Bug 53641 - mailman code in /var requires setgid
Summary: mailman code in /var requires setgid
Keywords:
Status: CLOSED UPSTREAM
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: mailman
Version: 9
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: John Dennis
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2001-09-13 18:56 UTC by ratness
Modified: 2007-04-18 16:37 UTC (History)
0 users

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2004-06-06 09:50:02 UTC
Embargoed:


Attachments (Terms of Use)

Description ratness 2001-09-13 18:56:41 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)

Description of problem:
If you make /var mount nosuid, mailman's web front end doesn't work.  
Making /var nosuid is a fairly reasonable thing, in my book.  The error 
messages from this are really cryptic and can take a while to decipher.  I 
know I deserve to lose in this situation.  The enhancement request I have 
would be: could you get the developers to consider this case and make a 
smarter error message if it can't succeed in the setgid, especially in 
the 'check_perms' executable, OR, could you the packager install the 
binaries in some place other than /var?

No pressure, and thanks for your time.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. edit /etc/fstab and add 'nosuid' to /var
2. mount -o remount /var
3. Try to use mailman's web interface.

Actual Results:  A fatal 'permission denied' error drops into mailman's 
VirtualHost's error log.

Expected Results:  I'd've expected the error to complain more about "can't 
setgid to MAILMAN_GID" than that it can't write to /var/mailman/logs/error.

Additional info:

Comment 1 Florian La Roche 2004-06-06 09:50:02 UTC
For a nosuid /var you probably want to move /var/mailman onto
another partition and symlink it to /var/mailman.

Bad error messages are a problem, but also not really a bug in
the current package. Closing this to upstream development.

greetings,

Florian La Roche



Note You need to log in before you can comment on or make changes to this bug.