I wrote (>>): with Mark Sapiro's comments interspersed (>): >>I have on my Mailman 2.1.10 production system and my 2.1.11 test system >>both created from the SourceForge source and installed on Ubuntu dapper >>via packages I built: >> >>mailman% ls -al /var/lib/mailman >>total 40 >>drwxrwsr-x 10 root list 4096 2007-02-28 11:11 . >>drwxr-xr-x 22 root root 4096 2008-04-04 13:31 .. >>lrwxrwxrwx 1 root root 20 2008-06-30 16:13 bin -> /usr/lib/mailman/bin >>lrwxrwxrwx 1 root root 21 2008-06-30 16:13 cron -> /usr/lib/mailman/cron >>lrwxrwxrwx 1 root root 24 2008-06-30 16:13 Mailman -> >>/usr/lib/mailman/Mailman >>lrwxrwxrwx 1 root root 24 2008-06-30 16:13 scripts -> >>/usr/lib/mailman/scripts >><<Non-relevant lines from the "ls -al" listing have been removed.>> >>mailman% >>mailman# ls -al /usr/lib/mailman >>total 36 >>drwxr-xr-x 7 root list 4096 2007-02-28 11:11 . >>drwxr-xr-x 48 root root 12288 2008-06-09 12:24 .. >>drwxr-xr-x 2 root list 4096 2008-07-23 14:55 bin >>drwxr-xr-x 2 root list 4096 2008-07-23 14:55 cron >>drwxrwsr-x 2 root list 4096 2008-07-23 14:55 mail >>drwxr-xr-x 11 root list 4096 2008-07-23 14:55 Mailman >>drwxr-xr-x 2 root list 4096 2008-07-23 14:55 scripts >>mailman# >> >>When I run check_perms it complains: >> >> mailman# check_perms >> directory permissions must be 02775: /var/lib/mailman/Mailman >> directory permissions must be 02775: /var/lib/mailman/bin >> directory permissions must be 02775: /var/lib/mailman/cron >> directory permissions must be 02775: /var/lib/mailman/scripts >> Problems found: 4 >> Re-run as list (or root) with -f flag to fix >> mailman# >> >>As Mailman is running fine, I do not want to change the permissions >>on the symbolic links. Is this correct? I have 755 for the permissions >>on the real files to which the symbolic links point.
>You can't change the permissions on a symlink itself anyway. Any >attempt to do so will attempt to change the target. >>Is check_perms reporting on the permissions of the symlinks or the >>permissions of the real files to which the symbolic links point? >The targets. >>What problems would I see if I do not have group write not "02" >>on these four files? >Typically these directories are SETGID and group writable. The fact >that they are not SETGID means that anything created subordinate to >them will be created with the group of the creator and not the 'list' >group. In practice the contents of these 4 directories are normally >only read, so as long as everything is world readable, it will work. > >But if you applied a patch to some .py file in the Mailman directory, >Mailman processes running as group 'list' might not have permission to >update the corresponding .pyc file. > >I have to wonder why you are doing this with symlinks at all. It looks >like what you really want is to run configure with > >--prefix=/usr/lib/mailman (the default), and >--with-var-prefix=/var/lib/mailman > >or something similar. When I built my Mailman 2.1.9 and .11 packages for Ubuntu dapper, I took the Ubuntu packaging and made as few changes as possible. All I wanted was that the files be placed in the correct directories for Ubuntu. I used the current source, and I removed all of the Debian/Ubuntu patches except one: 01_defaults.debian.dpatch that makes three changes to the file Mailman/Defaults.py.in: -IMAGE_LOGOS = '/icons/' +IMAGE_LOGOS = '/doc/mailman/images/' -DEFAULT_URL_PATTERN = 'http://%s/mailman/' +DEFAULT_URL_PATTERN = 'http://%s/cgi-bin/mailman/' -PIDFILE = os.path.join(DATA_DIR, 'master-qrunner.pid') +PIDFILE = "/var/run/mailman/mailman.pid" The other patch files were source changes that I did not want because they were undocumented, and I had no idea for which SourceForge code base they were written. I assumed that the SourceForge source needed no patches. In the file mailman-2.1.11/debian/rules I made a few changes: mailman# diff rules rules.original 38c38 < --with-mail-gid=list --with-cgi-gid=www-data \ --- > --with-mail-gid=daemon --with-cgi-gid=www-data \ 70,71c70 < # The following line was commented by BSFinkel 07/01/2008. < # Debian removs pythonlib in error to fix a problem. < # rmdir debian/$(package)/var/lib/mailman/pythonlib --- > rmdir debian/$(package)/var/lib/mailman/pythonlib 126,128c125 < # The following line was commented by BSFinkel 07/01/2008 because < # the directory "admin" does not exist in Mailman 2.1.10 nor .11. < # cp -a admin/www debian/mailman/usr/share/doc/$(package)/html --- > cp -a admin/www debian/mailman/usr/share/doc/$(package)/html mailman# Of course, the admin line was only commented in 2.1.11, not in 2.1.9. That rules file has two sections of code: ----- Makefile: autoconf ./configure --prefix=/var/lib/$(package) --with-username=list \ --with-groupname=list \ --with-mail-gid=list --with-cgi-gid=www-data \ --without-permcheck --with-mailhost=localhost \ --with-urlhost=localhost ----- binary-arch: checkroot build $(checkdir) # rm -rf debian/mailman && install -d debian/mailman dh_installdirs dh_installdocs ACKNOWLEDGMENTS README* TODO BUGS NEWS FAQ dh_installchangelogs $(MAKE) doinstall prefix=$$(pwd)/debian/mailman/var/lib/$(package) \ var_prefix=$$(pwd)/debian/mailman/var/lib/$(package) \ icondir=$$(pwd)/debian/mailman/usr/share/images/mailman \ ICONDIR=$$(pwd)/debian/mailman/usr/share/images/mailman ----- and I did not want to make any changes to the directories into which Ubuntu/Debian stores the Mailman files. I am assuming that with a straight Debian/Ubuntu package install the same symlinks and directories that I have are present therein. Can someone who has an unmodifed Debian/Ubuntu package for Mailman confirm this? Thanks. I ran the fixup: mailman# check_perms directory permissions must be 02775: /var/lib/mailman/Mailman directory permissions must be 02775: /var/lib/mailman/bin directory permissions must be 02775: /var/lib/mailman/cron directory permissions must be 02775: /var/lib/mailman/scripts Problems found: 4 Re-run as list (or root) with -f flag to fix mailman# check_perms -f directory permissions must be 02775: /var/lib/mailman/Mailman (fixing) directory permissions must be 02775: /var/lib/mailman/bin (fixing) directory permissions must be 02775: /var/lib/mailman/cron (fixing) directory permissions must be 02775: /var/lib/mailman/scripts (fixing) Problems found: 4 Re-run as list (or root) with -f flag to fix mailman# !! check_perms -f No problems found mailman# ls -al /var/lib/mailman/Mailman lrwxrwxrwx 1 root root 24 2008-06-30 16:13 /var/lib/mailman/Mailman -> /usr/lib/mailman/Mailman mailman# ls -al /var/lib/mailman/bin lrwxrwxrwx 1 root root 20 2008-06-30 16:13 /var/lib/mailman/bin -> /usr/lib/mailman/bin mailman# ls -al /var/lib/mailman/cron lrwxrwxrwx 1 root root 21 2008-06-30 16:13 /var/lib/mailman/cron -> /usr/lib/mailman/cron mailman# ls -al /var/lib/mailman/scripts lrwxrwxrwx 1 root root 24 2008-06-30 16:13 /var/lib/mailman/scripts -> /usr/lib/mailman/scripts mailman# ls -ald /usr/lib/mailman/Mailman drwxrwsr-x 11 root list 4096 2008-07-23 14:55 /usr/lib/mailman/Mailman mailman# ls -ald /usr/lib/mailman/bin drwxrwsr-x 2 root list 4096 2008-07-23 14:55 /usr/lib/mailman/bin mailman# ls -ald /usr/lib/mailman/cron drwxrwsr-x 2 root list 4096 2008-07-23 14:55 /usr/lib/mailman/cron mailman# ls -ald /usr/lib/mailman/scripts drwxrwsr-x 2 root list 4096 2008-07-23 14:55 /usr/lib/mailman/scripts mailman# ---------------------------------------------------------------------- Barry S. Finkel Computing and Information Systems Division Argonne National Laboratory Phone: +1 (630) 252-7277 9700 South Cass Avenue Facsimile:+1 (630) 252-4601 Building 222, Room D209 Internet: [EMAIL PROTECTED] Argonne, IL 60439-4828 IBMMAIL: I1004994 ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9