[Pkg-mailman-hackers] Bug#802309: mailman: for correct operation on SE Linux please run restorecon after creating directories

Russell Coker russell at coker.com.au
Mon Oct 19 10:54:33 UTC 2015 

Package: mailman
Version: 1:2.1.18-2
Severity: normal
Tags: patch


The following patch gives the correct contexts to those directories.  When
SE Linux isn't running it does nothing.

--- /etc/init.d/mailman.orig	2015-10-19 21:29:22.161203098 +1100
+++ /etc/init.d/mailman	2015-10-19 21:31:37.425965680 +1100
@@ -29,10 +29,12 @@
 
 if ! [ -d /var/run/mailman ]; then
       install -d -o list -g list /var/run/mailman
+      [ -x /sbin/restorecon ] && /sbin/restorecon /var/run/mailman
 fi
 
 if ! [ -d /var/lock/mailman ]; then
       install -d -o root -g list -m 2775 /var/lock/mailman
+      [ -x /sbin/restorecon ] && /sbin/restorecon /var/lock/mailman
 fi
 
 . /lib/lsb/init-functions

Also something like the following in/usr/lib/tmpfiles.d/mailman.conf will work
for both SE Linux and non-SE systems running systemd:
D /var/run/mailman 0755 list list
D /var/lock/mailman 2755 root list

-- System Information:
Debian Release: 8.2
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages mailman depends on:
ii  apache2 [httpd]              2.4.10-10+deb8u3
ii  apache2-mpm-prefork [httpd]  2.4.10-10+deb8u3
ii  cron                         3.0pl1-127+deb8u1
ii  debconf [debconf-2.0]        1.5.56
ii  libc6                        2.19-18+deb8u1
ii  logrotate                    3.8.7-1+b1
ii  lsb-base                     4.1+Debian13+nmu1
ii  python-dnspython             1.12.0-1
pn  python:any                   <none>
ii  ucf                          3.0030

Versions of packages mailman recommends:
iu  postfix [mail-transport-agent]  2.11.3-1

Versions of packages mailman suggests:
pn  listadmin     <none>
pn  lynx          <none>
ii  spamassassin  3.4.0-6

-- Configuration Files:
/etc/init.d/mailman changed:
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DAEMON=/usr/lib/mailman/bin/mailmanctl
PIDFILE=/var/run/mailman/mailman.pid
test -x $DAEMON || exit 0
set -e
if ! [ -d /var/run/mailman ]; then
      install -d -o list -g list /var/run/mailman
      [ -x /sbin/restorecon ] && /sbin/restorecon /var/run/mailman
fi
if ! [ -d /var/lock/mailman ]; then
      install -d -o root -g list -m 2775 /var/lock/mailman
      [ -x /sbin/restorecon ] && /sbin/restorecon /var/lock/mailman
fi
.. /lib/lsb/init-functions
if ! [ -x /usr/bin/python ]; then
	log_warning_msg "Python interpreter not available, exiting."
	exit 0;
fi
nl='
'
case "$1" in
  start)
    SITE_LIST=$( sed -rne "s/^[[:space:]]*MAILMAN_SITE_LIST[[:space:]]*=[[:space:]]*(['\"])([^'\"]+)\\1/\\2/p" /etc/mailman/mm_cfg.py )
    [ -n "$SITE_LIST" ] || SITE_LIST='mailman'
    case "$nl$(/var/lib/mailman/bin/list_lists -b)$nl" in
    (*$nl$SITE_LIST$nl*) ;;
    (*)
        log_warning_msg "Site list for mailman missing (looking for list named '${SITE_LIST}')."
        log_warning_msg "Please create it; until then, mailman will refuse to start."
        exit 0 ;;
    esac
    log_daemon_msg "Starting Mailman master qrunner" "mailmanctl"
    if $DAEMON -s -q start; then
        log_end_msg 0
    else
        log_end_msg 1
    fi
    ;;
  stop)
    log_daemon_msg "Stopping Mailman master qrunner" "mailmanctl"
    if $DAEMON -q stop; then
        rm -f $PIDFILE
        log_end_msg 0
    else
        log_end_msg 1
    fi
    ;;
  reload)
    log_begin_msg "Reloading Mailman master qrunner configuration"
    if $DAEMON -q restart; then
        log_end_msg 0
    else
        log_end_msg 1
    fi
  ;;
  restart|force-reload)
    PID=`cat $PIDFILE 2>/dev/null` || true
    log_daemon_msg "Restarting Mailman master qrunner" "mailmanctl"
    $DAEMON -q stop
    if test -n "$PID" && kill -0 $PID 2>/dev/null ; then
        log_action_begin_msg "Waiting"
        for cnt in `seq 1 5`; do
            sleep 1
            kill -0 $PID 2>/dev/null || break
        done;
        if kill -0 $PID 2>/dev/null ; then
            log_action_end_msg 1
        else
            log_action_end_msg 0
        fi
    fi
    if $DAEMON -q start; then
        log_end_msg 0
    else
        log_end_msg 1
    fi
    ;;
  *)
    echo "Usage: /etc/init.d/mailman {start|stop|restart|reload|force-reload}" >&2
    exit 1
    ;;
esac
exit 0


-- debconf information excluded

More information about the Pkg-mailman-hackers mailing list