I'm also running into permission errors with Postgres - user does not have
permissions on public schema. I didn't see anything in the docs about how
to grant proper access to these tables.

Thank you,
Paul 'Arte Chambers' Robey
502-408-6922


On Mon, Nov 4, 2024 at 4:51 AM Odhiambo Washington via Mailman-users <
mailman-users@mailman3.org> wrote:

> On Mon, Nov 4, 2024 at 12:36 PM Gerald Vogt <v...@spamcop.net> wrote:
>
> > On 04.11.24 09:13, Odhiambo Washington via Mailman-users wrote:
> > > On Mon, Nov 4, 2024 at 10:34 AM Gerald Vogt <v...@spamcop.net> wrote:
> > >> On your server it looks like this:
> > >>
> > >> # ls -la /etc/mailman3
> > >> total 28
> > >> drwxr-xr-x.  2 root mailman   95 Oct 25 08:12 .
> > >> drwxr-xr-x. 99 root root    8192 Oct 29 07:42 ..
> > >> -rw-r--r--.  1 root mailman  266 Oct 25 07:37 gunicorn.conf
> > >> -rw-r-----.  1 root mailman   92 Nov 21  2023 mailman-hyperkitty.cfg
> > >> -rw-r-----.  1 root mailman  797 Sep  9 11:20 mailman.cfg
> > >> -rw-r-----.  1 root mailman 3015 Oct 25 08:12 settings.py
> > >>
> > >> and it works just fine.
> > >>
> > >
> > > True, but making the mailman user own the files makes life easier when
> > you
> > > operate from the virtualenv -
> > > you do not have to exit the virtualenv to edit the files in
> > /etc/mailman3,
> > > and then re-enter the virtualenv.
> >
> > The virtualenv doesn't change the current uid. That doesn't make a
> > difference.
> >
> > > You do not have to give the mailman user sudoer rights. That's the
> whole
> > > point about the below:
> > >
> > > ```
> > > sudo mkdir /etc/mailman3
> > > sudo chown mailman:mailman /etc/mailman3
> > > sudo chmod 755 /etc/mailman3
> > > ```
> >
> > Well, that essentially was my question: why does the mailman user
> > require sudo rights?
>
>
> Mark did not say that the mailman user required sudo access. Please re-read
> what he said.
>
>
> > Why does it need to be able to write or change
> > those files/directories? Except for the convenience which isn't a reason
> > to weaken security.
> >
>
> Make me understand how the security is weakened. The Mailman user account
> has no password so cannot login from outside.
> Even if it was able to login, it will still end up only accessing $home and
> /etc/mailman3, no?
>
>
> > In respect to security, i.e. separation of the service user from write
> > access to it's core configuration files, it should not be done unless
> > absolutely necessary.
>
>
> Sorry, I didn't understand that.
>
>
> --
> Best regards,
> Odhiambo WASHINGTON,
> Nairobi,KE
> +254 7 3200 0004/+254 7 2274 3223
>  In an Internet failure case, the #1 suspect is a constant: DNS.
> "Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-)
> [How to ask smart questions:
> http://www.catb.org/~esr/faqs/smart-questions.html]
> _______________________________________________
> Mailman-users mailing list -- mailman-users@mailman3.org
> To unsubscribe send an email to mailman-users-le...@mailman3.org
> https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/
> Archived at:
> https://lists.mailman3.org/archives/list/mailman-users@mailman3.org/message/5J6LDEQDGUFSCXBBRSCAJXKC5JHSMRKL/
>
> This message sent to paul.m.ro...@gmail.com
>
_______________________________________________
Mailman-users mailing list -- mailman-users@mailman3.org
To unsubscribe send an email to mailman-users-le...@mailman3.org
https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/
Archived at: 
https://lists.mailman3.org/archives/list/mailman-users@mailman3.org/message/WMLXNYPY6KBCU7XXYI33VZL7LMJEDYAK/

This message sent to arch...@mail-archive.com

Reply via email to