[BlueOnyx:21742] Re: Broken mailman since last yum

[Michael Stauber]

Hi Chris,

> The Mailman error log (snipped below) seems to reference a permissions
> issue.   Changing the directory permissions on /var/lock/mailman to 777
> alleviates the error, but that seems like it could be a bit of a
> security issue.

I checked a few boxes of mine and I don't see a general problem. So I
think it might be something specific on one of your servers.

The directory /var/lock/mailman should have "drwxrwsr-x" permissions
(octal: 42775) and be owned by root:mailman. So the "s" in there says:
"set group ID is on execution".

[root at 5209r]# ls -la /var/lock/
insgesamt 0
drwxr-xr-x  5 root root    100 13. Feb 04:06 .
drwxr-xr-x 17 root root    400 12. Feb 06:04 ..
drwxrwxr-x  2 root lock     40  5. Feb 14:36 lockdev
drwxrwsr-x  2 root mailman  80 13. Feb 17:55 mailman
drwxr-xr-x  2 root root    180 13. Feb 17:45 subsys

The lockfiles inside should be owned by mailman:mailman, hence there
should be no need for more leeway permission wise.

[root at 5209r]# ls -la /var/lock/mailman
insgesamt 8
drwxrwsr-x 2 root    mailman  80 13. Feb 17:55 .
drwxr-xr-x 5 root    root    100 13. Feb 04:06 ..
-rw-rw-r-- 2 mailman mailman  42 14. Feb 2018  master-qrunner
-rw-rw-r-- 2 mailman mailman  42 14. Feb 2018  master-qrunner.5209r.769

It's perhaps possible that your mailman has lost a suid-bit somewhere
along the line on one of the executables that needs it.

My recommendation: "yum reinstall mailman" and it should be OK again.

-- 
With best regards

Michael Stauber