Permission denied for /list:member:digest:header.txt
Hi, despite mailman is running as mailman user and the required periodic jobs have all been created in crontab for the mailman user, a permission denied exception for the digest file has been logged in mailman.log: Dec 14 11:31:42 2020 (399913) Uncaught runner exception: [Errno 13] Permission denied: '/var/lib/mailman3/templates/lists/...//list:member:digest:header.txt'
The subdirectories and files of the templates subdirectory got the root owner and group: drwxr-xr-x. 3 mailman mailman 4096 Dec 12 17:58 templates
drwxr-xr-x. 11 root root 4096 Dec 12 19:20 lists
-rw-rw----. 1 root root 16 Dec 12 19:19 list:member:digest:header.txt
How can this be avoided?
Best Regards,Eric
- Eric Broens via Mailman-users (mailman-users@mailman3.org) [201214 12:04]:
despite mailman is running as mailman user and the required periodic jobs have all been created in crontab for the mailman user, a permission denied exception for the digest file has been logged in mailman.log: Dec 14 11:31:42 2020 (399913) Uncaught runner exception: [Errno 13] Permission denied: '/var/lib/mailman3/templates/lists/...//list:member:digest:header.txt'
The subdirectories and files of the templates subdirectory got the root owner and group: drwxr-xr-x. 3 mailman mailman 4096 Dec 12 17:58 templates
drwxr-xr-x. 11 root root 4096 Dec 12 19:20 lists
-rw-rw----. 1 root root 16 Dec 12 19:19 list:member:digest:header.txt
Unix permissions: how could the mailman user read that file? To be able to read a file, the affected uid/gid needs x permission for the path (to access the inode), and r permission for the file itself. This seems to fail here.
Short term solution would be chmod, but basically the installation (scripts) should be fixed (or this might repeat).
You can test that also with sudo -u mailman cat $file and see if the user mailman can read the file.
I would also recommend to look at the other files around.
Regards, Andi
Thanks Andi, I understand that it is a Unix permissions issue.The question is, what process created these files and directories? Mailman runs with its own user. Since these files and directories were created automatically, I expected that these would have been created with the correct permissions. Best Regards,Eric On Monday, December 14, 2020, 12:10:42 PM GMT+1, Andreas Barth <aba@ayous.org> wrote:
- Eric Broens via Mailman-users (mailman-users@mailman3.org) [201214 12:04]:
despite mailman is running as mailman user and the required periodic jobs have all been created in crontab for the mailman user, a permission denied exception for the digest file has been logged in mailman.log: Dec 14 11:31:42 2020 (399913) Uncaught runner exception: [Errno 13] Permission denied: '/var/lib/mailman3/templates/lists/...//list:member:digest:header.txt'
The subdirectories and files of the templates subdirectory got the root owner and group: drwxr-xr-x. 3 mailman mailman 4096 Dec 12 17:58 templates
drwxr-xr-x. 11 root root 4096 Dec 12 19:20 lists
-rw-rw----. 1 root root 16 Dec 12 19:19 list:member:digest:header.txt
Unix permissions: how could the mailman user read that file? To be able to read a file, the affected uid/gid needs x permission for the path (to access the inode), and r permission for the file itself. This seems to fail here.
Short term solution would be chmod, but basically the installation (scripts) should be fixed (or this might repeat).
You can test that also with sudo -u mailman cat $file and see if the user mailman can read the file.
I would also recommend to look at the other files around.
Regards, Andi
Mailman-users mailing list -- mailman-users@mailman3.org To unsubscribe send an email to mailman-users-leave@mailman3.org https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/
The installation was done according to the information provided in Mailman - The GNU Mailing List Management System — GNU Mailman 3.3.3b1 documentation
| | | | Mailman - The GNU Mailing List Management System — GNU Mailman 3.3.3b1 d...
|
|
|
Best Regards,Eric On Monday, December 14, 2020, 12:25:17 PM GMT+1, Andreas Barth <aba@ayous.org> wrote:
- Eric Broens (ebroens@yahoo.com) [201214 12:19]:
I understand that it is a Unix permissions issue. The question is, what process created these files and directories?
Part of the installation scripts, I would assume. How did you install mailman?
Regards, Andi
Mailman-users mailing list -- mailman-users@mailman3.org To unsubscribe send an email to mailman-users-leave@mailman3.org https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/
On 12/14/20 3:58 AM, Eric Broens via Mailman-users wrote:
The installation was done according to the information provided in Mailman - The GNU Mailing List Management System — GNU Mailman 3.3.3b1 documentation
https://docs.mailman3.org/en/latest/migration.html#id1 says specifically
to not run mailman commands as root. While it is refering the the
mailman
commands in particular, the implication is the same for the
django-admin commands.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
On 12/14/20 3:19 AM, Eric Broens via Mailman-users wrote:
Thanks Andi, I understand that it is a Unix permissions issue.The question is, what process created these files and directories? Mailman runs with its own user. Since these files and directories were created automatically, I expected that these would have been created with the correct permissions.
You ran the hyperkitty_import job for these lists as root. It needs to be run as the Mailman user.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Thanks again Mark, from the bash_history that seems to be the case, while I intended to run it as mailman user.It looks like only the ownership of the subdirectories and files in /var/lib/mailman3/templates are incorrect.Those in /var/lib/mailman3/lists and other directories are correct. I can't find back if I have changed the ownership of these manually. Is it sufficient to change the ownership manually, or is there another change required too? Best Regards,Eric
On Monday, December 14, 2020, 01:59:06 PM GMT+1, Mark Sapiro <mark@msapiro.net> wrote:
On 12/14/20 3:19 AM, Eric Broens via Mailman-users wrote:
Thanks Andi, I understand that it is a Unix permissions issue.The question is, what process created these files and directories? Mailman runs with its own user. Since these files and directories were created automatically, I expected that these would have been created with the correct permissions.
You ran the hyperkitty_import job for these lists as root. It needs to be run as the Mailman user.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Mailman-users mailing list -- mailman-users@mailman3.org To unsubscribe send an email to mailman-users-leave@mailman3.org https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/
On 12/14/20 5:14 AM, Eric Broens via Mailman-users wrote:
Thanks again Mark, from the bash_history that seems to be the case, while I intended to run it as mailman user.It looks like only the ownership of the subdirectories and files in /var/lib/mailman3/templates are incorrect.Those in /var/lib/mailman3/lists and other directories are correct. I can't find back if I have changed the ownership of these manually.
Probably not. Most files are created by mailman import21
and you
probably ran that as mailman
. It is only the list specific templates
that are created by hyperkitty_import which you may have run as root.
Is it sufficient to change the ownership manually, or is there another change required too?
No other change is required.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
participants (3)
-
Andreas Barth
-
Eric Broens
-
Mark Sapiro