Mr. Sapiro:
Thank you sir, for your help.
Yes, I ran check_perms with and without -f as root until I got good results.
I've now added the following stanza to my vhost.conf file:
<Directory /u/m/mumble/mailman/cgi-bin/>
Options ExecCGI
SetHandler cgi-script
</Directory>
I don't know what would have undone that. That stanza is not needed apparently
in the other vhost I have. Perhaps, since this is a third level domain, I
ought to check the conf file for its second level configuration.
I had started setting up mailman (and a couple of other applications) in my
apache config file, before the third level was delegates to me. I commented
all of those out and still get the same errors in the browser:
Forbidden
You don't have permission to access /mailman/listinfo on this server.
Additionally, a 403 Forbidden error was encountered while trying to use
an ErrorDocument to handle the request.
The apache error log for mumble still says:
[Tue Dec 20 13:29:44 2005] [error] [client nnn.nnn.nnn.nnn]
(13)Permission denied: access to /mailman/listinfo denied
Your answer about using a single user for every instance of mailman didn't
indicate if I was actually going overboard by creating instance specific users
for each installation. I have paired up user1 with mumble1, user2 with
mumble2, etc., as an added security barrier and to protect users and their
archives from one another. Will it run this way? Is that necessary?
If I use a single source directory, yet install in multiple installation
directories, each serving its own vhost, can two instances share a listname so
I can have [EMAIL PROTECTED] and another at [EMAIL PROTECTED]
-- Hugh
On Tue, 20 Dec 2005 08:31:47 -0800
Mark Sapiro <[EMAIL PROTECTED]> wrote:
> Hugh Esco wrote:
>
> >I might need to do several instances of mailman before the new year, sailed
> >right through my first install, but got stuck on the second one. I'm
> >seeking advice on how to build this. Apparently I will need a distinct
> >instance for each virtual host of the $prefix heirarchy. I'm wondering
> >though if I can have only a single copy of the installation directory which
> >is created from unpacking the tar ball.
>
>
> I'm not sure what you're saying. Yes, you can unpack the tarball only
> once into one source directory, but then for each mailman instance
> you'll have to run configure in that directory with completely
> separate --prefix (and --exec-prefix and --with-var-prefix if used)
> values followed by "make install: for that instance.
>
>
> >Also, I'm creating a unique vhost specific user for each instance of
> >mailman. Is this overkill? Can a single mailman user support multiple
> >vhosts?
>
>
> Yes. One mailman instance can support multiple vhosts. The restriction
> is that since a single mailman instance has only one 'namespace' for
> listnames, you can't have the same list name on two different vhosts
> supported by the same mailman instance.
>
> See
> <http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq04.047.htp>
>
>
> >At any rate, to the error at hand:
> >
> >At: http://mumble.example.ca/mailman/listinfo
> >Browser reports error as:
> >Forbidden
> >
> >You don't have permission to access /mailman/listinfo on this server.
> >
> >Additionally, a 403 Forbidden error was encountered while trying to use an
> >ErrorDocument to handle the request.
> >
> >/var/log/apache/mumble-error.log says:
> >[Mon Dec 19 22:43:27 2005] [error] [client nn.nnn.nn.nnn] (13)Permission
> >denied: access to /mailman/listinfo denied
> >
> >permissions on directory and file are:
> >
> >drwxrwsr-x 2 mumble mumble 320 Dec 19 18:38 cgi-bin
> >-rwxr-sr-x 1 mumble mumble 36637 Dec 19 18:38 cgi-bin/listinfo
> >
> >apache configuration (which works based on function of other aliases)
> >includes:
> > ScriptAlias /mailman/ /u/m/mumble/mailman/cgi-bin/
> >
> >OK. I'm stumped.
>
>
> Have you run /u/m/mumble/mailman/bin/check_perms?
>
>
> >I would think that perhaps adding the apache user to the mumble group might
> >do it, but /etc/group shows that the instance of mailman I put up two days
> >ago (another virtual host on the same gentoo server), which works, did not
> >require that intervention. And I see that the permissions are 02755 on the
> >script, so apache ought to be able to execute the script regardless.
> >
>
>
> I agree.
>
> Do you perhaps have something in your Apache config that directly or
> indirectly removed the ExecCGI option from the
> /u/m/mumble/mailman/cgi-bin/ directory?
>
> --
> Mark Sapiro <[EMAIL PROTECTED]> The highway is for gamblers,
> San Francisco Bay Area, California better use your sense - B. Dylan
--
RCK Computer Services
http://reclaimedcomputers.ca/
------------------------------------------------------
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Security Policy:
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
