areguera / rpms / mailman

Forked from rpms/mailman 5 years ago
Clone

Blame SOURCES/mailman.INSTALL.REDHAT.in

5c2a97
This file contains instructions for how to complete the installation
5c2a97
of mailman after you have installed the Red Hat mailman RPM. There are
5c2a97
certain items you will need to manually configure as the RPM is not
5c2a97
capable of doing every installation and confirguration task.
5c2a97
5c2a97
First, you should note that the RPM has installed mailman in the
5c2a97
following directory:
5c2a97
@prefix@
5c2a97
You may want to examine this directory to find additional mailman
5c2a97
documentation, or other mailman files.
5c2a97
5c2a97
IMPORTANT NOTE FOR USERS UPGRADING FROM A PREVIOUS RED HAT MAILMAN
5c2a97
INSTALLATION OR THOSE FAMILAR WITH "STANDARD MAILMAN INSTALLATIONS"
5c2a97
5c2a97
    Earlier Red Hat mailman rpms installed all of the mailman files under
5c2a97
    /var/mailman. This did not conform to the Filesystem Hierarchy
5c2a97
    Standard (FHS) and created security violations when SELinux is
5c2a97
    enabled. As of mailman-2.1.5-21 the following directory and file
5c2a97
    changes occurred:
5c2a97
5c2a97
    variable data (e.g. lists) is in @VAR_PREFIX@, library code,
5c2a97
    executables, and scripts are located in @prefix@, lock files are in
5c2a97
    @LOCK_DIR@, the pid file is in @PID_DIR@, qfiles are in @QUEUE_DIR@,
5c2a97
    and configuration files have been moved to the new @CONFIG_DIR@.
5c2a97
5c2a97
    If you previously had mailman installed and have edited files in
5c2a97
    /var/mailman (e.g. configuration) you will need to move those changes
5c2a97
    to their new locations.
5c2a97
5c2a97
    A script has been provided to aid in the task of migrating your
5c2a97
    mailman datafiles, it is contrib/migrate-fhs, run with -h for help
5c2a97
    information.
5c2a97
5c2a97
    The mapping of old locations to new locations is as follows:
5c2a97
5c2a97
    Directory Mapping:
5c2a97
    /var/mailman				--> /var/lib/mailman
5c2a97
    /var/mailman/Mailman			--> /usr/lib/mailman/Mailman
5c2a97
    /var/mailman/archives			--> /var/lib/mailman/archives
5c2a97
    /var/mailman/bin				--> /usr/lib/mailman/bin
5c2a97
    /var/mailman/cgi-bin			--> /usr/lib/mailman/cgi-bin
5c2a97
    /var/mailman/cron				--> /usr/lib/mailman/cron
5c2a97
    /var/mailman/data				--> /var/lib/mailman/data
5c2a97
    /var/mailman/lists				--> /var/lib/mailman/lists
5c2a97
    /var/mailman/locks				--> /var/lock/mailman
5c2a97
    /var/mailman/logs				--> /var/log/mailman
5c2a97
    /var/mailman/mail				--> /usr/lib/mailman/mail
5c2a97
    /var/mailman/messages			--> /usr/lib/mailman/messages
5c2a97
    /var/mailman/pythonlib			--> /usr/lib/mailman/pythonlib
5c2a97
    /var/mailman/qfiles				--> /var/spool/mailman
5c2a97
    /var/spool/mailman/qfiles			--> /var/spool/mailman
5c2a97
    /var/mailman/scripts			--> /usr/lib/mailman/scripts
5c2a97
    /var/mailman/spam				--> /var/lib/mailman/spam
5c2a97
    /var/mailman/templates			--> /usr/lib/mailman/templates
5c2a97
    /var/mailman/tests				--> /usr/lib/mailman/tests
5c2a97
5c2a97
    File Mapping:
5c2a97
    /var/mailman/data/adm.pw			--> /etc/mailman/adm.pw
5c2a97
    /var/mailman/data/creator.pw		--> /etc/mailman/creator.pw
5c2a97
    /var/mailman/data/aliases			--> /etc/mailman/aliases
5c2a97
    /var/mailman/data/virtual-mailman		--> /etc/mailman/virtual-mailman
5c2a97
    /var/mailman/data/sitelist.cfg		--> /etc/mailman/sitelist.cfg
5c2a97
    /var/mailman/data/master-qrunner.pid	--> /var/run/mailman/master-qrunner.pid
5c2a97
5c2a97
    Discussion of directory and file relocation:
5c2a97
5c2a97
    Two new directories were created and three existing directories which
5c2a97
    were hardcoded are now configurable.
5c2a97
5c2a97
    PID_DIR is used to hold the process id and is new because FHS wants
5c2a97
    pid files to be located in /var/run. The FHS says when there is only a
5c2a97
    single pid file it should be located in /var/run/<name>.pid, and when
5c2a97
    there are multiple pid's files they should be located together in a
5c2a97
    subdirectory, /var/run/<name>/. Currently mailman only has a single
5c2a97
    pid file, but it does have multiple processes (qrunners). Also SELinux
5c2a97
    security policy is easier to write if processes are segregated into
5c2a97
    individual subdirectories. Therefore we elected to place the mailman
5c2a97
    pid file in its own subdirectory, there is some debate if this is 100%
5c2a97
    FHS compliant because there is only currently a single pid file, but
5c2a97
    this gives us greater future flexibility and is in the spirit of FHS.
5c2a97
5c2a97
    CONFIG_DIR is used to hold the site configuration files. FHS wants
5c2a97
    configuration files stored in /etc/mailman. Previously configuration
5c2a97
    files were mixed in with data files in DATA_DIR and with the run-time
5c2a97
    code (e.g. Mailman/mm_cfg.py). CONFIG_DIR continues to exist but is
5c2a97
    now restricted to data files (e.g. python pickle files). The password
5c2a97
    files, alias files, and .cfg (e.g. sitelist.cfg) files have been moved
5c2a97
    to CONFIG_DIR. mm_cfg.py which is the primary mailman configuration
5c2a97
    file was presented a bit of a dilemma. In theory it should be located
5c2a97
    in /etc/mailman, however it is executable code which argues it should
5c2a97
    be located with the other executable files, it has traditionally lived
5c2a97
    in $PREFIX/Mailman and experienced mailman admins will expect to find
5c2a97
    it there. Modifying all the mm_cfg import statements and paths.py was
5c2a97
    believed to be too invasive a change, and technically its part of the
5c2a97
    "Mailman" package and moving it would take it out of the package
5c2a97
    (although currently I don't think that presents any known
5c2a97
    issues). Instead a compromise approach was adopted, mm_cfg.py is
5c2a97
    symbolically linked into the /etc/mailman directory pointing to
5c2a97
    $PREFIX/Mailman/mm_cfg.py. Thus mm_cfg.py "appears" in the
5c2a97
    configuration directory but retains its traditional location, this was
5c2a97
    deemed a reasonable compromise for the mailman 2.1.x timeframe.
5c2a97
5c2a97
    sitelist.cfg has a symbolic link in its old location in the DATA_DIR
5c2a97
    pointing to its new location in the CONFIG_DIR.
5c2a97
5c2a97
    New Directories (can be specified as parameter to configure):
5c2a97
5c2a97
    CONFIG_DIR:	default=$VAR_PREFIX/data		FHS=/etc/mailman
5c2a97
    PID_DIR		default=$VAR_PREFIX/data	FHS=/var/run/mailman
5c2a97
5c2a97
    Existing directories that can now be specified as parameter to configure:
5c2a97
5c2a97
    LOCK_DIR:	default=$VAR_PREFIX/locks	FHS=/var/lock/mailman
5c2a97
    LOG_DIR:	default=$VAR_PREFIX/logs	FHS=/var/log/mailman
5c2a97
    QUEUE_DIR	default=$VAR_PREFIX/qfiles	FHS=/var/spool/mailman
5c2a97
5c2a97
You can find addition documentation in the
5c2a97
@DOC_DIR@/README.* files and/or
5c2a97
@prefix@/README.* files.
5c2a97
5c2a97
Mailman is an open source project and full documentation, current
5c2a97
sources, patches, etc. can be found at the following official mailman
5c2a97
web sites:
5c2a97
5c2a97
http://www.gnu.org/software/mailman/mailman.html
5c2a97
http://www.list.org
5c2a97
5c2a97
1. Final installation instructions:
5c2a97
5c2a97
    Congratulations!  You've installed the Mailman software.  To get
5c2a97
    everything running you need to hook Mailman up to both your web
5c2a97
    server and your mail system.
5c2a97
5c2a97
    - If you plan on running your MTA and web server on different
5c2a97
      machines, sharing Mailman installations via NFS, be sure that
5c2a97
      the clocks on those two machines are synchronized closely.  You
5c2a97
      might take a look at the file Mailman/LockFile.py; the constant
5c2a97
      CLOCK_SLOP helps the locking mechanism compensate for clock skew
5c2a97
      in this type of environment.
5c2a97
5c2a97
    - Configure your web server. The RPM has made the assumption you
5c2a97
      are running the apache web server (httpd). The RPM has installed
5c2a97
      a mailman config file (@HTTPD_CONF_FILE@) in @HTTPD_CONF_DIR@.
5c2a97
      You should edit the file to set your domain, see the
5c2a97
      instructions in the config file.
5c2a97
5c2a97
      Now restart your web server so the new settings take effect:
5c2a97
5c2a97
      % /sbin/service httpd restart
5c2a97
5c2a97
    - Create the site password using:
5c2a97
5c2a97
      % @prefix@/bin/mmsitepass <your-site-password>
5c2a97
5c2a97
      This password can be used anywhere that individual user or
5c2a97
      mailing list administrator passwords are required, giving the
5c2a97
      mailman site administrator the ability to adjust these things
5c2a97
      when necessary.
5c2a97
5c2a97
      You may also want to create a password for the site-wide "list
5c2a97
      creator" role (someone other than the site administrator who as
5c2a97
      privileges to create and remove lists through the web).  Use the
5c2a97
      -c option to mmsitepass to set this.
5c2a97
5c2a97
    - Set the values for DEFAULT_EMAIL_HOST and DEFAULT_URL_HOST in
5c2a97
      @prefix@/Mailman/mm_cfg.py file if the fqdn of the host you are
5c2a97
      running mailman on is not the email and url host you need to use.
5c2a97
5c2a97
    - Update Mailman list files to new verson by running:
5c2a97
      @prefix@/bin/update
5c2a97
5c2a97
      Users upgrading from previous releases of this package may need
5c2a97
      to move their data or adjust the configuration files to point to
5c2a97
      the locations where their data is.
5c2a97
5c2a97
    - Create a "site-wide" mailing list (Note: this must be done
5c2a97
      before starting the mailman daemon). This is the one that
5c2a97
      password reminders will appear to come from.  Usually this
5c2a97
      should be the "mailman" mailing list, but if you need to change
5c2a97
      this, be sure to change the MAILMAN_SITE_LIST variable in
5c2a97
      mm_cfg.py (see below).
5c2a97
5c2a97
      % @prefix@/bin/newlist mailman
5c2a97
5c2a97
      Follow the prompts, and see the README file for more
5c2a97
      information.
5c2a97
5c2a97
    - Start the Mailman qrunner daemon
5c2a97
5c2a97
      As of mailman version 2.1 mailman requires a service (daemon) to be
5c2a97
      run for mailman to operate. RedHat does not ship RPM's that enable
5c2a97
      services as part of package installation. You will need to enable
5c2a97
      the mailman service if you want mailman to run.
5c2a97
5c2a97
      To enable the mailman service after package installation you may run
5c2a97
      the "serviceconf" GUI tool, or you may do the following on the
5c2a97
      command line as root.
5c2a97
5c2a97
      /sbin/service mailman start
5c2a97
5c2a97
      To have the mailman service automatically start at certain run
5c2a97
      levels (replace the runlevel below with your desired run levels, for
5c2a97
      example to start mailman at run levels 3 and 5 runlevel would be 35:
5c2a97
5c2a97
      /sbin/chkconfig --level runlevel mailman on
5c2a97
5c2a97
    - You should then subscribe yourself to the mailman list.
5c2a97
5c2a97
5c2a97
2. Customize Mailman
5c2a97
5c2a97
    You should do these steps using the account you installed Mailman
5c2a97
    under in section 2 above.
5c2a97
5c2a97
    - The file @prefix@/Mailman/Defaults.py contains a number of
5c2a97
      defaults for your installation.  If any of these are incorrect,
5c2a97
      override them in @prefix@/Mailman/mm_cfg.py.
5c2a97
5c2a97
      DO NOT EDIT Defaults.py!
5c2a97
5c2a97
      Note: If you have upgraded your mailman installation RPM will
5c2a97
      save a copy of your previous version of mm_cfg.py in
5c2a97
      mm_cfg.py.rpmsave.
5c2a97
5c2a97
      See the comments in Defaults.py for details.  Once a list is
5c2a97
      created, editing many of these variables will have no effect.
5c2a97
      At that point, you'll need to configure your lists through the
5c2a97
      web admin interface or through the command line script
5c2a97
      @prefix@/bin/withlist or @prefix@/bin/config_list.
5c2a97
5c2a97
      Note: Do *not* change HOME_DIR or MAILMAN_DIR.  These are set
5c2a97
      automatically by the configure script when the RPM was created.
5c2a97
5c2a97
    - Create the site password using:
5c2a97
5c2a97
      % @prefix@/bin/mmsitepass <your-site-password>
5c2a97
5c2a97
      This password can be used anywhere that individual user or
5c2a97
      mailing list administrator passwords are required, giving the
5c2a97
      mailman site administrator the ability to adjust these things
5c2a97
      when necessary.
5c2a97
5c2a97
      You may also want to create a password for the site-wide "list
5c2a97
      creator" role (someone other than the site administrator who as
5c2a97
      privileges to create and remove lists through the web).  Use the
5c2a97
      -c option to mmsitepass to set this.
5c2a97
5c2a97
5c2a97
3. Troubleshooting
5c2a97
5c2a97
    If you encounter problems with running Mailman, first check the
5c2a97
    "Common Problems" section, below.  If your problem is not covered
5c2a97
    there, check both the FAQ file and the online FAQ Wizard.
5c2a97
    Check for errors in the mailman log files which can be found in
5c2a97
5c2a97
    @LOG_DIR@
5c2a97
5c2a97
    Mailman logs errors to this file:
5c2a97
5c2a97
    @LOG_DIR@/error
5c2a97
5c2a97
    If you encounter an error, send an error report to
5c2a97
    mailman-users@python.org.  Include a description of what you're
5c2a97
    doing to cause the problem, and the relevant lines from your
5c2a97
    syslog.  Also include information on your operating system, which
5c2a97
    version of Python you're using, and which version of Mailman
5c2a97
    you're installing.
5c2a97
5c2a97
5c2a97
4. Common Problems
5c2a97
5c2a97
    Problem:  All Mailman web pages give a 404 File not found error.
5c2a97
5c2a97
    Solution: Your web server has not been set up properly for handling
5c2a97
              Mailman's cgi commands.  Make sure you've:
5c2a97
5c2a97
              1) Configured the web server to give permissions to
5c2a97
                 @prefix@/cgi-bin
5c2a97
              2) Restarted the web server properly.
5c2a97
5c2a97
              Consult your web server's documentation for instructions
5c2a97
              on how to do these things.
5c2a97
5c2a97
5c2a97
    Problem:  All Mailman web pages give an "Internal Server Error".
5c2a97
5c2a97
    Solution: The likely problem is that you are using the wrong GID or
5c2a97
              UID for CGI scripts.  Check your syslog.  If you see, for
5c2a97
              example, a line like:
5c2a97
5c2a97
                  Attempt to exec script with invalid gid 51, expected 99
5c2a97
5c2a97
              You need to reinstall Mailman, and specify $CGI_GID to be 51,
5c2a97
              as described in the installation instructions.
5c2a97
5c2a97
5c2a97
    Problem:  I send mail to the list, and get back mail saying the
5c2a97
              list is not found!
5c2a97
5c2a97
    Solution: You probably didn't add the necessary aliases to the system
5c2a97
              alias database, given to you when you ran the newlist
5c2a97
              command.  If you did add them, you likely did not update
5c2a97
              the alias database, or your system requires you to run
5c2a97
              newaliases explicitly.  Refer to section 5 above for
5c2a97
              more information.
5c2a97
5c2a97
5c2a97
    Problem:  I send mail to the list, and get back mail saying,
5c2a97
              "unknown mailer error".
5c2a97
5c2a97
    Solution: The likely problem is that you are using the wrong GID or
5c2a97
              UID for mail.  Check your syslog.  If you see, for
5c2a97
              example, a line like:
5c2a97
5c2a97
                  Attempt to exec script with invalid gid 51, expected 99
5c2a97
5c2a97
              You need to reinstall Mailman, and specify $MAIL_GID to
5c2a97
              be 51, as described in the installation
5c2a97
              instructions. see notes on Postfix below, as by default
5c2a97
              it will create these problems on installation.
5c2a97
5c2a97
5c2a97
    Problem:  I use Postfix for my MTA and the mail wrapper programs
5c2a97
              are logging complaints about the wrong GID.
5c2a97
5c2a97
    Solution: Create a separate aliases file for Postfix in its
5c2a97
              main.cf config file under the variable "alias_maps". Put
5c2a97
              the file somewhere in Mailman's home directory, or
5c2a97
              somewhere else where the user mailman has write access
5c2a97
              to it; *as user mailman* call Postfix's "postalias" on the
5c2a97
              alias file.
5c2a97
5c2a97
              % postalias <the alias file>
5c2a97
5c2a97
              Also as user mailman, run
5c2a97
5c2a97
              % python -c'import os; print os.getgid()'
5c2a97
5c2a97
              This should print out the group id that Mailman should
5c2a97
              be configured to expect when the mail wrapper programs
5c2a97
              are run.  Call it "thegid".  Rebuild Mailman with
5c2a97
5c2a97
              % ./configure --with-mail-gid=thegid
5c2a97
5c2a97
              See also the "Using the Postfix mail server" section of
5c2a97
              the mailman installation manual for more information on
5c2a97
              connecting Postfix and Mailman.  The manual is available
5c2a97
              in several formats at /usr/share/doc/mailman-*/admin/www.
5c2a97
5c2a97
5c2a97
    Problem:  I send mail to the list, and get back mail saying,
5c2a97
              "sh: mailman not available for sendmail programs"
5c2a97
5c2a97
    Solution: Your system uses sendmail restricted shell (smrsh).  You
5c2a97
              need to configure smrsh by creating a symbolic link from
5c2a97
              the mail wrapper (@prefix@/mail/mailman) to the directory
5c2a97
              identifying executables allowed to run under smrsh.
5c2a97
5c2a97
              Some common names for this directory are
5c2a97
              /var/admin/sm.bin, /usr/admin/sm.bin or /etc/smrsh.
5c2a97
5c2a97
              Note that on Debian Linux, the system makes
5c2a97
              /usr/lib/sm.bin, which is wrong, you will need to create
5c2a97
              the directory /usr/admin/sm.bin and add the link there.
5c2a97
              Note further any aliases newaliases spits out will need
5c2a97
              to be adjusted to point to the secure link to the
5c2a97
              wrapper.
5c2a97
5c2a97
5c2a97
    Problem:  I messed up when I called configure.  How do I clean
5c2a97
              things up and re-install?
5c2a97
5c2a97
    Solution: % make clean
5c2a97
              % ./configure --with-the-right-options
5c2a97
              % make install
5c2a97
5c2a97
5c2a97
-------------------- Other Useful Information -----------------
5c2a97
5c2a97
RPM Preserves User Modified Files
5c2a97
---------------------------------
5c2a97
5c2a97
The rpm during installation will preserve changes you have made to
5c2a97
configuration files and templates from a previous installation. This
5c2a97
is almost always what is desired. However you may want to check for
5c2a97
the existence of files with either the .rpmsave or the .rpmnew
5c2a97
extension and verify if any of these backup files created during the
5c2a97
RPM install exist and if you are indeed using the version of the file
5c2a97
you desire.
5c2a97
5c2a97
Note: The installation directory for non-data files changed from
5c2a97
@VAR_PREFIX@ to @prefix@ in mailman-2.1.5-20. Configuration files and
5c2a97
templates that were user modified in a previous installation will need
5c2a97
to manually move those changes from the earlier @VAR_PREFIX@ to the
5c2a97
new @prefix@ installation directory.
5c2a97
5c2a97
Here are a few commands that will aid you in this process:
5c2a97
5c2a97
List any rpm backup files in the mailman installation directory:
5c2a97
5c2a97
% find @prefix@ @VAR_PREFIX@ -name '*.rpm*'
5c2a97
5c2a97
List any configuration files NOT in the mailman installation directory
5c2a97
you might miss with the above command which also have the potental for
5c2a97
backup copies. Given this short list you'll have to look for a
5c2a97
matching backup file.
5c2a97
5c2a97
% rpm -qc mailman | egrep -v '@prefix@|@VAR_PREFIX@'
5c2a97
5c2a97
When rpm preserves a user modified file it installs the newest version
5c2a97
of the file by appending the .rpmnew extension to the file name thus
5c2a97
preserving the file but making the latest version avialable. If rpm
5c2a97
replaces a user modified file the file being replaced is renamed to
5c2a97
have the .rpmsave extension. RPM only performs these backup operations
5c2a97
if the file is marked as being a configuration file in the rpm spec
5c2a97
file, it is not performed in general on all files in the package.
5c2a97
5c2a97
5c2a97
Mailman Cron Jobs:
5c2a97
------------------
5c2a97
5c2a97
Mailman relies on the cron daemon to schedule periodic actions. These
5c2a97
are contained in a crontab file. Previous versions of the mailman RPM
5c2a97
from Red Hat created the cron jobs by running the crontab(1) command
5c2a97
during the RPM installation phase. The cron jobs are now handled
5c2a97
slightly differently. Rather than invoking crontab which loaded the
5c2a97
cron jobs into a private cron file a mailman crontab file is installed
5c2a97
into /etc/cron.d. The crontab file and the commands it runs were
5c2a97
modified from the upstream distribution so these commands would run
5c2a97
under the correct SELinux security profile.
5c2a97
5c2a97
Previously the cron jobs were installed when the RPM was
5c2a97
installed. This was less than optimal because the act of having the
5c2a97
mailman RPM installed on a system should not cause the cron jobs to
5c2a97
run. A better solution is to only run the mailman cron jobs if the
5c2a97
mailman service is enabled. This is accomplished by installing the
5c2a97
mailman crontab file in /etc/cron.d when the mailman service is
5c2a97
started by mailman init.d script (e.g. either at boot time or via
5c2a97
/sbin/service). When the mailman service is stopped the crontab file
5c2a97
is removed from /etc/cron.d. The crontab file is copied from
5c2a97
@prefix@/cron/crontab.in to /etc/cron.d/mailman. Thus if you edit the
5c2a97
cron jobs you will need to edit the master copy in @prefix@/cron
5c2a97
otherwise your edits will be lost the next time the mailman service is
5c2a97
started or restarted. To pick up any changes made to the crontab file
5c2a97
edit the master copy in @prefix@/cron and then use /sbin/service to
5c2a97
restart mailman (e.g. /sbin/service mailman restart). Some may wonder
5c2a97
why the crontab file in /etc/cron.d is not symbolically linked to the
5c2a97
master copy when the service starts and unlinked when it stops. The
5c2a97
reason is because newer versions of cron will refuse for security
5c2a97
reasons to run any crontabs which are links to other files or
5c2a97
writeable by anybody else except root.
5c2a97
5c2a97
Choosing your MTA (sendmail or postfix) on Red Hat Systems:
5c2a97
-----------------------------------------------------------
5c2a97
5c2a97
Red Hat ships two different MTA's, sendmail and postfix. Because the
5c2a97
sendmail and postfix rpms's share file names when installed the
5c2a97
conflict is accomodated by utilizing the "alternatives" mechanism
5c2a97
which manages a set of links. When one of the MTA's is selected via
5c2a97
/usr/sbin/alternatives links are established which point to the
5c2a97
correct files for that MTA. There are two ways to select your MTA:
5c2a97
The system-switch-mail package contains a GUI front end to the
5c2a97
alternatives mechanism and /usr/bin/system-switch-mail is an easy way
5c2a97
to select your MTA, or you can invoke alternatives directly like this:
5c2a97
5c2a97
% /usr/sbin/alternatives --config mta
5c2a97
5c2a97
Note: Selecting your preferred MTA is distinct from configuring the
5c2a97
MTA, you will need to consult the documentation for the MTA you
5c2a97
selected for information on how to configure it.
5c2a97
5c2a97

5c2a97
Local Variables:
5c2a97
mode: indented-text
5c2a97
indent-tabs-mode: nil
5c2a97
End: