Running Mailman3 v3.2.1 on Devuan 10.0, getting a pid permissions error on Mailman3-web
# service mailman3-web stop [....] Stopping Mailman3-web uWSGI service: mailman3-webstart-stop-daemon: matching on world-writable pidfile /run/mailman3-web/mailman3-web.pid is insecure
# ls -l /run/mailman3-web/mailman3-web.pid -rw-rw-rw- 1 root root 6 Feb 9 13:00 /run/mailman3-web/mailman3-web.pid
# mailman info GNU Mailman 3.2.1 (La Villa Strangiato) Python 3.7.3 (default, Jul 25 2020, 13:03:44) [GCC 8.3.0] config file: /etc/mailman3/mailman.cfg db url: sqlite:////var/lib/mailman3/data/mailman.db devmode: DISABLED REST root url: http://*obscured*:8001/3.1/ REST credentials: *obscured*
Any help, as always, is greatly appreciated. It's been a while, my old server died on me a few years back, and I'm finally getting around to getting a new one set up. I'd been looking forward to MM3 for *ages*! I can't wait to play! :-D
Thank you in advance! If I forgot any relevant info, I'm happy to provide. Best, --Glenn
On 2/9/21 10:17 AM, rainbear@gmail.com wrote:
# service mailman3-web stop [....] Stopping Mailman3-web uWSGI service: mailman3-webstart-stop-daemon: matching on world-writable pidfile /run/mailman3-web/mailman3-web.pid is insecure
# ls -l /run/mailman3-web/mailman3-web.pid -rw-rw-rw- 1 root root 6 Feb 9 13:00 /run/mailman3-web/mailman3-web.pid
This would appear to be either a Debian or uWSGI issue. In my case, I use gunicorn as the WSGI interface to Django, and on the server that supports this list, I have
$ cat /etc/init/gunicorn.conf description "gunicorn for Mailman"
start on runlevel [2345] stop on runlevel [016]
respawn respawn limit 10 5
setuid mailman setgid mailman
chdir /opt/mailman/mm/
exec /opt/mailman/mm/bin/gunicorn -c /opt/mailman/mm/deployment/gunicorn.conf mailman_web.wsgi:application
$ cat /opt/mailman/mm/deployment/gunicorn.conf bind = ['127.0.0.1:8000'] proc_name = "mailman-web" chdir = "/opt/mailman/mm" pidfile = "/opt/mailman/mm/var/gunicorn.pid" accesslog = "/opt/mailman/mm/var/logs/access.log" errorlog = "/opt/mailman/mm/var/logs/error.log" #daemon = True workers = 4 # Increase timout to allow downloading large archive mboxes. # Note even 300 is not enough for the entire python-dev@python.org archive. # I added 'disallow: /*/export/' to robots.txt to try to stop crawlers. timeout = 120
$ ll /opt/mailman/mm/var/gunicorn.pid -rw-r--r-- 1 mailman mailman 6 Feb 7 00:13 /opt/mailman/mm/var/gunicorn.pid
Some other servers I manage use systemd rather than upstart, but the permissions on the PIP file are the same.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
participants (2)
-
Mark Sapiro -
rainbear@gmail.com