[Pkg-mailman-hackers] Bug#896997: mailman3 - Incorrect permissions for postfix lookup table files on postfix restart
Balasankar C
balasankarc at debian.org
Thu Apr 26 19:50:38 BST 2018
Package: mailman3
Version: 3.1.1-9~bpo9+1
Severity: important
After installing and configuring mailman3-full, I was unable to create
mailing lists using the UI. The logs had the following content
```
Apr 26 17:54:46 2018 (9642) command failure: /usr/sbin/postmap
/var/lib/mailman3/data/postfix_lmtp, 1, Operation not permitted
Apr 26 17:54:47 2018 (9642) command failure: /usr/sbin/postmap
/var/lib/mailman3/data/postfix_domains, 1, Operation not permitted
```
Upon checking, I saw that the files
`/var/lib/mailman3/data/postfix_lmtp.db` and
`/var/lib/mailman3/data/postfix_domains.db` were owned by `root:root`
and others didn't have read/write permission on them. Doing a chmod o+rw
on those two files solved the issue.
---
The exact steps I followed are
0. Get a droplet in DigitalOcean with Debian 9.4 image
1. Enable backports repo and run apt-get update
2. Set hostname
3. apt-get install postfix (as smarthost)
4. apt-get install nginx-full
5. apt-get -t stretch-backports install mailman3-full (answered the
questions positively)
6. dpkg-reconfigure mailman3-web - For creating database and admin user.
7. edit /etc/nginx/sites-enabled/mailman3 and change server_name
8. service nginx reload
9. Updated /etc/postfix/main.cf as mentioned in
/usr/share/doc/mailman3/README.Debian
10. service postfix restart for it to take effect
After this, while trying to login, I got a 500 error page. Logs of
mailman3-web had the following
```
SMTPRecipientsRefused: {u'<my admin email id>': (451, '4.3.0 <my admin
email id>: Temporary lookup failure')}
```
So I ran the following to fix them.
11. newaliases
12. mailman aliases
13. service mailman3 restart
14. service postfix restart
15. service mailman3-web restart
After this, I was able to login.
16. Go to domain and login as admin. Verification mail will be sent - go
check that. (You may want to use the non-HTTPS version of confirmation
URL if you haven't set it)
Note: Without doing the following, I wasn't able to create mailing lists
16. chmod o+wr /var/lib/mailman3/data/postfix_domains.db
17. chmod o+wr /var/lib/mailman3/data/postfix_lmtp.db
All was well after this.
I doubt if restarts were actually necessary in step 14 and if a reload
would've been enough. On our discussion in IRC channel #debian-mailman,
Pierre-Elliott Bécue (peb) assumes this caused the permissions to be borked.
PS: Please rename the issue title as you see fit.
---
Regards
Balasankar "Balu" C
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-mailman-hackers/attachments/20180427/bee7b0eb/attachment.sig>
More information about the Pkg-mailman-hackers
mailing list