Hello Mark,
thanks for your answer. I didn't see any SELinux issues, therefore I
didn't thought it would be a SELinux issue. But since I turned off
SELinux everything works fine with exactly this permissions. The thing
is: while I have a setup for several domains and each of them has their
own mailman instance I need to seperate the users. So the user for the
domain zaubert.net is called mailman-zaubert.net. I compiled mailman
with these settings. Even the webserver is running with this user.
greetings
Andi
Am 01.10.12 22:00, schrieb Mark Sapiro:
Andreas Nitsche wrote:
Can you tell me with which user this command gets executed? I had a look
at the aliases file:
-rw-rw----. 1 mailman-zaubert.net nobody 2159 30. Sep 13:33 aliases
-rw-r-----. 1 mailman-zaubert.net nobody 49152 30. Sep 13:33 aliases.db
These ownerships and permissions are wrong. Both files should be have
group = Mailman's group for this instance (mailman-zaubert.net?), not
group nobody, and aliases.db should be group writable.
The owner of aliases.db must also be Mailman's group for this instance
as it appears to be. The owner of aliases is immaterial. Usually is is
the user who last created a list with newlist or the web server user.
I don't know how these files got the ownership and permissions they
have, but I think this is the issue.
To answer your specigik question, the web create process runs with user
= the web server user and group = Mailman's group for that instance.
I looked at the audit.log, because SELinux is enabled, but it's empty.
Once you fix the above, you may run into SELinux issues, but the above
needs to be fixed first.
------------------------------------------------------
Mailman-Users mailing list [email protected]
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
