areguera / rpms / mailman

Forked from rpms/mailman 5 years ago
Clone
7812c9
This file contains instructions for how to complete the installation
7812c9
of mailman after you have installed the Red Hat mailman RPM. There are
7812c9
certain items you will need to manually configure as the RPM is not
7812c9
capable of doing every installation and confirguration task.
7812c9
7812c9
First, you should note that the RPM has installed mailman in the
7812c9
following directory:
7812c9
@prefix@
7812c9
You may want to examine this directory to find additional mailman
7812c9
documentation, or other mailman files.
7812c9
7812c9
IMPORTANT NOTE FOR USERS UPGRADING FROM A PREVIOUS RED HAT MAILMAN
7812c9
INSTALLATION OR THOSE FAMILAR WITH "STANDARD MAILMAN INSTALLATIONS"
7812c9
7812c9
    Earlier Red Hat mailman rpms installed all of the mailman files under
7812c9
    /var/mailman. This did not conform to the Filesystem Hierarchy
7812c9
    Standard (FHS) and created security violations when SELinux is
7812c9
    enabled. As of mailman-2.1.5-21 the following directory and file
7812c9
    changes occurred:
7812c9
7812c9
    variable data (e.g. lists) is in @VAR_PREFIX@, library code,
7812c9
    executables, and scripts are located in @prefix@, lock files are in
7812c9
    @LOCK_DIR@, the pid file is in @PID_DIR@, qfiles are in @QUEUE_DIR@,
7812c9
    and configuration files have been moved to the new @CONFIG_DIR@.
7812c9
7812c9
    If you previously had mailman installed and have edited files in
7812c9
    /var/mailman (e.g. configuration) you will need to move those changes
7812c9
    to their new locations.
7812c9
7812c9
    A script has been provided to aid in the task of migrating your
7812c9
    mailman datafiles, it is contrib/migrate-fhs, run with -h for help
7812c9
    information.
7812c9
7812c9
    The mapping of old locations to new locations is as follows:
7812c9
7812c9
    Directory Mapping:
7812c9
    /var/mailman				--> /var/lib/mailman
7812c9
    /var/mailman/Mailman			--> /usr/lib/mailman/Mailman
7812c9
    /var/mailman/archives			--> /var/lib/mailman/archives
7812c9
    /var/mailman/bin				--> /usr/lib/mailman/bin
7812c9
    /var/mailman/cgi-bin			--> /usr/lib/mailman/cgi-bin
7812c9
    /var/mailman/cron				--> /usr/lib/mailman/cron
7812c9
    /var/mailman/data				--> /var/lib/mailman/data
7812c9
    /var/mailman/lists				--> /var/lib/mailman/lists
7812c9
    /var/mailman/locks				--> /var/lock/mailman
7812c9
    /var/mailman/logs				--> /var/log/mailman
7812c9
    /var/mailman/mail				--> /usr/lib/mailman/mail
7812c9
    /var/mailman/messages			--> /usr/lib/mailman/messages
7812c9
    /var/mailman/pythonlib			--> /usr/lib/mailman/pythonlib
7812c9
    /var/mailman/qfiles				--> /var/spool/mailman
7812c9
    /var/spool/mailman/qfiles			--> /var/spool/mailman
7812c9
    /var/mailman/scripts			--> /usr/lib/mailman/scripts
7812c9
    /var/mailman/spam				--> /var/lib/mailman/spam
7812c9
    /var/mailman/templates			--> /usr/lib/mailman/templates
7812c9
    /var/mailman/tests				--> /usr/lib/mailman/tests
7812c9
7812c9
    File Mapping:
7812c9
    /var/mailman/data/adm.pw			--> /etc/mailman/adm.pw
7812c9
    /var/mailman/data/creator.pw		--> /etc/mailman/creator.pw
7812c9
    /var/mailman/data/aliases			--> /etc/mailman/aliases
7812c9
    /var/mailman/data/virtual-mailman		--> /etc/mailman/virtual-mailman
7812c9
    /var/mailman/data/sitelist.cfg		--> /etc/mailman/sitelist.cfg
7812c9
    /var/mailman/data/master-qrunner.pid	--> /var/run/mailman/master-qrunner.pid
7812c9
7812c9
    Discussion of directory and file relocation:
7812c9
7812c9
    Two new directories were created and three existing directories which
7812c9
    were hardcoded are now configurable.
7812c9
7812c9
    PID_DIR is used to hold the process id and is new because FHS wants
7812c9
    pid files to be located in /var/run. The FHS says when there is only a
7812c9
    single pid file it should be located in /var/run/<name>.pid, and when
7812c9
    there are multiple pid's files they should be located together in a
7812c9
    subdirectory, /var/run/<name>/. Currently mailman only has a single
7812c9
    pid file, but it does have multiple processes (qrunners). Also SELinux
7812c9
    security policy is easier to write if processes are segregated into
7812c9
    individual subdirectories. Therefore we elected to place the mailman
7812c9
    pid file in its own subdirectory, there is some debate if this is 100%
7812c9
    FHS compliant because there is only currently a single pid file, but
7812c9
    this gives us greater future flexibility and is in the spirit of FHS.
7812c9
7812c9
    CONFIG_DIR is used to hold the site configuration files. FHS wants
7812c9
    configuration files stored in /etc/mailman. Previously configuration
7812c9
    files were mixed in with data files in DATA_DIR and with the run-time
7812c9
    code (e.g. Mailman/mm_cfg.py). CONFIG_DIR continues to exist but is
7812c9
    now restricted to data files (e.g. python pickle files). The password
7812c9
    files, alias files, and .cfg (e.g. sitelist.cfg) files have been moved
7812c9
    to CONFIG_DIR. mm_cfg.py which is the primary mailman configuration
7812c9
    file was presented a bit of a dilemma. In theory it should be located
7812c9
    in /etc/mailman, however it is executable code which argues it should
7812c9
    be located with the other executable files, it has traditionally lived
7812c9
    in $PREFIX/Mailman and experienced mailman admins will expect to find
7812c9
    it there. Modifying all the mm_cfg import statements and paths.py was
7812c9
    believed to be too invasive a change, and technically its part of the
7812c9
    "Mailman" package and moving it would take it out of the package
7812c9
    (although currently I don't think that presents any known
7812c9
    issues). Instead a compromise approach was adopted, mm_cfg.py is
7812c9
    symbolically linked into the /etc/mailman directory pointing to
7812c9
    $PREFIX/Mailman/mm_cfg.py. Thus mm_cfg.py "appears" in the
7812c9
    configuration directory but retains its traditional location, this was
7812c9
    deemed a reasonable compromise for the mailman 2.1.x timeframe.
7812c9
7812c9
    sitelist.cfg has a symbolic link in its old location in the DATA_DIR
7812c9
    pointing to its new location in the CONFIG_DIR.
7812c9
7812c9
    New Directories (can be specified as parameter to configure):
7812c9
7812c9
    CONFIG_DIR:	default=$VAR_PREFIX/data		FHS=/etc/mailman
7812c9
    PID_DIR		default=$VAR_PREFIX/data	FHS=/var/run/mailman
7812c9
7812c9
    Existing directories that can now be specified as parameter to configure:
7812c9
7812c9
    LOCK_DIR:	default=$VAR_PREFIX/locks	FHS=/var/lock/mailman
7812c9
    LOG_DIR:	default=$VAR_PREFIX/logs	FHS=/var/log/mailman
7812c9
    QUEUE_DIR	default=$VAR_PREFIX/qfiles	FHS=/var/spool/mailman
7812c9
7812c9
You can find addition documentation in the
7812c9
@DOC_DIR@/README.* files and/or
7812c9
@prefix@/README.* files.
7812c9
7812c9
Mailman is an open source project and full documentation, current
7812c9
sources, patches, etc. can be found at the following official mailman
7812c9
web sites:
7812c9
7812c9
http://www.gnu.org/software/mailman/mailman.html
7812c9
http://www.list.org
7812c9
7812c9
1. Final installation instructions:
7812c9
7812c9
    Congratulations!  You've installed the Mailman software.  To get
7812c9
    everything running you need to hook Mailman up to both your web
7812c9
    server and your mail system.
7812c9
7812c9
    - If you plan on running your MTA and web server on different
7812c9
      machines, sharing Mailman installations via NFS, be sure that
7812c9
      the clocks on those two machines are synchronized closely.  You
7812c9
      might take a look at the file Mailman/LockFile.py; the constant
7812c9
      CLOCK_SLOP helps the locking mechanism compensate for clock skew
7812c9
      in this type of environment.
7812c9
7812c9
    - Configure your web server. The RPM has made the assumption you
7812c9
      are running the apache web server (httpd). The RPM has installed
7812c9
      a mailman config file (@HTTPD_CONF_FILE@) in @HTTPD_CONF_DIR@.
7812c9
      You should edit the file to set your domain, see the
7812c9
      instructions in the config file.
7812c9
7812c9
      Now restart your web server so the new settings take effect:
7812c9
7812c9
      % /sbin/service httpd restart
7812c9
7812c9
    - Create the site password using:
7812c9
7812c9
      % @prefix@/bin/mmsitepass <your-site-password>
7812c9
7812c9
      This password can be used anywhere that individual user or
7812c9
      mailing list administrator passwords are required, giving the
7812c9
      mailman site administrator the ability to adjust these things
7812c9
      when necessary.
7812c9
7812c9
      You may also want to create a password for the site-wide "list
7812c9
      creator" role (someone other than the site administrator who as
7812c9
      privileges to create and remove lists through the web).  Use the
7812c9
      -c option to mmsitepass to set this.
7812c9
7812c9
    - Set the values for DEFAULT_EMAIL_HOST and DEFAULT_URL_HOST in
7812c9
      @prefix@/Mailman/mm_cfg.py file if the fqdn of the host you are
7812c9
      running mailman on is not the email and url host you need to use.
7812c9
7812c9
    - Update Mailman list files to new verson by running:
7812c9
      @prefix@/bin/update
7812c9
7812c9
      Users upgrading from previous releases of this package may need
7812c9
      to move their data or adjust the configuration files to point to
7812c9
      the locations where their data is.
7812c9
7812c9
    - Create a "site-wide" mailing list (Note: this must be done
7812c9
      before starting the mailman daemon). This is the one that
7812c9
      password reminders will appear to come from.  Usually this
7812c9
      should be the "mailman" mailing list, but if you need to change
7812c9
      this, be sure to change the MAILMAN_SITE_LIST variable in
7812c9
      mm_cfg.py (see below).
7812c9
7812c9
      % @prefix@/bin/newlist mailman
7812c9
7812c9
      Follow the prompts, and see the README file for more
7812c9
      information.
7812c9
7812c9
    - Start the Mailman qrunner daemon
7812c9
7812c9
      As of mailman version 2.1 mailman requires a service (daemon) to be
7812c9
      run for mailman to operate. RedHat does not ship RPM's that enable
7812c9
      services as part of package installation. You will need to enable
7812c9
      the mailman service if you want mailman to run.
7812c9
7812c9
      To enable the mailman service after package installation you may run
7812c9
      the "serviceconf" GUI tool, or you may do the following on the
7812c9
      command line as root.
7812c9
7812c9
      /sbin/service mailman start
7812c9
7812c9
      To have the mailman service automatically start at certain run
7812c9
      levels (replace the runlevel below with your desired run levels, for
7812c9
      example to start mailman at run levels 3 and 5 runlevel would be 35:
7812c9
7812c9
      /sbin/chkconfig --level runlevel mailman on
7812c9
7812c9
    - You should then subscribe yourself to the mailman list.
7812c9
7812c9
7812c9
2. Customize Mailman
7812c9
7812c9
    You should do these steps using the account you installed Mailman
7812c9
    under in section 2 above.
7812c9
7812c9
    - The file @prefix@/Mailman/Defaults.py contains a number of
7812c9
      defaults for your installation.  If any of these are incorrect,
7812c9
      override them in @prefix@/Mailman/mm_cfg.py.
7812c9
7812c9
      DO NOT EDIT Defaults.py!
7812c9
7812c9
      Note: If you have upgraded your mailman installation RPM will
7812c9
      save a copy of your previous version of mm_cfg.py in
7812c9
      mm_cfg.py.rpmsave.
7812c9
7812c9
      See the comments in Defaults.py for details.  Once a list is
7812c9
      created, editing many of these variables will have no effect.
7812c9
      At that point, you'll need to configure your lists through the
7812c9
      web admin interface or through the command line script
7812c9
      @prefix@/bin/withlist or @prefix@/bin/config_list.
7812c9
7812c9
      Note: Do *not* change HOME_DIR or MAILMAN_DIR.  These are set
7812c9
      automatically by the configure script when the RPM was created.
7812c9
7812c9
    - Create the site password using:
7812c9
7812c9
      % @prefix@/bin/mmsitepass <your-site-password>
7812c9
7812c9
      This password can be used anywhere that individual user or
7812c9
      mailing list administrator passwords are required, giving the
7812c9
      mailman site administrator the ability to adjust these things
7812c9
      when necessary.
7812c9
7812c9
      You may also want to create a password for the site-wide "list
7812c9
      creator" role (someone other than the site administrator who as
7812c9
      privileges to create and remove lists through the web).  Use the
7812c9
      -c option to mmsitepass to set this.
7812c9
7812c9
7812c9
3. Troubleshooting
7812c9
7812c9
    If you encounter problems with running Mailman, first check the
7812c9
    "Common Problems" section, below.  If your problem is not covered
7812c9
    there, check both the FAQ file and the online FAQ Wizard.
7812c9
    Check for errors in the mailman log files which can be found in
7812c9
7812c9
    @LOG_DIR@
7812c9
7812c9
    Mailman logs errors to this file:
7812c9
7812c9
    @LOG_DIR@/error
7812c9
7812c9
    If you encounter an error, send an error report to
7812c9
    mailman-users@python.org.  Include a description of what you're
7812c9
    doing to cause the problem, and the relevant lines from your
7812c9
    syslog.  Also include information on your operating system, which
7812c9
    version of Python you're using, and which version of Mailman
7812c9
    you're installing.
7812c9
7812c9
7812c9
4. Common Problems
7812c9
7812c9
    Problem:  All Mailman web pages give a 404 File not found error.
7812c9
7812c9
    Solution: Your web server has not been set up properly for handling
7812c9
              Mailman's cgi commands.  Make sure you've:
7812c9
7812c9
              1) Configured the web server to give permissions to
7812c9
                 @prefix@/cgi-bin
7812c9
              2) Restarted the web server properly.
7812c9
7812c9
              Consult your web server's documentation for instructions
7812c9
              on how to do these things.
7812c9
7812c9
7812c9
    Problem:  All Mailman web pages give an "Internal Server Error".
7812c9
7812c9
    Solution: The likely problem is that you are using the wrong GID or
7812c9
              UID for CGI scripts.  Check your syslog.  If you see, for
7812c9
              example, a line like:
7812c9
7812c9
                  Attempt to exec script with invalid gid 51, expected 99
7812c9
7812c9
              You need to reinstall Mailman, and specify $CGI_GID to be 51,
7812c9
              as described in the installation instructions.
7812c9
7812c9
7812c9
    Problem:  I send mail to the list, and get back mail saying the
7812c9
              list is not found!
7812c9
7812c9
    Solution: You probably didn't add the necessary aliases to the system
7812c9
              alias database, given to you when you ran the newlist
7812c9
              command.  If you did add them, you likely did not update
7812c9
              the alias database, or your system requires you to run
7812c9
              newaliases explicitly.  Refer to section 5 above for
7812c9
              more information.
7812c9
7812c9
7812c9
    Problem:  I send mail to the list, and get back mail saying,
7812c9
              "unknown mailer error".
7812c9
7812c9
    Solution: The likely problem is that you are using the wrong GID or
7812c9
              UID for mail.  Check your syslog.  If you see, for
7812c9
              example, a line like:
7812c9
7812c9
                  Attempt to exec script with invalid gid 51, expected 99
7812c9
7812c9
              You need to reinstall Mailman, and specify $MAIL_GID to
7812c9
              be 51, as described in the installation
7812c9
              instructions. see notes on Postfix below, as by default
7812c9
              it will create these problems on installation.
7812c9
7812c9
7812c9
    Problem:  I use Postfix for my MTA and the mail wrapper programs
7812c9
              are logging complaints about the wrong GID.
7812c9
7812c9
    Solution: Create a separate aliases file for Postfix in its
7812c9
              main.cf config file under the variable "alias_maps". Put
7812c9
              the file somewhere in Mailman's home directory, or
7812c9
              somewhere else where the user mailman has write access
7812c9
              to it; *as user mailman* call Postfix's "postalias" on the
7812c9
              alias file.
7812c9
7812c9
              % postalias <the alias file>
7812c9
7812c9
              Also as user mailman, run
7812c9
7812c9
              % python -c'import os; print os.getgid()'
7812c9
7812c9
              This should print out the group id that Mailman should
7812c9
              be configured to expect when the mail wrapper programs
7812c9
              are run.  Call it "thegid".  Rebuild Mailman with
7812c9
7812c9
              % ./configure --with-mail-gid=thegid
7812c9
7812c9
              See also the "Using the Postfix mail server" section of
7812c9
              the mailman installation manual for more information on
7812c9
              connecting Postfix and Mailman.  The manual is available
7812c9
              in several formats at /usr/share/doc/mailman-*/admin/www.
7812c9
7812c9
7812c9
    Problem:  I send mail to the list, and get back mail saying,
7812c9
              "sh: mailman not available for sendmail programs"
7812c9
7812c9
    Solution: Your system uses sendmail restricted shell (smrsh).  You
7812c9
              need to configure smrsh by creating a symbolic link from
7812c9
              the mail wrapper (@prefix@/mail/mailman) to the directory
7812c9
              identifying executables allowed to run under smrsh.
7812c9
7812c9
              Some common names for this directory are
7812c9
              /var/admin/sm.bin, /usr/admin/sm.bin or /etc/smrsh.
7812c9
7812c9
              Note that on Debian Linux, the system makes
7812c9
              /usr/lib/sm.bin, which is wrong, you will need to create
7812c9
              the directory /usr/admin/sm.bin and add the link there.
7812c9
              Note further any aliases newaliases spits out will need
7812c9
              to be adjusted to point to the secure link to the
7812c9
              wrapper.
7812c9
7812c9
7812c9
    Problem:  I messed up when I called configure.  How do I clean
7812c9
              things up and re-install?
7812c9
7812c9
    Solution: % make clean
7812c9
              % ./configure --with-the-right-options
7812c9
              % make install
7812c9
7812c9
7812c9
-------------------- Other Useful Information -----------------
7812c9
7812c9
RPM Preserves User Modified Files
7812c9
---------------------------------
7812c9
7812c9
The rpm during installation will preserve changes you have made to
7812c9
configuration files and templates from a previous installation. This
7812c9
is almost always what is desired. However you may want to check for
7812c9
the existence of files with either the .rpmsave or the .rpmnew
7812c9
extension and verify if any of these backup files created during the
7812c9
RPM install exist and if you are indeed using the version of the file
7812c9
you desire.
7812c9
7812c9
Note: The installation directory for non-data files changed from
7812c9
@VAR_PREFIX@ to @prefix@ in mailman-2.1.5-20. Configuration files and
7812c9
templates that were user modified in a previous installation will need
7812c9
to manually move those changes from the earlier @VAR_PREFIX@ to the
7812c9
new @prefix@ installation directory.
7812c9
7812c9
Here are a few commands that will aid you in this process:
7812c9
7812c9
List any rpm backup files in the mailman installation directory:
7812c9
7812c9
% find @prefix@ @VAR_PREFIX@ -name '*.rpm*'
7812c9
7812c9
List any configuration files NOT in the mailman installation directory
7812c9
you might miss with the above command which also have the potental for
7812c9
backup copies. Given this short list you'll have to look for a
7812c9
matching backup file.
7812c9
7812c9
% rpm -qc mailman | egrep -v '@prefix@|@VAR_PREFIX@'
7812c9
7812c9
When rpm preserves a user modified file it installs the newest version
7812c9
of the file by appending the .rpmnew extension to the file name thus
7812c9
preserving the file but making the latest version avialable. If rpm
7812c9
replaces a user modified file the file being replaced is renamed to
7812c9
have the .rpmsave extension. RPM only performs these backup operations
7812c9
if the file is marked as being a configuration file in the rpm spec
7812c9
file, it is not performed in general on all files in the package.
7812c9
7812c9
7812c9
Mailman Cron Jobs:
7812c9
------------------
7812c9
7812c9
Mailman relies on the cron daemon to schedule periodic actions. These
7812c9
are contained in a crontab file. Previous versions of the mailman RPM
7812c9
from Red Hat created the cron jobs by running the crontab(1) command
7812c9
during the RPM installation phase. The cron jobs are now handled
7812c9
slightly differently. Rather than invoking crontab which loaded the
7812c9
cron jobs into a private cron file a mailman crontab file is installed
7812c9
into /etc/cron.d. The crontab file and the commands it runs were
7812c9
modified from the upstream distribution so these commands would run
7812c9
under the correct SELinux security profile.
7812c9
7812c9
Previously the cron jobs were installed when the RPM was
7812c9
installed. This was less than optimal because the act of having the
7812c9
mailman RPM installed on a system should not cause the cron jobs to
7812c9
run. A better solution is to only run the mailman cron jobs if the
7812c9
mailman service is enabled. This is accomplished by installing the
7812c9
mailman crontab file in /etc/cron.d when the mailman service is
7812c9
started by mailman init.d script (e.g. either at boot time or via
7812c9
/sbin/service). When the mailman service is stopped the crontab file
7812c9
is removed from /etc/cron.d. The crontab file is copied from
7812c9
@prefix@/cron/crontab.in to /etc/cron.d/mailman. Thus if you edit the
7812c9
cron jobs you will need to edit the master copy in @prefix@/cron
7812c9
otherwise your edits will be lost the next time the mailman service is
7812c9
started or restarted. To pick up any changes made to the crontab file
7812c9
edit the master copy in @prefix@/cron and then use /sbin/service to
7812c9
restart mailman (e.g. /sbin/service mailman restart). Some may wonder
7812c9
why the crontab file in /etc/cron.d is not symbolically linked to the
7812c9
master copy when the service starts and unlinked when it stops. The
7812c9
reason is because newer versions of cron will refuse for security
7812c9
reasons to run any crontabs which are links to other files or
7812c9
writeable by anybody else except root.
7812c9
7812c9
Choosing your MTA (sendmail or postfix) on Red Hat Systems:
7812c9
-----------------------------------------------------------
7812c9
7812c9
Red Hat ships two different MTA's, sendmail and postfix. Because the
7812c9
sendmail and postfix rpms's share file names when installed the
7812c9
conflict is accomodated by utilizing the "alternatives" mechanism
7812c9
which manages a set of links. When one of the MTA's is selected via
7812c9
/usr/sbin/alternatives links are established which point to the
7812c9
correct files for that MTA. There are two ways to select your MTA:
7812c9
The system-switch-mail package contains a GUI front end to the
7812c9
alternatives mechanism and /usr/bin/system-switch-mail is an easy way
7812c9
to select your MTA, or you can invoke alternatives directly like this:
7812c9
7812c9
% /usr/sbin/alternatives --config mta
7812c9
7812c9
Note: Selecting your preferred MTA is distinct from configuring the
7812c9
MTA, you will need to consult the documentation for the MTA you
7812c9
selected for information on how to configure it.
7812c9
7812c9

7812c9
Local Variables:
7812c9
mode: indented-text
7812c9
indent-tabs-mode: nil
7812c9
End: