1018 lines
18 KiB
HTML
1018 lines
18 KiB
HTML
<HTML
|
|
><HEAD
|
|
><TITLE
|
|
>Majordomo</TITLE
|
|
><META
|
|
NAME="GENERATOR"
|
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.57"><LINK
|
|
REL="HOME"
|
|
TITLE="Majordomo and MajorCool HOWTO"
|
|
HREF="index.html"><LINK
|
|
REL="PREVIOUS"
|
|
TITLE="Sendmail"
|
|
HREF="x54.html"><LINK
|
|
REL="NEXT"
|
|
TITLE="MajorCool"
|
|
HREF="x424.html"></HEAD
|
|
><BODY
|
|
CLASS="SECT1"
|
|
BGCOLOR="#FFFFFF"
|
|
TEXT="#000000"
|
|
LINK="#0000FF"
|
|
VLINK="#840084"
|
|
ALINK="#0000FF"
|
|
><DIV
|
|
CLASS="NAVHEADER"
|
|
><TABLE
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TH
|
|
COLSPAN="3"
|
|
ALIGN="center"
|
|
>Majordomo and MajorCool HOWTO</TH
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="left"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="x54.html"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="80%"
|
|
ALIGN="center"
|
|
VALIGN="bottom"
|
|
></TD
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="right"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="x424.html"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"></DIV
|
|
><DIV
|
|
CLASS="SECT1"
|
|
><H1
|
|
CLASS="SECT1"
|
|
><A
|
|
NAME="AEN253"
|
|
>3. Majordomo</A
|
|
></H1
|
|
><P
|
|
>Majordomo is, of course, the piece of code that this document revolves around; it consists of a collection of Perl scripts with the sole purpose of managing mailing lists.</P
|
|
><DIV
|
|
CLASS="SECT2"
|
|
><H2
|
|
CLASS="SECT2"
|
|
><A
|
|
NAME="AEN256"
|
|
>3.1. Preparing to Install</A
|
|
></H2
|
|
><P
|
|
>Download the gzipped source distribution of the latest version of Majordomo from <A
|
|
HREF="http://www.greatcircle.com/majordomo/"
|
|
TARGET="_top"
|
|
>Great Circle Associates</A
|
|
> and uncompress it
|
|
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
><TT
|
|
CLASS="COMPUTEROUTPUT"
|
|
>[jarchie@kes jarchie]$ </TT
|
|
><TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>tar zxvf majordomo-1.94.5.tar.gz</B
|
|
></TT
|
|
></PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
|
|
This will create a subdirectory with all of the files necessary to install Majordomo; this directory <I
|
|
CLASS="EMPHASIS"
|
|
>cannot</I
|
|
> be the same directory in which Majordomo is to be installed.</P
|
|
><P
|
|
>Majordomo must run under a specific UID and GID so when any of the scripts are run, they will run under Majordomo's UID. Thus, it is necessary to decide what UID and GID Majordomo should run under. Also, Majordomo must be a Sendmail trusted user (see <A
|
|
HREF="x54.html#SEC-SENDTRUST"
|
|
>Section 2.2.3</A
|
|
>).</P
|
|
><P
|
|
>Check the <TT
|
|
CLASS="FILENAME"
|
|
>/etc/passwd</TT
|
|
> and <TT
|
|
CLASS="FILENAME"
|
|
>/etc/group</TT
|
|
> files to find a UID and GID that are not taken. For this example, a UID of 16 and a GID of 16 was chosen. You have to decide on the location where the Majordomo scripts will reside; in this HOWTO, the directory <TT
|
|
CLASS="FILENAME"
|
|
>/usr/local/majordomo-1.94.5/</TT
|
|
> was chosen. If you are using a shadowed password file, add entries similar to
|
|
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
>majordomo:x:16:16:Majordomo List Manager:/usr/local/majordomo-1.94.5:</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
|
|
to your <TT
|
|
CLASS="FILENAME"
|
|
>/etc/passwd</TT
|
|
> and add an appropriate entry to <TT
|
|
CLASS="FILENAME"
|
|
>/etc/shadow</TT
|
|
>.
|
|
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
>majordomo:*:10883:0:88888:7:::</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
|
|
Use the other entries in these files as a guide for exactly what should be added. <I
|
|
CLASS="EMPHASIS"
|
|
>These are only the values for my system.</I
|
|
> If you are not using shadowed passwords, only an entry in the <TT
|
|
CLASS="FILENAME"
|
|
>/etc/passwd</TT
|
|
> file is necessary.</P
|
|
><P
|
|
>To create a Majordomo group, add a line similar to
|
|
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
>majordomo:x:16:jarchie</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
|
|
to your <TT
|
|
CLASS="FILENAME"
|
|
>/etc/group</TT
|
|
> file. Appending your username to the end of the line will give you access to the Majordomo files that are group writable.</P
|
|
></DIV
|
|
><DIV
|
|
CLASS="SECT2"
|
|
><H2
|
|
CLASS="SECT2"
|
|
><A
|
|
NAME="AEN279"
|
|
>3.2. Editing the Installation Files</A
|
|
></H2
|
|
><P
|
|
>The <TT
|
|
CLASS="FILENAME"
|
|
>Makefile</TT
|
|
> contains all the information needed to install Majordomo; it is usually necessary to edit lines in the <TT
|
|
CLASS="FILENAME"
|
|
>Makefile</TT
|
|
> that refer to system specific settings so Majordomo will be able to install cleanly on your system. Most of the default settings are correct; however, the following settings, almost invariably, need to be changed on a per system basis.
|
|
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
><TT
|
|
CLASS="COMPUTEROUTPUT"
|
|
>[jarchie@kes majordomo-1.94.5]$ </TT
|
|
><TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>vi Makefile</B
|
|
></TT
|
|
></PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
|
|
The settings
|
|
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
>PERL = /bin/perl
|
|
CC = cc
|
|
W_HOME = /usr/test/majordomo-$(VERSION)
|
|
MAN = $(W_HOME)/man
|
|
W_USER = 123
|
|
W_GROUP = 45</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
|
|
should be changed to something more appropriate for your system. For example, in my setup, the values were changed to
|
|
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
>PERL = /usr/bin/perl
|
|
CC = gcc
|
|
W_HOME = /usr/local/majordomo-1.94.5
|
|
MAN = /usr/man
|
|
W_USER = 16
|
|
W_GROUP = 16</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
|
|
Also the <TT
|
|
CLASS="FILENAME"
|
|
>majordomo.cf</TT
|
|
> file must be created. An easy way to create this file is to copy the provided <TT
|
|
CLASS="FILENAME"
|
|
>sample.cf</TT
|
|
> file to <TT
|
|
CLASS="FILENAME"
|
|
>majordomo.cf</TT
|
|
> and edit it.
|
|
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
><TT
|
|
CLASS="COMPUTEROUTPUT"
|
|
>[jarchie@kes majordomo-1.94.5]$ </TT
|
|
><TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>cp sample.cf majordomo.cf</B
|
|
></TT
|
|
>
|
|
<TT
|
|
CLASS="COMPUTEROUTPUT"
|
|
>[jarchie@kes majordomo-1.94.5]$ </TT
|
|
><TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>vi majordomo.cf</B
|
|
></TT
|
|
></PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
|
|
Again, most of the settings are correct by default, but the following lines might need to be changed for your system from
|
|
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
>$whereami = "example.com";
|
|
$whoami = "Majordomo\@$whereami";
|
|
$whoami_owner = "Majordomo-Owner\@$whereami";
|
|
$homedir = "/usr/test/majordomo";
|
|
$digest_work_dir = "/usr/local/mail/digest";
|
|
$sendmail_command = "/usr/lib/sendmail";</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
|
|
to something more appropriate such as
|
|
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
>$whereami = "kes.emeraldis.com";
|
|
$whoami = "majordomo\@$whereami";
|
|
$whoami_owner = "majordomo-owner\@$whereami";
|
|
$homedir = "/usr/local/majordomo-1.94.5";
|
|
$digest_work_dir = "/usr/local/majordomo-1.94.5/digest";
|
|
$sendmail_command = "/usr/sbin/sendmail";</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
|
|
<TT
|
|
CLASS="VARNAME"
|
|
>$whoami</TT
|
|
> and <TT
|
|
CLASS="VARNAME"
|
|
>$whoami_owner</TT
|
|
> do not need to be changed for Majordomo to work; however, I changed them because I like to avoid typing capital letters. <TT
|
|
CLASS="VARNAME"
|
|
>$digest_work_dir</TT
|
|
> is a temporary directory where digest files should be placed; this directory should be assigned to wherever you want digests to be stored. If you do not plan to use digested lists, do not worry about this option. <TT
|
|
CLASS="VARNAME"
|
|
>$whereami</TT
|
|
>, <TT
|
|
CLASS="VARNAME"
|
|
>$homedir</TT
|
|
>, and <TT
|
|
CLASS="VARNAME"
|
|
>$sendmail_command</TT
|
|
> should be changed to appropriate values for your system. Unlike the <TT
|
|
CLASS="FILENAME"
|
|
>Makefile</TT
|
|
>, these options can always be changed after Majordomo is installed by editing <TT
|
|
CLASS="FILENAME"
|
|
>majordomo.cf</TT
|
|
> in the directory where Majordomo was installed. (The configuration file is simply copied during setup.)</P
|
|
></DIV
|
|
><DIV
|
|
CLASS="SECT2"
|
|
><H2
|
|
CLASS="SECT2"
|
|
><A
|
|
NAME="AEN307"
|
|
>3.3. Installing Majordomo</A
|
|
></H2
|
|
><P
|
|
>The next step is to compile the Majordomo wrapper. The wrapper is the only Majordomo component that needs to be compiled because everything else is a collection of perl scripts and, therefore, is not compiled.
|
|
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
><TT
|
|
CLASS="COMPUTEROUTPUT"
|
|
>[jarchie@kes majordomo-1.94.5]$ </TT
|
|
><TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>make wrapper</B
|
|
></TT
|
|
></PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
|
|
To install the Majordomo files, execute the commands
|
|
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
><TT
|
|
CLASS="COMPUTEROUTPUT"
|
|
>[root@kes majordomo-1.94.5]# </TT
|
|
><TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>make install</B
|
|
></TT
|
|
>
|
|
<TT
|
|
CLASS="COMPUTEROUTPUT"
|
|
>[root@kes majordomo-1.94.5]# </TT
|
|
><TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>make install-wrapper</B
|
|
></TT
|
|
></PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
|
|
The first command can be done as the Majordomo user (assuming <TT
|
|
CLASS="LITERAL"
|
|
>majordomo</TT
|
|
> can create or has access to <TT
|
|
CLASS="VARNAME"
|
|
>$home_dir</TT
|
|
>), but the second command needs to be done as <TT
|
|
CLASS="LITERAL"
|
|
>root</TT
|
|
> so the installation script can SUID root the Majordomo wrapper. (Since, <TT
|
|
CLASS="LITERAL"
|
|
>majordomo</TT
|
|
> was created without a login shell or password, if you want to execute the first command as <TT
|
|
CLASS="LITERAL"
|
|
>majordomo</TT
|
|
>, you will need to <B
|
|
CLASS="COMMAND"
|
|
>su majordomo</B
|
|
> as root in order to become <TT
|
|
CLASS="LITERAL"
|
|
>majordomo</TT
|
|
>.)</P
|
|
></DIV
|
|
><DIV
|
|
CLASS="SECT2"
|
|
><H2
|
|
CLASS="SECT2"
|
|
><A
|
|
NAME="AEN325"
|
|
>3.4. Creating the Majordomo Aliases</A
|
|
></H2
|
|
><P
|
|
>Sendmail aliases must be created for Majordomo so commands sent to Majordomo can be processed by <B
|
|
CLASS="COMMAND"
|
|
>majordomo</B
|
|
>, and an alias for the Majordomo owner must be created so people can E-mail you through the standard <TT
|
|
CLASS="LITERAL"
|
|
>owner-majordomo</TT
|
|
> address. Add the following entries to your aliases file (see <A
|
|
HREF="x54.html#SEC-ALIASES"
|
|
>Section 2.1</A
|
|
>).
|
|
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
>majordomo: "|/usr/local/majordomo-1.94.5/wrapper majordomo"
|
|
owner-majordomo: jarchie
|
|
majordomo-owner: jarchie</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
></P
|
|
></DIV
|
|
><DIV
|
|
CLASS="SECT2"
|
|
><H2
|
|
CLASS="SECT2"
|
|
><A
|
|
NAME="AEN332"
|
|
>3.5. Testing the Configuration</A
|
|
></H2
|
|
><P
|
|
>As a regular user (<I
|
|
CLASS="EMPHASIS"
|
|
>not</I
|
|
> as <TT
|
|
CLASS="LITERAL"
|
|
>majordomo</TT
|
|
> <I
|
|
CLASS="EMPHASIS"
|
|
>or</I
|
|
> as <TT
|
|
CLASS="LITERAL"
|
|
>root</TT
|
|
>), run
|
|
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
><TT
|
|
CLASS="COMPUTEROUTPUT"
|
|
>[jarchie@kes jarchie]$ </TT
|
|
><TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>/usr/local/majordomo-1.94.5/wrapper config-test</B
|
|
></TT
|
|
></PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
|
|
This program can detect most problems in the Majordomo installation.</P
|
|
></DIV
|
|
><DIV
|
|
CLASS="SECT2"
|
|
><H2
|
|
CLASS="SECT2"
|
|
><A
|
|
NAME="AEN342"
|
|
>3.6. Creating Lists</A
|
|
></H2
|
|
><P
|
|
>To create a list, create a file with the name of the list in the Majordomo lists directory. For example, to create a list called test, create a test file as Majordomo
|
|
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
><TT
|
|
CLASS="COMPUTEROUTPUT"
|
|
>[root@kes /]# </TT
|
|
><TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>su majordomo</B
|
|
></TT
|
|
>
|
|
<TT
|
|
CLASS="COMPUTEROUTPUT"
|
|
>[majordomo@kes /]$ </TT
|
|
><TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>touch /usr/local/majordomo-1.94.5/lists/test</B
|
|
></TT
|
|
></PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
|
|
and add the related aliases
|
|
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
>test: :include:/usr/local/majordomo-1.94.5/lists/test
|
|
owner-test: jarchie
|
|
test-request: "|/usr/local/majordomo-1.94.5/wrapper request-answer test"
|
|
test-approval: jarchie</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
></P
|
|
></DIV
|
|
><DIV
|
|
CLASS="SECT2"
|
|
><H2
|
|
CLASS="SECT2"
|
|
><A
|
|
NAME="AEN351"
|
|
>3.7. Further Testing of the Configuration</A
|
|
></H2
|
|
><P
|
|
>Now test the operation of the list by issuing a <B
|
|
CLASS="COMMAND"
|
|
>lists</B
|
|
> command to Majordomo.
|
|
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
><TT
|
|
CLASS="COMPUTEROUTPUT"
|
|
>[jarchie@kes jarchie]$ </TT
|
|
><TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>echo lists | mail majordomo</B
|
|
></TT
|
|
></PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
|
|
It should only take a second for <B
|
|
CLASS="COMMAND"
|
|
>majordomo</B
|
|
> to reply with a message containing all the lists which are currently set up. Next, try issuing a <B
|
|
CLASS="COMMAND"
|
|
>help</B
|
|
> command.
|
|
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
><TT
|
|
CLASS="COMPUTEROUTPUT"
|
|
>[jarchie@kes jarchie]$ </TT
|
|
><TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>echo help | mail majordomo</B
|
|
></TT
|
|
></PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
|
|
Majordomo should reply with a list of all commands that Majordomo accepts. It might be a good idea to save the message for future reference.</P
|
|
><P
|
|
>To see if the aliases are working properly, try subscribing and unsubscribing yourself to the list.
|
|
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
><TT
|
|
CLASS="COMPUTEROUTPUT"
|
|
>[jarchie@kes jarchie]$ </TT
|
|
><TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>echo subscribe test | mail majordomo</B
|
|
></TT
|
|
></PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
|
|
You will receive an E-mail message containing instructions on how to confirm your subscription as well as a letter confirming that your command was successful. After sending back your confirmation, Majordomo should send back two letters--one letter stating that your subscribe request was successful and another letter welcoming you to the test list. The owner of the list will also be sent a message stating that you have subscribed to the list.</P
|
|
><P
|
|
>To unsubscribe from a list, send a <B
|
|
CLASS="COMMAND"
|
|
>unsubscribe</B
|
|
> command
|
|
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
><TT
|
|
CLASS="COMPUTEROUTPUT"
|
|
>[jarchie@kes jarchie]$ </TT
|
|
><TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>echo unsubscribe test | mail majordomo</B
|
|
></TT
|
|
></PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
|
|
You should be sent back a letter stating that your command was successful.</P
|
|
></DIV
|
|
><DIV
|
|
CLASS="SECT2"
|
|
><H2
|
|
CLASS="SECT2"
|
|
><A
|
|
NAME="AEN372"
|
|
>3.8. Creating Better Aliases</A
|
|
></H2
|
|
><P
|
|
>For some lists, it may be desirable to have Majordomo process messages before they reach the list. For example, Majordomo has the <B
|
|
CLASS="COMMAND"
|
|
>resend</B
|
|
> script to automatically filter messages based on content (such as taboo words), to prevent people from sending Majordomo commands to the list, and other features. To use these options, it is necessary to use a better set of aliases such as
|
|
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
>test: "|/usr/local/majordomo-1.94.5/wrapper resend -l test test-list"
|
|
test-list: :include:/usr/local/majordomo-1.94.5/lists/test
|
|
owner-test: jarchie
|
|
test-owner: jarchie
|
|
test-request: "|/usr/local/majordomo-1.94.5/wrapper majordomo -l test"</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
|
|
The last entry allows someone simply to send a message to <TT
|
|
CLASS="LITERAL"
|
|
>test-request@kes.emeraldis.com</TT
|
|
> with the text <TT
|
|
CLASS="LITERAL"
|
|
>subscribe</TT
|
|
> rather than sending a letter to <TT
|
|
CLASS="LITERAL"
|
|
>majordomo@kes.emeraldis.com</TT
|
|
> with the text <TT
|
|
CLASS="LITERAL"
|
|
>subscribe test</TT
|
|
>. Also, note that if sendmail is using smrsh, the above aliases should reference the copy of the wrapper in the safe path--usually <TT
|
|
CLASS="FILENAME"
|
|
>/etc/smrsh/wrapper</TT
|
|
>.</P
|
|
></DIV
|
|
><DIV
|
|
CLASS="SECT2"
|
|
><H2
|
|
CLASS="SECT2"
|
|
><A
|
|
NAME="AEN382"
|
|
>3.9. Debugging</A
|
|
></H2
|
|
><P
|
|
>It is common for Majordomo's permissions to be set incorrectly causing Majordomo to work improperly. Fortunately, Sendmail and Majordomo typically, give decent error messages indicating a problem. For example, the <TT
|
|
CLASS="FILENAME"
|
|
>lists</TT
|
|
> directory must be executable by the user sendmail setuids to, typically <TT
|
|
CLASS="LITERAL"
|
|
>mail</TT
|
|
> or <TT
|
|
CLASS="LITERAL"
|
|
>daemon</TT
|
|
>. If <B
|
|
CLASS="COMMAND"
|
|
>sendmail</B
|
|
> cannot execute <TT
|
|
CLASS="FILENAME"
|
|
>lists</TT
|
|
>, the permissions must be loosened.
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
><TT
|
|
CLASS="COMPUTEROUTPUT"
|
|
>[root@kes root]# </TT
|
|
><TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>chmod +x /usr/local/majordomo-1.94.5/lists</B
|
|
></TT
|
|
></PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
Another common problem is caused by the <TT
|
|
CLASS="FILENAME"
|
|
>lists</TT
|
|
> directory being group writable. To solve this problem, one can ether clear the group writable bit, or use the sendmail option <TT
|
|
CLASS="LITERAL"
|
|
>IncludeFileInGroupWritableDirPath</TT
|
|
> (see <A
|
|
HREF="x54.html#GROUP-PERM"
|
|
>Section 2.2.5</A
|
|
> and <A
|
|
HREF="x54.html#GROUP-SECURITY"
|
|
>Section 2.4.1</A
|
|
> for more details).</P
|
|
></DIV
|
|
><DIV
|
|
CLASS="SECT2"
|
|
><H2
|
|
CLASS="SECT2"
|
|
><A
|
|
NAME="AEN397"
|
|
>3.10. Majordomo Security Concerns</A
|
|
></H2
|
|
><P
|
|
>Majordomo is intended to run on a isolated system; there are a couple of well-known security holes in the scripts that allow any local user capable of executing <B
|
|
CLASS="COMMAND"
|
|
>wrapper</B
|
|
> to execute code as the <TT
|
|
CLASS="LITERAL"
|
|
>majordomo</TT
|
|
> user. If Majordomo must be run on a system providing users with shell access, then it is advisable to tighten up permissions on the wrapper. This can be done by clearing the world executable bit and <B
|
|
CLASS="COMMAND"
|
|
>chgrp</B
|
|
>ing the wrapper to the user that needs to run the Majordomo scripts. For example, if Sendmail and MajorCool are both being used to execute the wrapper use the commands
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
><TT
|
|
CLASS="COMPUTEROUTPUT"
|
|
>[root@kes root]# </TT
|
|
><TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>cp /usr/local/majordomo-1.94.5/wrapper /etc/smrsh/wrapper</B
|
|
></TT
|
|
>
|
|
<TT
|
|
CLASS="COMPUTEROUTPUT"
|
|
>[root@kes root]# </TT
|
|
><TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>chmod 4750 /usr/local/majordomo-1.94.5/wrapper</B
|
|
></TT
|
|
>
|
|
<TT
|
|
CLASS="COMPUTEROUTPUT"
|
|
>[root@kes root]# </TT
|
|
><TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>chown root:nobody /usr/local/majordomo-1.94.5/wrapper</B
|
|
></TT
|
|
>
|
|
<TT
|
|
CLASS="COMPUTEROUTPUT"
|
|
>[root@kes root]# </TT
|
|
><TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>chmod 4750 /etc/smrsh/wrapper</B
|
|
></TT
|
|
>
|
|
<TT
|
|
CLASS="COMPUTEROUTPUT"
|
|
>[root@kes root]# </TT
|
|
><TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>chown root:mail /etc/smrsh/wrapper</B
|
|
></TT
|
|
></PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
to secure the system. This will allow <B
|
|
CLASS="COMMAND"
|
|
>sendmail</B
|
|
> (while running under <TT
|
|
CLASS="LITERAL"
|
|
>mail</TT
|
|
>) to execute <B
|
|
CLASS="COMMAND"
|
|
>/etc/smrsh/wrapper</B
|
|
> while allowing the webserver's MajorCool (running under <TT
|
|
CLASS="LITERAL"
|
|
>nobody</TT
|
|
>) to execute <B
|
|
CLASS="COMMAND"
|
|
>/usr/local/majordomo-1.94.5/wrapper</B
|
|
>. This solution, however, will allow anyone with the UID or GID of <TT
|
|
CLASS="LITERAL"
|
|
>mail</TT
|
|
> or <TT
|
|
CLASS="LITERAL"
|
|
>nobody</TT
|
|
> to also obtain access to the <TT
|
|
CLASS="LITERAL"
|
|
>majordomo</TT
|
|
> account. To protect the <TT
|
|
CLASS="LITERAL"
|
|
>nobody</TT
|
|
> account, it is important not to allow normal users to make use of server side includes or cgi scripts unless those services do not run under <TT
|
|
CLASS="LITERAL"
|
|
>nobody</TT
|
|
>.</P
|
|
></DIV
|
|
></DIV
|
|
><DIV
|
|
CLASS="NAVFOOTER"
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"><TABLE
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="x54.html"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="index.html"
|
|
>Home</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="x424.html"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
>Sendmail</TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
> </TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
>MajorCool</TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
></BODY
|
|
></HTML
|
|
> |