David Newman wrote:
One general comment: Debian packages install files with a different owner than the pip install. You want to be sure all your directories and files are owned by the Mailman user ('mailman' on Debian).
Yes, I have checked the ownerships. The debian package installed everything in mailman3 as user "list" whereas I have now setup everything to run as user "mailman". As I previously mentioned, mailman3 (core) is running fine. In fact mailman3 has properly posted numerous messages to several of my mailing lists since I finished setting it up with pip. However, mailman3-web (or mailman-web) is not working, I think because of a permissions issue. The installation instructions specify that mailman3-web (or mailman-web) run as user=mailman and group=mailman. However, the debian installation specifies the data files as user=www-data and group=www-data which is what apache runs as. For instance, I have my static files stored in the /var/lib/mailman3/web/static directory and the previous Debian mailman3 version set all the ownerships and groups to www-data for /var/lib/mailman3/web, /var/lib/mailman3/web/static along with all of the directories and files in the static subdirectory. So, when I run "mailman-web collectstatic" it bombs on the following permissions error:
PermissionError: [Errno 13] Permission denied: '/var/lib/mailman3/web/static/hyperkitty/js/hyperkitty-common.js'
So, my question is as follows. Should I continue to run mailman3-web as user mailman and change the ownership of the /var/lib/mailman3/web directory to mailman or should I leave the permissions of the /var/lib/mailman3/web directory alone and have mailman3-web run as user and group www-data?
Do you have anything further in any of the logs in /opt/mailman/web/logs ?
Yes, everytime that I try to start mailman3-web it posts this to the log and which includes a permission error as the last line:
*** Starting uWSGI 2.0.20 (64bit) on [Wed Jan 26 17:00:13 2022] *** compiled with version: 10.2.1 20210110 on 24 January 2022 19:51:51 os: Linux-5.10.0-10-amd64 #1 SMP Debian 5.10.84-1 (2021-12-08) nodename: slc.mailhub4u.com machine: x86_64 clock source: unix pcre jit disabled detected number of CPU cores: 8 current working directory: / detected binary path: /opt/mailman/venv/bin/uwsgi chdir() to /usr/share/mailman3-web your processes number limit is 31530 your memory page size is 4096 bytes detected max file descriptor number: 1024 lock engine: pthread robust mutexes thunder lock: disabled (you can enable it with --thunder-lock) bind(): Permission denied [core/socket.c line 230]
This one might be due to a bug I hit as well. There's a problem with mistune, one of the components. If that's the issue here, this should address it, run as the mailman user: pip install mistune==2.0.0rc1 mailman-web migrate mailman-web compress mailman-web collectstatic mailman-web compilemessages
Thanks for that tip David! Reverting mistune back to version 2.0.0rc1 allowed "mailman-web migrate" to work. I think that the balance of my problems are permissions related to running mailman3-web (or mailman-web) as user mailman versus www-data. So, please let me know, based on your installation, if I should change the permissions for /var/lib/mailman3/web/ to user/group mailman or should I run mailman3-web as user/group www-data.
Also, any other advice from David or anyone else would be very much appreciated.
Thanks!
Gordon