a permissions error that I don't 
understand.

From the original message:

====================================

I su to user "apache" and try it again

--------------
[EMAIL PROTECTED] cgi-bin]# su apache
[EMAIL PROTECTED] cgi-bin]$ ./admin
sh: ./admin: Permission denied
--------------
Well, why won't it run? I check the permissions...

--------------
[EMAIL PROTECTED] cgi-bin]$ ls -l | grep admin
-rwxr-sr-x    1 root     mail        36849 Nov  1 18:50 admin*
-rwxr-sr-x    1 root     mail        36857 Nov  1 18:50 admindb*
[EMAIL PROTECTED] cgi-bin]$ ls -l .. | grep cgi
drwxrwsr-x    2 root     mail         4096 Nov  1 18:50 cgi-bin/
[EMAIL PROTECTED] cgi-bin]$ ls -l ../.. | grep mailman
drwxrwsr-x   13 root     root         4096 Nov  1 18:50 mailman/
--------------
Seems like everything is setgid as it should be. I also chown'ed and
chgrp'd the files to the apache owner and group, but of course I had the
same result. bin/check_perms -f made all the files owned by "mail" again.
Just for fun, check the version I'm running...

-------------
[EMAIL PROTECTED] mailman]# bin/version
Using Mailman version: 2.1.3
-------------
====================================
I'm still stuck. Anyone else have any ideas?

Thanks,

John B.



Simon White wrote:

02-Nov-03 at 14:06, Doug Griswold ([EMAIL PROTECTED]) wrote :
 

Your apache server is executing the cgi as root.  
   

I'm not sure there is full evidence for this, the message which implied
it was running as root was from a command line test, not from Apache. I
can't believe a large distro like Mandrake would let Apache run as root
(unless, of course, it's been hand compiled and _specifically_
configured to do so).
 

You have run ./configure --with-cgi-gid=apache but it needs to be
./cofigure --with-cgi-gid=root.  But this is a bad idea better to
change how your webserver is running.  It probably should be executing
the cgi as group is apache in httpd.conf there should be an entry si
iliar to this.
User apache
Group apache
   

Never let anything run as root if you can avoid it. To find out what
Apache is running as, do:
$ ps -aux | grep httpd

my results:

root     19848  0.0  0.2  4624   72 ?        S    Sep26   0:00 /var/apache/bin/httpd
nobody   19849  0.0  0.9 13616  276 ?        S    Sep26  19:37 [httpd]
[... several more lines like the second one ...]
Always one master process as root, but that one only serves as a
listener to spawn children running as nobody... because you have to be
root to listen to ports < 1024 in most circumstances.
Here in the example my Apache server runs as nobody. The username for
your Apache may be different. As Doug said, it will be in the httpd.conf
file somewhere.
Find out which user your Apache server is running as for sure, then
recompile Mailman passing --with-cgi-gid=<userid which runs your apache>
to configure.
There may be other permissions issues, but this issue needs to be
checked before others. As you said you've reinstalled several times,
there could be junk lying around messing up an otherwise correct config
that you've thought was wrong...
 



------------------------------------------------------
Mailman-Users mailing list
[EMAIL PROTECTED]
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
This message was sent to: [EMAIL PROTECTED]
Unsubscribe or change your options at
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org