public inbox for gentoo-dev@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-dev] net-mail/mailman-2.1.9-r2: Request for testing
@ 2007-11-26 14:36 Hanno Böck
  2007-11-27  0:49 ` Wolfram Schlich
                   ` (2 more replies)
  0 siblings, 3 replies; 8+ messages in thread
From: Hanno Böck @ 2007-11-26 14:36 UTC (permalink / raw
  To: gentoo-dev

[-- Attachment #1: Type: text/plain, Size: 691 bytes --]

Hi,

The mailman ebuild was a pain in the past, installing to non-fhs-locations 
(/usr/local), doing lot's of strange stuff, not able to use etc-update...

mailman-2.1.9-r2 tries to fix lot's of those issues, it's much more 
configurable through some variables. It's currently masked, but yesterday I 
committed a bunch of changes and now I'm pretty satisfied with it.

So I'd like to unmask it soon. Please, if you're using mailman test it, tell 
me if it suits your needs or just give me feedback like "worksforme", I 
actually don't have a clue how many people really use this ebuild.

-- 
Hanno Böck		Blog:   http://www.hboeck.de/
GPG: 3DBD3B20		Jabber: hanno@hboeck.de

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [gentoo-dev] net-mail/mailman-2.1.9-r2: Request for testing
  2007-11-26 14:36 [gentoo-dev] net-mail/mailman-2.1.9-r2: Request for testing Hanno Böck
@ 2007-11-27  0:49 ` Wolfram Schlich
  2007-11-27  1:11 ` Wolfram Schlich
  2007-11-27  1:18 ` [gentoo-dev] " Wolfram Schlich
  2 siblings, 0 replies; 8+ messages in thread
From: Wolfram Schlich @ 2007-11-27  0:49 UTC (permalink / raw
  To: gentoo-dev

* Hanno Böck <hanno@gentoo.org> [2007-11-26 15:39]:
> Hi,
> 
> The mailman ebuild was a pain in the past, installing to non-fhs-locations 
> (/usr/local), doing lot's of strange stuff, not able to use etc-update...
> 
> mailman-2.1.9-r2 tries to fix lot's of those issues, it's much more 
> configurable through some variables. It's currently masked, but yesterday I 
> committed a bunch of changes and now I'm pretty satisfied with it.

Nice!

> So I'd like to unmask it soon. Please, if you're using mailman test it, tell 
> me if it suits your needs or just give me feedback like "worksforme", I 
> actually don't have a clue how many people really use this ebuild.

Any special hints/advice?
-- 
Regards,
Wolfram Schlich <wschlich@gentoo.org>
Gentoo Linux * http://dev.gentoo.org/~wschlich/
--
gentoo-dev@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [gentoo-dev] net-mail/mailman-2.1.9-r2: Request for testing
  2007-11-26 14:36 [gentoo-dev] net-mail/mailman-2.1.9-r2: Request for testing Hanno Böck
  2007-11-27  0:49 ` Wolfram Schlich
@ 2007-11-27  1:11 ` Wolfram Schlich
  2007-11-27  1:55   ` René 'Necoro' Neumann
  2007-11-27  1:18 ` [gentoo-dev] " Wolfram Schlich
  2 siblings, 1 reply; 8+ messages in thread
From: Wolfram Schlich @ 2007-11-27  1:11 UTC (permalink / raw
  To: gentoo-dev

* Hanno Böck <hanno@gentoo.org> [2007-11-26 15:39]:
> [...]
> So I'd like to unmask it soon. Please, if you're using mailman test it, tell 
> me if it suits your needs or just give me feedback like "worksforme", I 
> actually don't have a clue how many people really use this ebuild.

pkg_postinst() says...
--8<--
 * Please read /usr/share/doc/mailman-2.1.9-r2/README.gentoo.gz for additional
 * Setup information, mailman will NOT run unless you follow
 * those instructions!
--8<--
...but that README actually has .bz2 instead of .gz on my system :)
-- 
Regards,
Wolfram Schlich <wschlich@gentoo.org>
Gentoo Linux * http://dev.gentoo.org/~wschlich/
--
gentoo-dev@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [gentoo-dev] net-mail/mailman-2.1.9-r2: Request for testing
  2007-11-26 14:36 [gentoo-dev] net-mail/mailman-2.1.9-r2: Request for testing Hanno Böck
  2007-11-27  0:49 ` Wolfram Schlich
  2007-11-27  1:11 ` Wolfram Schlich
@ 2007-11-27  1:18 ` Wolfram Schlich
  2007-11-27  1:27   ` Wolfram Schlich
  2 siblings, 1 reply; 8+ messages in thread
From: Wolfram Schlich @ 2007-11-27  1:18 UTC (permalink / raw
  To: gentoo-dev

* Hanno Böck <hanno@gentoo.org> [2007-11-26 15:39]:
> [...]
> So I'd like to unmask it soon. Please, if you're using mailman test it, tell 
> me if it suits your needs or just give me feedback like "worksforme", I 
> actually don't have a clue how many people really use this ebuild.

I get this using hardened-sources with activated grsecurity
trusted path execution feature:

2007-11-27 02:15:47 +01:00; alpha; kern.alert; kernel: grsec: From 127.0.0.6: \
	denied untrusted exec of /usr/lib/mailman/bin/mmsitepass by \
	/bin/bash[bash:14178] uid/euid:280/280 gid/egid:280/280, \
	parent /bin/bash[bash:14173] uid/euid:280/280 gid/egid:280/280

That's because /usr/lib/mailman/bin/ is group-writable.
Is that necessary at all?!
-- 
Regards,
Wolfram Schlich <wschlich@gentoo.org>
Gentoo Linux * http://dev.gentoo.org/~wschlich/
--
gentoo-dev@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [gentoo-dev] net-mail/mailman-2.1.9-r2: Request for testing
  2007-11-27  1:18 ` [gentoo-dev] " Wolfram Schlich
@ 2007-11-27  1:27   ` Wolfram Schlich
  2007-11-27  1:46     ` Wolfram Schlich
  0 siblings, 1 reply; 8+ messages in thread
From: Wolfram Schlich @ 2007-11-27  1:27 UTC (permalink / raw
  To: gentoo-dev

* Wolfram Schlich <wschlich@gentoo.org> [2007-11-27 02:24]:
> * Hanno Böck <hanno@gentoo.org> [2007-11-26 15:39]:
> > [...]
> > So I'd like to unmask it soon. Please, if you're using mailman test it, tell 
> > me if it suits your needs or just give me feedback like "worksforme", I 
> > actually don't have a clue how many people really use this ebuild.
> 
> I get this using hardened-sources with activated grsecurity
> trusted path execution feature:
> 
> 2007-11-27 02:15:47 +01:00; alpha; kern.alert; kernel: grsec: From 127.0.0.6: \
> 	denied untrusted exec of /usr/lib/mailman/bin/mmsitepass by \
> 	/bin/bash[bash:14178] uid/euid:280/280 gid/egid:280/280, \
> 	parent /bin/bash[bash:14173] uid/euid:280/280 gid/egid:280/280
> 
> That's because /usr/lib/mailman/bin/ is group-writable.

Ok, that's not true :]

Using this configuration...
--8<--
CONFIG_GRKERNSEC_TPE=y
# CONFIG_GRKERNSEC_TPE_ALL is not set
CONFIG_GRKERNSEC_TPE_INVERT=y
CONFIG_GRKERNSEC_TPE_GID=1005
--8<--
...I have to add 'mailman' to group 1005.
-- 
Regards,
Wolfram Schlich <wschlich@gentoo.org>
Gentoo Linux * http://dev.gentoo.org/~wschlich/
--
gentoo-dev@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [gentoo-dev] net-mail/mailman-2.1.9-r2: Request for testing
  2007-11-27  1:27   ` Wolfram Schlich
@ 2007-11-27  1:46     ` Wolfram Schlich
  0 siblings, 0 replies; 8+ messages in thread
From: Wolfram Schlich @ 2007-11-27  1:46 UTC (permalink / raw
  To: gentoo-dev

* Wolfram Schlich <wschlich@gentoo.org> [2007-11-27 02:31]:
> * Wolfram Schlich <wschlich@gentoo.org> [2007-11-27 02:24]:
> > * Hanno Böck <hanno@gentoo.org> [2007-11-26 15:39]:
> > > [...]
> > > So I'd like to unmask it soon. Please, if you're using mailman test it, tell 
> > > me if it suits your needs or just give me feedback like "worksforme", I 
> > > actually don't have a clue how many people really use this ebuild.
> > 
> > I get this using hardened-sources with activated grsecurity
> > trusted path execution feature:
> > 
> > 2007-11-27 02:15:47 +01:00; alpha; kern.alert; kernel: grsec: From 127.0.0.6: \
> > 	denied untrusted exec of /usr/lib/mailman/bin/mmsitepass by \
> > 	/bin/bash[bash:14178] uid/euid:280/280 gid/egid:280/280, \
> > 	parent /bin/bash[bash:14173] uid/euid:280/280 gid/egid:280/280
> > 
> > That's because /usr/lib/mailman/bin/ is group-writable.
> 
> Ok, that's not true :]
> 
> Using this configuration...
> --8<--
> CONFIG_GRKERNSEC_TPE=y
> # CONFIG_GRKERNSEC_TPE_ALL is not set
> CONFIG_GRKERNSEC_TPE_INVERT=y
> CONFIG_GRKERNSEC_TPE_GID=1005
> --8<--
> ...I have to add 'mailman' to group 1005.

Ok, it get's worse: for the mailman webinterface, I'd have to add
'apache' to group 1005 as well, opening up even bigger holes.
No way! So, emerge -C mailman, that is :(
Too bad.
-- 
Regards,
Wolfram Schlich <wschlich@gentoo.org>
Gentoo Linux * http://dev.gentoo.org/~wschlich/
--
gentoo-dev@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [gentoo-dev] net-mail/mailman-2.1.9-r2: Request for testing
  2007-11-27  1:11 ` Wolfram Schlich
@ 2007-11-27  1:55   ` René 'Necoro' Neumann
  2007-11-27 11:23     ` [gentoo-dev] " Duncan
  0 siblings, 1 reply; 8+ messages in thread
From: René 'Necoro' Neumann @ 2007-11-27  1:55 UTC (permalink / raw
  To: gentoo-dev

Wolfram Schlich schrieb:
> * Hanno Böck <hanno@gentoo.org> [2007-11-26 15:39]:
>> [...]
>> So I'd like to unmask it soon. Please, if you're using mailman test it, tell 
>> me if it suits your needs or just give me feedback like "worksforme", I 
>> actually don't have a clue how many people really use this ebuild.
> 
> pkg_postinst() says...
> --8<--
>  * Please read /usr/share/doc/mailman-2.1.9-r2/README.gentoo.gz for additional
>  * Setup information, mailman will NOT run unless you follow
>  * those instructions!
> --8<--
> ...but that README actually has .bz2 instead of .gz on my system :)

Depends on what PORTAGE_COMPRESS is set to ;) (Don't know WHERE this is
actually being set - but different systems seem to have different values
here).

- Necoro
-- 
gentoo-dev@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 8+ messages in thread

* [gentoo-dev]  Re: net-mail/mailman-2.1.9-r2: Request for testing
  2007-11-27  1:55   ` René 'Necoro' Neumann
@ 2007-11-27 11:23     ` Duncan
  0 siblings, 0 replies; 8+ messages in thread
From: Duncan @ 2007-11-27 11:23 UTC (permalink / raw
  To: gentoo-dev

René 'Necoro' Neumann <lists@necoro.eu> posted 474B78FC.6070609@necoro.eu,
excerpted below, on  Tue, 27 Nov 2007 02:55:08 +0100:

> Depends on what PORTAGE_COMPRESS is set to ;) (Don't know WHERE this is
> actually being set - but different systems seem to have different values
> here).

That's a newer portage make.conf variable; see the manpage.  Apparently 
newer versions default to bz2, while older versions (before the setting 
was exposed as a variable) may have defaulted to gz.  However, the user 
can now set any sort of exotic compression type he likes.  (zip, rar, 
7zip, zoo, anyone?)

-- 
Duncan - List replies preferred.   No HTML msgs.
"Every nonfree program has a lord, a master --
and if you use the program, he is your master."  Richard Stallman

-- 
gentoo-dev@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 8+ messages in thread

end of thread, other threads:[~2007-11-27 11:27 UTC | newest]

Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-11-26 14:36 [gentoo-dev] net-mail/mailman-2.1.9-r2: Request for testing Hanno Böck
2007-11-27  0:49 ` Wolfram Schlich
2007-11-27  1:11 ` Wolfram Schlich
2007-11-27  1:55   ` René 'Necoro' Neumann
2007-11-27 11:23     ` [gentoo-dev] " Duncan
2007-11-27  1:18 ` [gentoo-dev] " Wolfram Schlich
2007-11-27  1:27   ` Wolfram Schlich
2007-11-27  1:46     ` Wolfram Schlich

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox