Related to bug: 390843 Mailman ships with a script to correct the access rights in order for mailman to work with grsecurity (TPE). In this script there is a bug in line 148. When you execute it, it fails while trying to access some files: Ensuring that all config.db/pck files are owned by Mailman Patching mailman scripts to change the uid to mailman Traceback (most recent call last): File "/usr/lib64/mailman/bin/check_perms_grsecurity.py", line 183, in <module> main(sys.argv) File "/usr/lib64/mailman/bin/check_perms_grsecurity.py", line 149, in main filefd = open(script, "r") IOError: [Errno 2] No such file or directory: 'add_members' This happens, because the script tries to access files in the wrong directory: (/usr/lib64/mailman/bin/check_perms_grsecurity.py) 147 for script in binfilestopatch: 148 filefd = open(script, "r") 149 file = filefd.readlines() 150 filefd.close() 'script' is in this case the plain filename (e.g. add_members) instead of the whole path (e.g. /usr/lib64/mailman/bin/add_members). Reproducible: Always Steps to Reproduce: 1. /usr/lib64/mailman/bin/check_perms_grsecurity.py -f Actual Results: ... Ensuring that all config.db/pck files are owned by Mailman Patching mailman scripts to change the uid to mailman Traceback (most recent call last): File "/usr/lib64/mailman/bin/check_perms_grsecurity.py", line 183, in <module> main(sys.argv) File "/usr/lib64/mailman/bin/check_perms_grsecurity.py", line 149, in main filefd = open(script, "r") IOError: [Errno 2] No such file or directory: 'add_members' Expected Results: Making select directories owned and writable by root only /usr/lib64/mailman/mail /usr/lib64/mailman/cgi-bin /usr/lib64/mailman/bin Making/var/lib/mailman/data/last_mailman_versionowned by mailman (not root) Skipping creation of /usr/lib64/mailman/bin/CheckFixUid.py Making cgis setuid mailman /usr/lib64/mailman/cgi-bin/edithtml /usr/lib64/mailman/cgi-bin/options /usr/lib64/mailman/cgi-bin/listinfo /usr/lib64/mailman/cgi-bin/roster /usr/lib64/mailman/cgi-bin/private /usr/lib64/mailman/cgi-bin/admindb /usr/lib64/mailman/cgi-bin/confirm /usr/lib64/mailman/cgi-bin/rmlist /usr/lib64/mailman/cgi-bin/create /usr/lib64/mailman/cgi-bin/admin /usr/lib64/mailman/cgi-bin/subscribe Making mail wrapper setuid mailman /usr/lib64/mailman/mail/mailman Ensuring that all config.db/pck files are owned by Mailman Patching mailman scripts to change the uid to mailman Not patching add_members, already patched Not patching change_pw, already patched Not patching check_db, already patched Not patching clone_member, already patched Not patching config_list, already patched Not patching newlist, already patched Not patching qrunner, already patched Not patching remove_members, already patched Not patching rmlist, already patched Not patching sync_members, already patched Not patching update, already patched Not patching withlist, already patched
Created attachment 373650 [details, diff] check_perms_grsecurity.patch
Mailman2 is removed and we don't support grsecurity any more.
