Barry Finkel wrote: >I have a question about permissions for the archive directory. >I am migrating my Mailman server from an Ubuntu Dapper server >on which I installed my own package, built from the SourceForge >source, to an Ubuntu Lucid server, where I am installing the >Ubuntu/Debian package. The directory in question is > > /var/lib/mailman/archives/private > >On my production Dapper server, I have > > drwxrws--x 904 www-data list 24576 2011-02-09 14:17 .
You need either owner=www-data (the web server user) or o+x. You don't need both, but the only issue is if this server has local users, the local users can access private archive files with o+x. >On my test Lucid server I have > > drwxrws--- 10 root list 4096 2011-02-17 11:19 . > >There are two differences: > > owner: www-data vs. root > group execute privileges > >In the current configuration I cannot get from the web to the list >archives. I tried changing the ownership to www-data, and that worked. >I then reset the owner back to root and added group execute >privileges, and that also worked. > >What is suggested as the preferred fix? Thanks. The web server needs to be able to search the directory. As noted above, either owner = www-data or o+x allows this. Owner=www-data is more restrictive than o+x as it does not allow local users (other than www-data and the 'list' group) to access archive files directly. If you don't have non-admin local users on the server, then it doesn't matter which you do. Read the warning box at <http://www.list.org/mailman-install/node9.html>. -- Mark Sapiro <[email protected]> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan ------------------------------------------------------ Mailman-Users mailing list [email protected] http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
