Majordomo-Users: Majordomo/Sendmail 8.9.1 Permission problems

Majordomo-Users
(July 1998)

Indexed By Thread: [Previous] [Next]

Subject:	Majordomo/Sendmail 8.9.1 Permission problems
From:	Stephen McHenry <stephen @ softi . com>
Date:	Wed, 22 Jul 1998 14:47:55 -0700
To:	majordomo-users @ greatcircle . com

OK, I've scanned the archives and found the reference to the FAQ, which
I've subsequently read. We have been running Majordomo 1.94.3 and it has
been working fine. Then, to prevent relaying of UCE through our site, I
installed Sendmail 8.9.1 yesterday. Mostly, it's going OK, except for
Majordomo. Sendmail is now complaining about the lists directory being
writeable.

Excerpt below:
>   ----- The following addresses had permanent fatal errors -----
>and-retreat-outgoing
>:include:/usr/local/majordomo/lists/and-retreat
>    (expanded from: and-retreat-outgoing)
>
>   ----- Transcript of session follows -----
>550 :include:/usr/local/majordomo/lists/and-retreat... Cannot open
/usr/local/majordomo/lists/and->retreat: Group writable directory
>Message delivered to mailing list and-retreat-outgoing
>554 and-retreat-outgoing... aliasing/forwarding loop broken
>Message delivered to mailing list owner-and-retreat@improv.net

After reading about how bad it would be to change the flags and make it
accept writeable directories, I changed lists to be non-(group)writeable.
That got me a different error.
Excerpt below:

>MAJORDOMO ABORT (mj_resend)!!
>
>shlock: '/usr/local/majordomo/lists' is not writable by UID 8 GID 12 

(Note: 8/12 is the UID/GID of mail)
So, like the FAQ says, I added the 

O DontBlameSendmail=groupwritabledirpathsafe

statement to sendmail.cf and restarted it. Now, it works. 

At this point, I'm willing to make the permissions more relaxed than they
should be just to get things working (as an interim solution). 

**But**, the FAQ also says that it should be possible to restrict the lists
directory to user-write permission (e.g., removing group-write) if you
don't mind maintaining it as root (which I don't). But... that didn't work
(as shown above). I'm assuming that I have a permission problem somewhere,
but I don't know where... (I'm not exactly a black belt in either Majordomo
or Sendmail). This would actually be my preferred solution, if I can figure
out what needs to be done.

Any ideas?? Thanks in advance...

Stephen

|======================================================================|
|  Stephen McHenry                        Phone: (408) 776-2720 x210   |
|  Advanced Software Technologies                                      |
|======================================================================|

Indexed By Date	Previous:	A new issue . . . or an offshoot of the old one. From: Michael Mullig <mullig@tms.org>
Indexed By Date	Next:	Re: A new issue . . . or an offshoot of the old one. From: Jason L Tibbitts III <tibbs@hpc.uh.edu>
Indexed By Thread	Previous:	Re: A new issue . . . or an offshoot of the old one. From: Jason L Tibbitts III <tibbs@hpc.uh.edu>
Indexed By Thread	Next:	Some thoughts on user validation.... From: Chuq Von Rospach <chuqui@plaidworks.com>