From ff48e0ff7992c887840b65ea4c30687ab79a056a Mon Sep 17 00:00:00 2001 From: tkikuchi <> Date: Tue, 13 Dec 2005 00:48:44 +0000 Subject: SF bug tracker 1378270. Fix aliases permission check in Postfix.py. --- admin/www/mailman-install.txt | 46 ++++++++++++++++++++----------------------- 1 file changed, 21 insertions(+), 25 deletions(-) (limited to 'admin/www/mailman-install.txt') diff --git a/admin/www/mailman-install.txt b/admin/www/mailman-install.txt index bc46faab..58ad401a 100644 --- a/admin/www/mailman-install.txt +++ b/admin/www/mailman-install.txt @@ -1,3 +1,4 @@ + #GNU Mailman - Installation Manual About this document... About this document... @@ -11,7 +12,7 @@ GNU Mailman - Installation Manual barry(at)python.org Release 2.1 - May 30, 2005 + December 13, 2005 Front Matter @@ -52,7 +53,7 @@ GNU Mailman - Installation Manual Mailman requires a unique user and group name which will own its files, and under which its processes will run. Mailman's basic security is based on group ownership permissions, so it's important to - get this step right^1. Typically, you will add a new user and a new + get this step right1. Typically, you will add a new user and a new group, both called mailman. The mailman user must be a member of the mailman group. Mailman will be installed under the mailman user and group, with the set-group-id (setgid) bit enabled. @@ -78,7 +79,7 @@ GNU Mailman - Installation Manual the variable data files and install them in separate directories. This section will describe the available options. - The default is to install all of Mailman to /usr/local/mailman^2. You + The default is to install all of Mailman to /usr/local/mailman2. You can change this base installation directory (referred to here as $prefix) by specifying the directory with the --prefix configure option. If you're upgrading from a previous version of Mailman, you @@ -92,7 +93,7 @@ GNU Mailman - Installation Manual Make sure the installation directory is set to group mailman (or whatever you're going to specify with --with-groupname) and has the - setgid bit set^3. You probably also want to guarantee that this + setgid bit set3. You probably also want to guarantee that this directory is readable and executable by everyone. For example, these shell commands will accomplish this: @@ -341,12 +342,6 @@ GNU Mailman - Installation Manual installation. It has been tested with various Postfix versions up to and including Postfix 2.1.5. - By default, Postfix treats -owner and -request addresses specially. - Since you want Postfix to deliver such messages to Mailman, you should - turn off this option by adding this to your main.cf file: - - owner_request_special = no - In order to support Mailman's optional VERP delivery, you will want to disable luser_relay (the default) and you will want to set recipient_delimiter for extended address semantics. You should comment @@ -399,11 +394,12 @@ GNU Mailman - Installation Manual % bin/genaliases Make sure that the owner of the data/aliases and data/aliases.db - file is mailman and that the group owner for those files is - mailman, or whatever user and group you used in the configure - command: + file is mailman, that the group owner for those files is mailman, + or whatever user and group you used in the configure command, and + that both files are group writable: % su % chown mailman:mailman data/aliases* + % chmod g+w data/aliases* * Hack your Postfix's main.cf file to include the following path in your alias_maps variable: @@ -842,8 +838,8 @@ GNU Mailman - Installation Manual server. Don't. The Sendmail.py module is misnamed - it's really a command line based message handoff scheme as opposed to the SMTP scheme used in SMTPDirect.py (the default). Sendmail.py has known - security holes and is provided as a proof-of-concept only^4. If you - are having problems using SMTPDirect.py fix those instead of using + security holes and is provided as a proof-of-concept only4. If you are + having problems using SMTPDirect.py fix those instead of using Sendmail.py, or you may open your system up to security exploits. 6.3.1 Sendmail ``smrsh'' compatibility @@ -1071,7 +1067,7 @@ fi Mailman has a large number of site-wide configuration options which you should now review and change according to your needs. Some of the options control how Mailman interacts with your environment, and other - options select defaults for newly created lists^5. There are system + options select defaults for newly created lists5. There are system tuning parameters and integration options. The full set of site-wide defaults lives in the @@ -1269,7 +1265,7 @@ fi Also check for errors in your syslog files, your mail and web server log files and in Mailman's $prefix/logs/error file. If you're still having problems, you should send a message to the - mailman-users@python.org mailing list^7; see + mailman-users@python.org mailing list7; see http://mail.python.org/mailman/listinfo/mailman-users for more information. @@ -1505,7 +1501,7 @@ tar xvf MailmanStartup.tar About this document ... - GNU Mailman - Installation Manual, May 30, 2005, Release 2.1 + GNU Mailman - Installation Manual, December 13, 2005, Release 2.1 This document was generated using the LaTeX2HTML translator. @@ -1521,24 +1517,24 @@ tar xvf MailmanStartup.tar Footnotes - ... right^1 + ... right1 You will be able to check and repair your permissions after installation is complete. - .../usr/local/mailman^2 + .../usr/local/mailman2 This is the default for Mailman 2.1. Earlier versions of Mailman installed everything under /home/mailman by default. - ... set^3 + ... set3 BSD users should see the 15.2 section for additional information. - ... only^4 + ... only4 In fact, in later versions of Mailman, this module is explicitly sabotaged. You have to know what you're doing in order to re-enable it. - ... lists^5 + ... lists5 In general, changing the list defaults described in this section will not affect any already created lists. To make changes after a list has been created, use the web interface or @@ -1552,7 +1548,7 @@ tar xvf MailmanStartup.tar Changing the crontab could mess with other parallel Mailman installations. - ... list^7 + ... list7 You must subscribe to this mailing list in order to post to it, but the mailing list's archives are publicly visible. _________________________________________________________________ @@ -1560,4 +1556,4 @@ tar xvf MailmanStartup.tar Previous Page Up One Level Next Page GNU Mailman - Installation Manual _________________________________________________________________ - Release 2.1, documentation updated on May 30, 2005. + Release 2.1, documentation updated on December 13, 2005. -- cgit v1.2.3