[linux] mailman + apache woes
Joby Walker
joby at u.washington.edu
Thu Mar 10 14:40:23 PST 2005
On mine ../mailman/private is drwxrws--x, with the objects (directories
and .mbox files) inside it drwxrwsr-x.
Joby Walker
C&C Computer Operations Software Support Group
jnicol at backnine.org wrote:
> I set it to private, and it didn't work. Checked the file permissions, and
> /usr/local/mailman/archives/private were drwxrws---. Changed that to
> drwxrwsr-x
> and it worked! Changed it back to public, and it still works! This is not
> supposed to be the case, is it? Is this a security issue? Unless it's a
> serious
> problem, I'm leaving it how it is.
>
> Thanks!!
>
> Jonathan
>
>
> Quoting Joby Walker <joby at u.washington.edu>:
>
>> Watch it ... I wrote the initial ebuild for Mailman.
>>
>> Though I guess I shouldn't be offended since the ebuild is substantially
>> different than my original submission. I don't like that they have
>> taken away the ability to assign a different location for the mailman
>> directory -- I have to edit the ebuild every time I upgrade.
>>
>> Here is my 90_mailman.conf:
>>
>> <IfDefine MAILMAN>
>> ScriptAlias /mailman/ "/var/mailman/cgi-bin/"
>>
>> <Directory "/var/mailman/cgi-bin/">
>> AllowOverride None
>> Options None
>> Order allow,deny
>> Allow from all
>> </Directory>
>>
>> Alias /pipermail/ "/var/mailman/archives/public/"
>>
>> <Directory "/var/mailman/archives/public/">
>> AllowOverride None
>> Options ExecCGI FollowSymLinks
>> Order allow,deny
>> Allow from all
>> </Directory>
>> </IfDefine>
>>
>> You might try:
>>
>> 1) Set your list to private archives
>> 2) Ensure that you can access via the private path
>> 3) Set the list to public again and see if things work.
>>
>> If that doesn't help set Apache to use a more verbose level of debugging
>> output -- that might provide more info.
>>
>> Joby Walker
>> C&C Computer Operations Software Support Group
>>
>>
>> Garrett Cooper wrote:
>>
>>> Jonathan,
>>> Is the symlink correct? It may have possibly been malformed
>>> between emerges. That's the only thing I hate about some packages in
>>> Gentoo; they have a tendency to be poorly coded to follow the coder's
>>> defaults :(. Speaking of which, I need to get dispatch-conf up and
>>> working :).
>>> -Garrett
>>>
>>> jnicol at backnine.org wrote:
>>>
>>>> Hi all,
>>>>
>>>> I'm at my wit's end trying to get the Mailman archives (pipermail)
>>>> to work on my
>>>> server. It returns a "403 Forbidden" when I try to access them. The
>>>> apache error
>>>> log says "Symbolic link not allowed:
>>>> /usr/local/mailman/archives/public/list".
>>>> Seems like a simple problem, but I'm either missing something
>>>> incredibly
>>>> obvious, or something incredibly obscure.
>>>>
>>>> My /etc/apache2/conf/modules.d/50_mailman.conf:
>>>>
>>>> ScriptAlias /mailman/ "/usr/local/mailman/cgi-bin/"
>>>> <Directory "/usr/local/mailman/cgi-bin/">
>>>> AllowOverride None
>>>> Options FollowSymLinks ExecCGI
>>>> Order allow,deny
>>>> Allow from all
>>>> </Directory>
>>>> Alias /pipermail "/usr/local/mailman/archives/public"
>>>> <Directory /usr/local/mailman/archives/public>
>>>> AllowOverride All
>>>> Options ExecCGI +FollowSymLinks
>>>> Order allow,deny
>>>> Allow from all
>>>> </Directory>
>>>>
>>>> And from apache2.conf:
>>>>
>>>> <Directory />
>>>> Options -All -Multiviews -Indexes +FollowSymLinks
>>>> AllowOverride None
>>>> <IfModule mod_access.c>
>>>> Order deny,allow
>>>> Deny from all
>>>> </IfModule>
>>>> </Directory>
>>>>
>>>>
>>>> (for those of you not familiar with Mailman,
>>>> /usr/local/mailman/archives/public/list is a symbolic link to
>>>> /usr/local/mailman/archives/private/list/ which has permissions
>>>> drwxrwsr-x,
>>>> owned by mailman:mailman.)
>>>>
>>>> I've run the Mailman prog check_perms which reports no problems.
>>>>
>>>> As you can see, I've got +FollowSymLinks everywhere relevant.
>>>> Googling and
>>>> asking on the Gentoo forums has got me no leads. Some genius help me
>>>> pleeeease!
>>>>
>>>>
>>>> thanks
>>>> Jonathan
>>>>
>>>
>>
>
>
More information about the Linux
mailing list