I'm also running into permission errors with Postgres - user does not have permissions on public schema. I didn't see anything in the docs about how to grant proper access to these tables.
Thank you, Paul 'Arte Chambers' Robey 502-408-6922 On Mon, Nov 4, 2024 at 4:51 AM Odhiambo Washington via Mailman-users < mailman-users@mailman3.org> wrote: > On Mon, Nov 4, 2024 at 12:36 PM Gerald Vogt <v...@spamcop.net> wrote: > > > On 04.11.24 09:13, Odhiambo Washington via Mailman-users wrote: > > > On Mon, Nov 4, 2024 at 10:34 AM Gerald Vogt <v...@spamcop.net> wrote: > > >> On your server it looks like this: > > >> > > >> # ls -la /etc/mailman3 > > >> total 28 > > >> drwxr-xr-x. 2 root mailman 95 Oct 25 08:12 . > > >> drwxr-xr-x. 99 root root 8192 Oct 29 07:42 .. > > >> -rw-r--r--. 1 root mailman 266 Oct 25 07:37 gunicorn.conf > > >> -rw-r-----. 1 root mailman 92 Nov 21 2023 mailman-hyperkitty.cfg > > >> -rw-r-----. 1 root mailman 797 Sep 9 11:20 mailman.cfg > > >> -rw-r-----. 1 root mailman 3015 Oct 25 08:12 settings.py > > >> > > >> and it works just fine. > > >> > > > > > > True, but making the mailman user own the files makes life easier when > > you > > > operate from the virtualenv - > > > you do not have to exit the virtualenv to edit the files in > > /etc/mailman3, > > > and then re-enter the virtualenv. > > > > The virtualenv doesn't change the current uid. That doesn't make a > > difference. > > > > > You do not have to give the mailman user sudoer rights. That's the > whole > > > point about the below: > > > > > > ``` > > > sudo mkdir /etc/mailman3 > > > sudo chown mailman:mailman /etc/mailman3 > > > sudo chmod 755 /etc/mailman3 > > > ``` > > > > Well, that essentially was my question: why does the mailman user > > require sudo rights? > > > Mark did not say that the mailman user required sudo access. Please re-read > what he said. > > > > Why does it need to be able to write or change > > those files/directories? Except for the convenience which isn't a reason > > to weaken security. > > > > Make me understand how the security is weakened. The Mailman user account > has no password so cannot login from outside. > Even if it was able to login, it will still end up only accessing $home and > /etc/mailman3, no? > > > > In respect to security, i.e. separation of the service user from write > > access to it's core configuration files, it should not be done unless > > absolutely necessary. > > > Sorry, I didn't understand that. > > > -- > Best regards, > Odhiambo WASHINGTON, > Nairobi,KE > +254 7 3200 0004/+254 7 2274 3223 > In an Internet failure case, the #1 suspect is a constant: DNS. > "Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-) > [How to ask smart questions: > http://www.catb.org/~esr/faqs/smart-questions.html] > _______________________________________________ > Mailman-users mailing list -- mailman-users@mailman3.org > To unsubscribe send an email to mailman-users-le...@mailman3.org > https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/ > Archived at: > https://lists.mailman3.org/archives/list/mailman-users@mailman3.org/message/5J6LDEQDGUFSCXBBRSCAJXKC5JHSMRKL/ > > This message sent to paul.m.ro...@gmail.com > _______________________________________________ Mailman-users mailing list -- mailman-users@mailman3.org To unsubscribe send an email to mailman-users-le...@mailman3.org https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/ Archived at: https://lists.mailman3.org/archives/list/mailman-users@mailman3.org/message/WMLXNYPY6KBCU7XXYI33VZL7LMJEDYAK/ This message sent to arch...@mail-archive.com
