Bug 53641

Summary: mailman code in /var requires setgid
Product: [Retired] Red Hat Linux Reporter: ratness
Component: mailmanAssignee: John Dennis <jdennis>
Status: CLOSED UPSTREAM QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 9Keywords: FutureFeature
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-06-06 09:50:02 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description ratness 2001-09-13 18:56:41 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)

Description of problem:
If you make /var mount nosuid, mailman's web front end doesn't work.  
Making /var nosuid is a fairly reasonable thing, in my book.  The error 
messages from this are really cryptic and can take a while to decipher.  I 
know I deserve to lose in this situation.  The enhancement request I have 
would be: could you get the developers to consider this case and make a 
smarter error message if it can't succeed in the setgid, especially in 
the 'check_perms' executable, OR, could you the packager install the 
binaries in some place other than /var?

No pressure, and thanks for your time.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. edit /etc/fstab and add 'nosuid' to /var
2. mount -o remount /var
3. Try to use mailman's web interface.

Actual Results:  A fatal 'permission denied' error drops into mailman's 
VirtualHost's error log.

Expected Results:  I'd've expected the error to complain more about "can't 
setgid to MAILMAN_GID" than that it can't write to /var/mailman/logs/error.

Additional info:
Comment 1 Florian La Roche 2004-06-06 09:50:02 UTC 
For a nosuid /var you probably want to move /var/mailman onto
another partition and symlink it to /var/mailman.

Bad error messages are a problem, but also not really a bug in
the current package. Closing this to upstream development.

greetings,

Florian La Roche