Mark Sapiro wrote: >> I suspect a permissions problem. Mailman would not serve up pages when >> all files were owned by group mailman, so I did 'chgrp -R www >> /var/www/mailman'. But after trying to create a list, the >> aliases file is mode 660, owned by root:www. > > > This is probably a mistake. Mailman relies on everything being group > Mailman and the CGI and mail wrappers being group Mailman and SETGID > so everything runs as group Mailman. If the chroot jail doesn't allow > SETGID to work, then I'm not sure what you'ld need to do, but whatever > user:group structure you have, both the web server and the MTA have to > be able to write various Mailman files.
Yes, that's the key issue. The OpenBSD chroot won't SETGID in part because it mounts the /var partition nosuid, which forbids SETGID. In theory it's possible to disable this, and get the python and other binaries and libraries into the chroot environment, but at that point there's really no benefit to running chroot'ed. The much easier (if somewhat less secure) solution is to run Apache without chroot. Just set 'httpd_flags=-u' in /etc/rc.conf. After restarting Apache, Mailman installed clean with the default configure options. thanks very much dn ------------------------------------------------------ Mailman-Users mailing list [email protected] http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
