Mailman-users

Download

mailman-users@mailman3.org

January 2022

44 participants
91 discussions

signup / registration error - permissions and cert chains
by David Newman Jan. 1, 2022

Jan. 1, 2022

I'd like for regular (non-admin) list subscribers to be able to manage their subscription preferences and view list archives. However, when new users attempt to create logins from the Postorius "Sign Up" page, the server returns the error pasted below, and displays a "server error" page to users. If I'm reading the error correctly, this is related to an inability to verify the cert chain. The /etc/mailman3/settings.py file points to the same cert and key files used by Nginx, Postfix, and Dovecot. Since TLS works OK with these other services, it appears the cert and key are valid. (Viewing the cert in a web browser also supports this.) The keyfile has 0400 permissions. I tried changing this to 0640 and making the keyfile owned by root:mailman. Even after restarting mailman3 and mailmanweb the same error occurs. (Permissions in the cert and key directories and above are not blocking access.) The etc/mailman3/settings.py file includes these settings: EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend' EMAIL_HOST = 'localhost' EMAIL_PORT = 25 EMAIL_HOST_USER = 'dnewman(a)networktest.com' EMAIL_HOST_PASSWORD = 'wouldnt-you-like-to-know' EMAIL_USE_TLS = 'True' EMAIL_SSL_CERTFILE = '/etc/ssl/certs/myhost.crt' EMAIL_SSL_KEYFILE = '/etc/ssl/private/myhost.key' But this might only be for email, not Postorius/Django. I checked the Mailman Web docs and settings reference but didn't see anything relevant on either page. https://docs.mailman3.org/en/latest/config-web.html https://docs.mailman3.org/projects/mailman-web/en/latest/settings.html What additional configuration is needed to allow regular users to create and manage their own accounts? Thanks. dn ERROR 2021-12-30 16:03:53,787 436935 django.request Internal Server Error: /accounts/signup/ Traceback (most recent call last): File "/opt/mailman/venv/lib/python3.9/site-packages/django/core/handlers/exception.py", line 34, in inner response = get_response(request) File "/opt/mailman/venv/lib/python3.9/site-packages/django/core/handlers/base.py", line 115, in _get_response response = self.process_exception_by_middleware(e, request) File "/opt/mailman/venv/lib/python3.9/site-packages/django/core/handlers/base.py", line 113, in _get_response response = wrapped_callback(request, *callback_args, **callback_kwargs) File "/opt/mailman/venv/lib/python3.9/site-packages/django/views/generic/base.py", line 71, in view return self.dispatch(request, *args, **kwargs) File "/opt/mailman/venv/lib/python3.9/site-packages/django/utils/decorators.py", line 43, in _wrapper return bound_method(*args, **kwargs) File "/opt/mailman/venv/lib/python3.9/site-packages/django/views/decorators/debug.py", line 76, in sensitive_post_parameters_wrapper return view(request, *args, **kwargs) File "/opt/mailman/venv/lib/python3.9/site-packages/allauth/account/views.py", line 230, in dispatch return super(SignupView, self).dispatch(request, *args, **kwargs) File "/opt/mailman/venv/lib/python3.9/site-packages/allauth/account/views.py", line 74, in dispatch response = super(RedirectAuthenticatedUserMixin, self).dispatch( File "/opt/mailman/venv/lib/python3.9/site-packages/allauth/account/views.py", line 204, in dispatch return super(CloseableSignupMixin, self).dispatch(request, *args, **kwargs) File "/opt/mailman/venv/lib/python3.9/site-packages/django/views/generic/base.py", line 97, in dispatch return handler(request, *args, **kwargs) File "/opt/mailman/venv/lib/python3.9/site-packages/allauth/account/views.py", line 102, in post response = self.form_valid(form) File "/opt/mailman/venv/lib/python3.9/site-packages/allauth/account/views.py", line 248, in form_valid return complete_signup( File "/opt/mailman/venv/lib/python3.9/site-packages/allauth/account/utils.py", line 209, in complete_signup return perform_login( File "/opt/mailman/venv/lib/python3.9/site-packages/allauth/account/utils.py", line 175, in perform_login send_email_confirmation(request, user, signup=signup, email=email) File "/opt/mailman/venv/lib/python3.9/site-packages/allauth/account/utils.py", line 346, in send_email_confirmation email_address.send_confirmation(request, signup=signup) File "/opt/mailman/venv/lib/python3.9/site-packages/allauth/account/models.py", line 62, in send_confirmation confirmation.send(request, signup=signup) File "/opt/mailman/venv/lib/python3.9/site-packages/allauth/account/models.py", line 169, in send get_adapter(request).send_confirmation_mail(request, self, signup) File "/opt/mailman/venv/lib/python3.9/site-packages/allauth/account/adapter.py", line 464, in send_confirmation_mail self.send_mail(email_template, emailconfirmation.email_address.email, ctx) File "/opt/mailman/venv/lib/python3.9/site-packages/allauth/account/adapter.py", line 136, in send_mail msg.send() File "/opt/mailman/venv/lib/python3.9/site-packages/django/core/mail/message.py", line 284, in send return self.get_connection(fail_silently).send_messages([self]) File "/opt/mailman/venv/lib/python3.9/site-packages/django/core/mail/backends/smtp.py", line 102, in send_messages new_conn_created = self.open() File "/opt/mailman/venv/lib/python3.9/site-packages/django/core/mail/backends/smtp.py", line 67, in open self.connection.starttls(keyfile=self.ssl_keyfile, certfile=self.ssl_certfile) File "/usr/lib/python3.9/smtplib.py", line 772, in starttls context = ssl._create_stdlib_context(certfile=certfile, File "/usr/lib/python3.9/ssl.py", line 787, in _create_unverified_context context.load_cert_chain(certfile, keyfile) PermissionError: [Errno 13] Permission denied

3 6