FAQ
I have a new installation I'm testing. I'm on a fresh install of
ubuntu, mailman compiled from scratch.

Mostly working now, but the mailing list public archives are show as
forbidden in my browser. The data is actually there in the folders,
stored in private and symlinked to public. I've run permissions check
and everything is OK (it says). What's my trouble? When I browse to
the pipermail folder it doesn't even list the public & private folders.
Public (at least) is set to read by all.

Rob

Search Discussions

  • Brad Knowles at Jun 9, 2008 at 12:16 am

    On 6/8/08, Rob Brandt wrote:

    Mostly working now, but the mailing list public archives are show as
    forbidden in my browser. The data is actually there in the folders,
    stored in private and symlinked to public. I've run permissions check
    and everything is OK (it says). What's my trouble?
    Is your web server configured to follow symlinks?

    --
    Brad Knowles <brad at shub-internet.org>
    LinkedIn Profile: <http://tinyurl.com/y8kpxu>
  • Rob Brandt at Jun 9, 2008 at 2:41 am
    Yes, in apache2.conf, I have:

    <Directory /usr/local/mailman/archives/public/>
    Options Indexes FollowSymLinks
    </Directory>

    I tried it without the trailing slash on the path too.

    Rob

    Brad Knowles wrote:
    On 6/8/08, Rob Brandt wrote:

    Mostly working now, but the mailing list public archives are show as
    forbidden in my browser. The data is actually there in the folders,
    stored in private and symlinked to public. I've run permissions check
    and everything is OK (it says). What's my trouble?
    Is your web server configured to follow symlinks?
  • Mark Sapiro at Jun 9, 2008 at 3:22 am

    Rob Brandt wrote:
    Yes, in apache2.conf, I have:

    <Directory /usr/local/mailman/archives/public/>
    Options Indexes FollowSymLinks
    </Directory>
    Do you implicitly not allow your access? You might need

    Order allow,deny
    Allow from all

    inside the Directory section if you have a Deny on a superordinate
    directory.

    What's in apache's error_log?

    --
    Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
    San Francisco Bay Area, California better use your sense - B. Dylan
  • Rob Brandt at Jun 9, 2008 at 3:32 am
    Not intentionally, and I just combed through the conf files and see no
    reference. In any case, I changed it to:

    <Directory /usr/local/mailman/archives/public/>
    Order allow,deny
    Allow from all
    Options Indexes FollowSymLinks
    </Directory>

    restarted apache and it's still Forbidden.

    Rob

    Mark Sapiro wrote:
    Rob Brandt wrote:
    Yes, in apache2.conf, I have:

    <Directory /usr/local/mailman/archives/public/>
    Options Indexes FollowSymLinks
    </Directory>
    Do you implicitly not allow your access? You might need

    Order allow,deny
    Allow from all

    inside the Directory section if you have a Deny on a superordinate
    directory.

    What's in apache's error_log?
  • Mark Sapiro at Jun 9, 2008 at 2:28 pm

    Rob Brandt wrote:
    In any case, I changed it to:

    <Directory /usr/local/mailman/archives/public/>
    Order allow,deny
    Allow from all
    Options Indexes FollowSymLinks
    </Directory>

    restarted apache and it's still Forbidden.

    And Bob Eager wrote (with a 'digest' subject):
    Who owns the folders? They (and contents) need to be readable by the user
    under which the web server runs. I was bitten by this last week...

    Good point. In particular, the archives/private/ directory itself must
    either be world searchable or owned by the web server user. A possible
    mistake is to see the warning about o+x from check_perms and set o-x
    without changing ownership per the installation manual. See the
    warning box at <http://www.list.org/mailman-install/node9.html>.

    And if that isn't the solution, please report what's in the apache
    error_log for the forbidden access.

    --
    Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
    San Francisco Bay Area, California better use your sense - B. Dylan
  • Rob Brandt at Jun 9, 2008 at 5:05 pm
    Yes that did it! I had all the folders set correctly *except* for the
    /private folder itself. Changing that from root to www-data did it for me.

    Thanks!

    Rob


    Mark Sapiro wrote, On 6/9/2008 7:28 AM:
    Rob Brandt wrote:
    In any case, I changed it to:

    <Directory /usr/local/mailman/archives/public/>
    Order allow,deny
    Allow from all
    Options Indexes FollowSymLinks
    </Directory>

    restarted apache and it's still Forbidden.

    And Bob Eager wrote (with a 'digest' subject):
    Who owns the folders? They (and contents) need to be readable by the user
    under which the web server runs. I was bitten by this last week...

    Good point. In particular, the archives/private/ directory itself must
    either be world searchable or owned by the web server user. A possible
    mistake is to see the warning about o+x from check_perms and set o-x
    without changing ownership per the installation manual. See the
    warning box at <http://www.list.org/mailman-install/node9.html>.

    And if that isn't the solution, please report what's in the apache
    error_log for the forbidden access.
  • Steven Stern at Jun 9, 2008 at 3:50 am

    On 06/08/2008 05:30 PM, Rob Brandt wrote:
    I have a new installation I'm testing. I'm on a fresh install of
    ubuntu, mailman compiled from scratch.

    Mostly working now, but the mailing list public archives are show as
    forbidden in my browser. The data is actually there in the folders,
    stored in private and symlinked to public. I've run permissions check
    and everything is OK (it says). What's my trouble? When I browse to
    the pipermail folder it doesn't even list the public & private folders.
    Public (at least) is set to read by all.

    Rob


    Is Ubuntu using SELinux? If so, you'll probably need to use audit2allow
    to create aplicy to allow it to read the archives.

    - --

    ~ Steve
  • Rob Brandt at Jun 9, 2008 at 4:25 am
    Hey, maybe so. I wasn't aware of it, but the packages
    libselinux1 2.0.55-0ubuntu4 and
    libsepol1 2.0.20-0ubuntu3
    are installed. I'll look in to it.

    Rob

    Steven Stern wrote:
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    On 06/08/2008 05:30 PM, Rob Brandt wrote:
    I have a new installation I'm testing. I'm on a fresh install of
    ubuntu, mailman compiled from scratch.

    Mostly working now, but the mailing list public archives are show as
    forbidden in my browser. The data is actually there in the folders,
    stored in private and symlinked to public. I've run permissions check
    and everything is OK (it says). What's my trouble? When I browse to
    the pipermail folder it doesn't even list the public & private folders.
    Public (at least) is set to read by all.

    Rob


    Is Ubuntu using SELinux? If so, you'll probably need to use audit2allow
    to create aplicy to allow it to read the archives.

    - --

    ~ Steve
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.9 (GNU/Linux)
    Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

    iEYEARECAAYFAkhMqJQACgkQeERILVgMyvAM6ACdEE2I7W3EBpRy1zedYjo2C2bc
    jncAnRxdBoQNLyu06JnE7ZyuP2Dqpwgm
    ÝuT
    -----END PGP SIGNATURE-----
    ------------------------------------------------------
    Mailman-Users mailing list
    Mailman-Users at python.org
    http://mail.python.org/mailman/listinfo/mailman-users
    Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
    Searchable Archives:
    http://www.mail-archive.com/mailman-users%40python.org/
    Unsubscribe:
    http://mail.python.org/mailman/options/mailman-users/bronto%40csd-bes.net

    Security Policy:
    http://www.python.org/cgi-bin/faqw-mm.py?req=show&amp;fileúq01.027.htp
  • Rob Brandt at Jun 9, 2008 at 4:29 am
    although selinux itself isn't installed...

    Rob Brandt wrote:
    Hey, maybe so. I wasn't aware of it, but the packages
    libselinux1 2.0.55-0ubuntu4 and
    libsepol1 2.0.20-0ubuntu3
    are installed. I'll look in to it.

    Rob

    Steven Stern wrote:
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    On 06/08/2008 05:30 PM, Rob Brandt wrote:
    I have a new installation I'm testing. I'm on a fresh install of
    ubuntu, mailman compiled from scratch.

    Mostly working now, but the mailing list public archives are show as
    forbidden in my browser. The data is actually there in the folders,
    stored in private and symlinked to public. I've run permissions check
    and everything is OK (it says). What's my trouble? When I browse to
    the pipermail folder it doesn't even list the public & private folders.
    Public (at least) is set to read by all.

    Rob


    Is Ubuntu using SELinux? If so, you'll probably need to use audit2allow
    to create aplicy to allow it to read the archives.

    - --

    ~ Steve
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.9 (GNU/Linux)
    Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

    iEYEARECAAYFAkhMqJQACgkQeERILVgMyvAM6ACdEE2I7W3EBpRy1zedYjo2C2bc
    jncAnRxdBoQNLyu06JnE7ZyuP2Dqpwgm
    ÝuT
    -----END PGP SIGNATURE-----
    ------------------------------------------------------
    Mailman-Users mailing list
    Mailman-Users at python.org
    http://mail.python.org/mailman/listinfo/mailman-users
    Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
    Searchable Archives:
    http://www.mail-archive.com/mailman-users%40python.org/
    Unsubscribe:
    http://mail.python.org/mailman/options/mailman-users/bronto%40csd-bes.net

    Security Policy:
    http://www.python.org/cgi-bin/faqw-mm.py?req=show&amp;fileúq01.027.htp
    ------------------------------------------------------
    Mailman-Users mailing list
    Mailman-Users at python.org
    http://mail.python.org/mailman/listinfo/mailman-users
    Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
    Searchable Archives:
    http://www.mail-archive.com/mailman-users%40python.org/
    Unsubscribe:
    http://mail.python.org/mailman/options/mailman-users/bronto%40csd-bes.net

    Security Policy:
    http://www.python.org/cgi-bin/faqw-mm.py?req=show&amp;fileúq01.027.htp

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupmailman-users @
categoriespython
postedJun 8, '08 at 10:30p
activeJun 9, '08 at 5:05p
posts10
users4
websitelist.org

People

Translate

site design / logo © 2022 Grokbase