From owner-freebsd-ports@FreeBSD.ORG  Sat Apr 21 04:59:51 2007
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
X-Original-To: ports@freebsd.org
Delivered-To: freebsd-ports@FreeBSD.ORG
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id C81F916A406
	for <ports@freebsd.org>; Sat, 21 Apr 2007 04:59:51 +0000 (UTC)
	(envelope-from jeffrey@goldmark.org)
Received: from out4.smtp.messagingengine.com (out4.smtp.messagingengine.com
	[66.111.4.28]) by mx1.freebsd.org (Postfix) with ESMTP id 8B65F13C4AD
	for <ports@freebsd.org>; Sat, 21 Apr 2007 04:59:51 +0000 (UTC)
	(envelope-from jeffrey@goldmark.org)
Received: from compute1.internal (compute1.internal [10.202.2.41])
	by out1.messagingengine.com (Postfix) with ESMTP id E421C216CB8;
	Sat, 21 Apr 2007 00:59:53 -0400 (EDT)
Received: from heartbeat1.messagingengine.com ([10.202.2.160])
	by compute1.internal (MEProxy); Sat, 21 Apr 2007 00:59:51 -0400
X-Sasl-enc: ik86ifHuBvBmPvsYhZd1nlUzLLb9Yju61/ewwyCnBxk4 1177131591
Received: from [10.1.10.132] (n114.ewd.goldmark.org [72.64.118.114])
	by mail.messagingengine.com (Postfix) with ESMTP id 323E220EED;
	Sat, 21 Apr 2007 00:59:51 -0400 (EDT)
In-Reply-To: <241A5B7DB4C2BB1A9FE54C99@paul-schmehls-powerbook59.local>
References: <200704200842.48793.david@vizion2000.net>
	<CA436D2A-08D1-4CC9-B300-7FF4E7F929F0@goldmark.org>
	<94592079D5FE1208BC6F7D03@utd59514.utdallas.edu>
	<F7A906EA-FA63-42C2-8E42-20F0B575A810@goldmark.org>
	<DB6C056281A25168ECD2A048@utd59514.utdallas.edu>
	<A6A80B58-976B-4C70-BD05-712EBA601B00@goldmark.org>
	<241A5B7DB4C2BB1A9FE54C99@paul-schmehls-powerbook59.local>
Mime-Version: 1.0 (Apple Message framework v752.2)
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
Message-Id: <2D8F0EEC-CA1A-403E-8799-8E6D27C11475@goldmark.org>
Content-Transfer-Encoding: 7bit
From: Jeffrey Goldberg <jeffrey@goldmark.org>
Date: Fri, 20 Apr 2007 23:59:46 -0500
To: Paul Schmehl <pauls@utdallas.edu>
X-Mailer: Apple Mail (2.752.2)
Cc: ports@freebsd.org, Jean Milanez Melo <jmelo@freebsdbrasil.com.br>,
	List_Mailman Org <mailman-users@python.org>
Subject: Re: Mailman GID problem
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 21 Apr 2007 04:59:51 -0000

On Apr 20, 2007, at 9:26 PM, Paul Schmehl wrote:

> --On April 20, 2007 7:54:45 PM -0500 Jeffrey Goldberg  
> <jeffrey@goldmark.org> wrote:

>> So the first fix (modifying the owner of data/aliases{,.db}) is the
>> right way to go, but instead of making those files owned by "nobody"
>> (which does seem dangerous because than anything running as "nobody"
>> could change those file) they should be owned by root with mailman as
>> the group and permissions like 664.
>>
> Nobody is an unprivileged user.

Thank you.  I forgot about that.  I was treating "nobody" like "www"  
or "mail".  It entirely slipped my mind that "nobody" really is  
different.

>> it would break to ownership of the aliases file so that we would have
>> the mismatch between what the uid postfix gives the the wrapper
>> ("mailman") and what the wrapper demands ("nobody").
>>
> Nope.  I've been running mailman for years now, and it works  
> perfectly fine.  The owner of the data directory is mailman, and  
> the group is mailman.
> ls -lsa /usr/local/mailman/data/
> total 132
> 2 drwxrwsr-x   2 mailman  mailman    512 Apr  7 19:47 .
> 2 drwxrwsr-x  20 mailman  mailman    512 Nov 28 17:48 ..
> 48 -rw-r--r--   1 mailman  mailman  65536 Sep  6  2005 .db
> 2 -rw-r-----   1 mailman  mailman     41 Sep  6  2005 adm.pw
> 6 -rw-r--r--   1 root     mailman   4383 Oct 14  2005 aliases
> 4 -rw-r-----   1 mailman  mailman   3984 Sep  8  2005 aliases.bak
> 48 -rw-r-----   1 mailman  mailman  49152 May  5  2006 aliases.db
> 0 -rw-rw-rw-   1 mailman  mailman      0 Sep  9  2005 bounce- 
> events-00446.pck
> 0 -rw-rw-rw-   1 mailman  mailman      0 Sep  9  2005 bounce- 
> events-00449.pck
> 0 -rw-rw-rw-   1 mailman  mailman      0 Sep  9  2005 bounce- 
> events-00467.pck
> 0 -rw-rw-rw-   1 mailman  mailman      0 Jan 27  2006 bounce- 
> events-00567.pck
> 0 -rw-rw-rw-   1 mailman  mailman      0 Oct 13  2005 bounce- 
> events-38840.pck
> 2 -rw-r-----   1 mailman  mailman     41 Sep  6  2005 creator.pw
> 2 -rw-r--r--   1 root     mailman     10 Nov 28 17:48  
> last_mailman_version
> 2 -rw-rw----   1 mailman  mailman      4 Apr  1 08:31 master- 
> qrunner.pid
> 14 -rw-r--r--   1 root     mailman  14114 Nov 28 17:48 sitelist.cfg

I am fairly confident that if that is working for you, than you are  
not running with /usr/local/mailman/mail/mailman that was compiled  
with the current port with the postfix option set.  The binary  
mailman has a gid compiled into it.  Given the current port  
WITH_POSTFIX.

Installing the current port WITH_POSTFIX will produce a mailman  
binary which will only allow itself to be run by "nobody".  Yours  
must have "mailman" compiled in where "nobody" is in what I (and  
David) get.

[jeffrey@dobby /usr/local/mailman/mail]$ strings mailman | tail
leave
post
owner
request
unsubscribe
Mailman mail-wrapper
nobody
Illegal command: %s
Usage: %s program [args...]
$FreeBSD: src/lib/csu/i386-elf/crtn.S,v 1.6 2005/05/19 07:31:06 dfr  
Exp $


What is your result on your system?  If you get "mailman" where I  
have "nobody" then one of my earlier suggestions (change MAIL_GID for  
the postfix setting from "nobody" to "mailman" in the port Makefile)  
may be the right thing.  That is what is most consistent with the  
mailman install instructions.

 From /usr/local/share/doc/mailman/mailman-install.txt

  In section  6.1.1 Integrating Postfix and Mailman


    * When you configure Mailman, use the --with-mail-gid=mailman
      switch;

However, the current ports Makefile compiles mailman --with-mail- 
gid=nobody

The same section also says

        Make sure that the owner of the data/aliases and data/aliases.db
        file is mailman, that the group owner for those files is  
mailman,
        or whatever user and group you used in the configure command,  
and
        that both files are group writable:
        % su
        % chown mailman:mailman data/aliases*
        % chmod g+w data/aliases*

>
> It is the *group* that matters to postfix, *not* the owner.  Per  
> the pkg-message file:
> Mailman has been installed, but requires further configuration  
> before use!
>
> You will have to configure both your MTA (mail server) and web  
> server to
> integrate with Mailman.  If the port's documentation has been  
> installed,
> extensive post-installation instructions may be found in:
>
>  %%DOCSDIR%%/FreeBSD-post-install-notes
>
> Note (1):  If you use an alternate (non-Sendmail) MTA, you MUST be  
> sure
> that the correct value of MAIL_GID was used when this port or package
> was built.  Performing a "make options" in the Mailman port directory
> will list required values for various mail servers.
>
> Note that MAIL_GID is what matters.  That is the *group* not the  
> owner of the files.  Note also that the group only has read writes  
> to the aliases file, although it does have read/write access to the  
> bounce-events files.

However it is the owner of the file containing the pipe alias that  
matters to postfix local deliveries.  See local(8).


>> So maybe the problem is with check_perms and not with the port at all
>> (well the port would still need to get the aliases files owned by  
>> root).
>>
> There's nothing at all wrong with the check_perms script.

I am coming to that conclusion.  I now think that my second  
suggestion of changing the ports Makefile to set MAIL_GID to mailman  
instead of nobody when configuring for postfix is the correct  
direction to go.

> mailman owns the aliases db for mailman:
> ls -lsa /usr/local/mailman/data/aliases*
> 6 -rw-r--r--  1 root     mailman   4383 Oct 14  2005 /usr/local/ 
> mailman/data/aliases
> 4 -rw-r-----  1 mailman  mailman   3984 Sep  8  2005 /usr/local/ 
> mailman/data/aliases.bak
> 48 -rw-r-----  1 mailman  mailman  49152 May  5  2006 /usr/local/ 
> mailman/data/aliases.db
>
> And this is a working setup of mailman and postfix that's been  
> running for years.

But I don't believe that that set-up will work with the configure  
options that get passed for compiling mailman with the current port.

PORTNAME=       mailman
DISTVERSION=    2.1.9
PORTREVISION=   1
CATEGORIES?=    mail

Thus, with a bit more confidence that before I present the same  
Makefile diff I recommend:

--- Makefile.orig       Fri Apr 20 14:17:08 2007
+++ Makefile    Fri Apr 20 23:57:22 2007
@@ -7,7 +7,7 @@
PORTNAME=      mailman
DISTVERSION=   2.1.9
-PORTREVISION=  1
+PORTREVISION=  2
CATEGORIES?=   mail
MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE} \
                 http://www.list.org/
@@ -88,7 +88,7 @@
.if defined(WITH_SENDMAIL) || defined(WITH_EXIM3) || defined(WITH_EXIM4)
BROKEN=        choose only one MTA integration
.endif
-MAIL_GID?=     nobody
+MAIL_GID?=     mailman
.endif
.if defined(WITH_CHINESE)

Cheers,

-j

-- 
Jeffrey Goldberg                        http://www.goldmark.org/jeff/