Mailman with nginx and thttpd

Greetings. I’m getting 404 errors after installing the Mailman mailing
list manager on a server running nginx and thttpd, and could use some
help in understanding why.

This is on “Mailserver”, an excellent OpenBSD-based mail appliance from
Allard Consulting that uses nginx. I’ve pasted the current nginx and
thttpd configs below; the configs are based on Manlio P.'s howto
here:

http://wiki.list.org/display/DOC/Mailman+and+nginx

In my setup, the hostname is mail.suctest.com. I’ve created a separate
virtual host in nginx called ‘lists.suctest.com’ for the Mailman stuff.

The logs say requests to Mailman URLs such as this one:

http://lists.suctest.com/mailman/listinfo

produce 404 errors in both nginx and thttpd, although it’s the latter
server that returns the error page. The Mailman stuff is in
/usr/local/mailman and is group readable by mailman.

Thanks in advance for clues on answering these two questions:

  1. How to point nginx and thttp at the correct locations so that I’m not
    getting 404s?

  2. If possible, how to run Mailman under the canonical hostname of
    mail.suctest.com’ instead of the separate name of ‘lists.suctest.com’?

Thanks again

dn


nginx.conf:

user _nginx;
worker_processes 2;
pid /var/run/nginx.pid;
error_log /var/log/httpd.err error;

events {
worker_connections 1024;
}

http {
include mime.types;
default_type application/octet-stream;
access_log /var/log/httpd.log combined;

sendfile on;
tcp_nopush on;
keepalive_timeout 65;
server_name_in_redirect off;

client_max_body_size 30M;
client_body_buffer_size 512k;

gzip on;
gzip_vary on;
gzip_comp_level 9;
gzip_min_length 0;
gzip_proxied any;
gzip_disable “MSIE [1-6].”;
gzip_types text/plain text/css application/json
application/x-javascript text/xml application/xml application/xml+rss
text/javascript application/javascript;
gzip_buffers 16 8k;

ssl_protocols SSLv3 TLSv1;
ssl_ciphers HIGH:!ADH:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:1m;
ssl_certificate /etc/ssl/server.crt;
ssl_certificate_key /etc/ssl/private/server.key;

upstream admin_mongrels {
server 127.0.0.1:4213;
}
upstream account_mongrels {
server 127.0.0.1:4214;
}

server {
listen 4200;
ssl on;
root /var/www/admin/public;

location ~* \.(ico|css|js|gif|jp?g|png) {
  access_log off;
  expires 7d;
  break;
}

location / {
  proxy_redirect   off;
  proxy_set_header Host              $host:4200;
  proxy_set_header X-Real-IP         $remote_addr;
  proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
  proxy_set_header X_Forwarded_Proto $scheme;

  if (!-f $request_filename.html) {
    proxy_pass  http://admin_mongrels;
  }
}

}

server {
listen 80;
location / {
rewrite /(.*) https://$host/$1 redirect;
}
}

server {
listen 443;
ssl on;
root /var/www/user;

index  index.html index.htm index.php;

location ~ .php$ {
  fastcgi_pass   unix:/tmp/php.sock;
  fastcgi_index  index.php;
  include        fastcgi_params;
  fastcgi_param  HTTPS on;
  fastcgi_param  SCRIPT_FILENAME 

$document_root$fastcgi_script_name;
}

location ^~ /account/stylesheets {
  alias /var/www/user/account/public/stylesheets;
}

location ^~ /account/javascripts {
  alias /var/www/user/account/public/javascripts;
}

location ^~ /account/images {
  alias /var/www/user/account/public/images;
}

location ~* \.(ico|css|js|gif|jp?g|png) {
  access_log off;
  expires 7d;
  break;
}

location /account {
  proxy_redirect    off;
  proxy_set_header  Host             $host;
  proxy_set_header  X-Real-IP        $remote_addr;
  proxy_set_header  X-Forwarded-For  $proxy_add_x_forwarded_for;
  proxy_set_header  Port             $proxy_port;

  if (!-f $request_filename.html) {
    proxy_pass  http://account_mongrels;
  }
}

}

server {
listen 80;
server_name lists.suctest.com;
root /var/log/mailman;
access_log /var/log/lists.suctest.com.access.log;
# Show in the main page the list info
rewrite ^/$ /mailman/listinfo last;
location /mailman/ {
# Use thttpd for CGI
proxy_pass http://127.0.0.1:8000/mailman/;
#proxy_set_header Host lists.suctest.com;
#proxy_intercept_errors on;
}
location /images/mailman/ {
alias /var/lib/mailman/icons/;
}
location /pipermail/ {
alias /var/lib/mailman/archives/public/;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/nginx/html;
}
}

}


thttpd.conf:

root@mail:log# cat /etc/thttpd/thttpd.conf

port=8000

Make sure to disable chroot

nochroot
user=mailman
host=127.0.0.1

Serve all the CGI on the system

dir=/usr/local/mailman/cgi-bin
cgipat=/**

On Mon, Oct 25, 2010 at 05:02:53PM -0700, David Newman wrote:

Hi there,

Greetings. I’m getting 404 errors after installing the Mailman mailing
list manager on a server running nginx and thttpd, and could use some
help in understanding why.

Thanks in advance for clues on answering these two questions:

  1. How to point nginx and thttp at the correct locations so that I’m not
    getting 404s?

The good news is, it looks like you probably have got the nginx side of
things right.

This:

server {
listen 80;
server_name lists.suctest.com;
location /mailman/ {
proxy_pass http://127.0.0.1:8000/mailman/;
}

is the important part of the configuration. If a request comes in that
starts NameBright - Coming Soon, it gets sent to thttpd mostly
unchanged.

Since that leads to 404 errors, all you need do is fix the
mailman/thttpd
side of things.

You can test it directly, without involving nginx, by pointing your
client at the http://127.0.0.1:8000/ interface.

Your thttpd.conf makes it look like that it will try to access files
like

/usr/local/mailman/cgi-bin/mailman/listinfo

Hopefully the logs thttpd generates will show you what to do next.

  1. If possible, how to run Mailman under the canonical hostname of
    mail.suctest.com’ instead of the separate name of ‘lists.suctest.com’?

You’ll need to know what the mailman-related urls are. Your config
suggests that they are only everything below /mailman/,
/images/mailman/,
and /pipermail/. So long as nothing else on your server wants to
handle those locations, you just put the same location{} blocks in your
mail.suctest.com server{}. The main difference is that you won’t want
the “/ is /mailman/listinfo” rewrite – maybe you’ll want a “/mailman/
is /mailman/listinfo” rewrite instead.

Good luck with it,

f

Francis D. [email protected]

On Mon, Oct 25, 2010 at 05:02:53PM -0700, David Newman wrote:

In my setup, the hostname is mail.suctest.com. I’ve created a separate
Thanks in advance for clues on answering these two questions:

  1. How to point nginx and thttp at the correct locations so that I’m not
    getting 404s?

  2. If possible, how to run Mailman under the canonical hostname of
    mail.suctest.com’ instead of the separate name of ‘lists.suctest.com’?

nginx.org runs Mailman’s CGI using mini_httpd. This is a simple server
by
the same author as thttpd. I have also patched mini_httpd to support
X-Real-IP header. Here is a configuration part related to Mailman:

    location = /mailman/ {
        proxy_pass         http://127.0.0.1/cgi-bin/listinfo;
        proxy_set_header   Host       nginx.org;
        proxy_set_header   X-Real-IP  $remote_addr;
    }

    location /mailman/ {
        proxy_pass         http://127.0.0.1/cgi-bin/;
        proxy_set_header   Host       nginx.org;
        proxy_set_header   X-Real-IP  $remote_addr;
    }

    location = /cgi-bin/ {
        proxy_pass         http://127.0.0.1/cgi-bin/listinfo;
        proxy_set_header   Host       nginx.org;
        proxy_set_header   X-Real-IP  $remote_addr;
    }

    location /cgi-bin/ {
        proxy_pass         http://127.0.0.1/cgi-bin/;
        proxy_set_header   Host       nginx.org;
        proxy_set_header   X-Real-IP  $remote_addr;
    }

    location /pipermail/ {
        alias  /usr/local/mailman/archives/public/;
    }

Mailman URL is “mailman.nginx.org Mailing Lists” due to
proxy_set_header Host nginx.org;

mini_httpd configuraiton is:

user=www
host=127.0.0.1
port=80
dir=/usr/local/mailman
cgipat=cgi-bin/*
pidfile=/var/run/mini_httpd.pid
xrealip=127.0.0.1


Igor S.
http://sysoev.ru/en/

On Tue, Oct 26, 2010 at 10:32:47AM -0700, David Newman wrote:

Lexa Software: [email protected] archive

If not, what changes are needed to mini_httpd?

Yes, it is this patch. If you have problems with applying I can sent
it as attachment.
Also you may build mini_httpd with NO_OPENSSL=YES to decrease its memory
footprint.


Igor S.
http://sysoev.ru/en/

On 10/25/10 9:46 PM, Igor S. wrote:

nginx.org runs Mailman’s CGI using mini_httpd. This is a simple server by
the same author as thttpd. I have also patched mini_httpd to support
X-Real-IP header.

Thanks for the responses.

Is this the mini_httpd patch:

http://www.lexa.ru/nginx-ru/msg29854.html

If not, what changes are needed to mini_httpd?

thanks again

dn

On Tue, Oct 26, 2010 at 11:02:34AM -0700, David Newman wrote:

pasting from that email, and an attempt to patch manually failed (as it
should – that’s always a bad idea).

Here is the patch.

On 10/26/10 10:38 AM, Igor S. wrote:

Is this the mini_httpd patch:

Lexa Software: [email protected] archive

If not, what changes are needed to mini_httpd?

Yes, it is this patch. If you have problems with applying I can sent
it as attachment.

Thanks – please do. I’m having trouble with line wraps when cutting and
pasting from that email, and an attempt to patch manually failed (as it
should – that’s always a bad idea).

dn

Hi Igor and nginx fans,

Back in October Igor helped get me going with Mailman on nginx. Things
are mostly working fine, except I just noticed I’m getting 403 forbidden
errors when trying to access Mailman archives. Web access to other parts
of Mailman (info and admin pages) works OK.

How to correct archive permissions?

I’ve pasted configs and errors below.

Thanks in advance!

dn

from nginx.conf (note that ‘domain1.tld’ is in place of a real domain):

    location = /mailman/ {
        proxy_pass         http://127.0.0.1/cgi-bin/listinfo;
        proxy_set_header   Host       mail.domain1.tld;
        proxy_set_header   X-Real-IP  $remote_addr;
    }

    location /mailman/ {
        proxy_pass         http://127.0.0.1/cgi-bin/;
        proxy_set_header   Host       mail.domain1.tld;
        proxy_set_header   X-Real-IP  $remote_addr;
    }

    location /icons {
        proxy_redirect   off;
        alias /usr/local/mailman/icons;
    }

    location = /cgi-bin/ {
        proxy_pass         http://127.0.0.1/cgi-bin/listinfo;
        proxy_set_header   Host       mail.domain1.tld;
        proxy_set_header   X-Real-IP  $remote_addr;
    }

    location /cgi-bin/ {
        proxy_pass         http://127.0.0.1/cgi-bin/;
        proxy_set_header   Host       mail.domain1.tld;
        proxy_set_header   X-Real-IP  $remote_addr;
    }

    location /pipermail/ {
            alias  /usr/local/mailman/archives/public/;
    }

from mini_httpd.conf:

user=_nginx
host=127.0.0.1
port=80
dir=/usr/local/mailman
cgipat=cgi-bin/*
pidfile=/var/run/mini_httpd.pid
xrealip=127.0.0.1

from /usr/local/mailman/archives/public:

lrwxr-xr-x 1 root mailman 43 Dec 19 14:51 somelist@ →
/usr/local/mailman/archives/private/somelist

from /var/log/httpd.err, after each attempt to see a public archive:

2010/12/19 14:36:59 [error] 3917#0: *1
“/usr/local/mailman/archives/public/somelist/index.html” is forbidden
(13: Permission denied), client: 205.147.16.129, server:
mail.domain1.tld, request: “GET /pipermail/somelist/ HTTP/1.1”, host:
“mail.domain1.tld”, referrer:
https://mail.domain1.tld/mailman/listinfo/somelist

On Sun, Dec 19, 2010 at 02:54:38PM -0800, David Newman wrote:

Hi Igor and nginx fans,

Back in October Igor helped get me going with Mailman on nginx. Things
are mostly working fine, except I just noticed I’m getting 403 forbidden
errors when trying to access Mailman archives. Web access to other parts
of Mailman (info and admin pages) works OK.

How to correct archive permissions?

from /usr/local/mailman/archives/public:

lrwxr-xr-x 1 root mailman 43 Dec 19 14:51 somelist@ →
/usr/local/mailman/archives/private/somelist

What does “ls -l /usr/local/mailman/archives/private/somelist” show ?


Igor S.
http://sysoev.ru/en/

On 10/26/10 11:05 AM, Igor S. wrote:

Here is the patch.

Success! The only other change needed to compile on OpenBSD was to
comment out the CRYPT_LIB line in the Makefile.

Many thanks for your help.

dn

On 12/20/10 8:13 AM, Igor S. wrote:

from /usr/local/mailman/archives/public:

lrwxr-xr-x 1 root mailman 43 Dec 19 14:51 somelist@ ->
/usr/local/mailman/archives/private/somelist

What does “ls -l /usr/local/mailman/archives/private/somelist” show ?

ls -l /usr/local/mailman/archives/private/somelist

total 12226
drwxrwsr-x 2 mailman mailman 1536 Apr 30 2008 2008-April/
-rw-r–r-- 1 mailman mailman 78023 Apr 30 2008 2008-April.txt
-rw-r–r-- 1 mailman mailman 20548 May 1 2008 2008-April.txt.gz
drwxrwsr-x 2 mailman mailman 2560 Aug 31 2008 2008-August/
-rw-r–r-- 1 mailman mailman 242428 Aug 31 2008 2008-August.txt
-rw-r–r-- 1 mailman mailman 57105 Sep 1 2008 2008-August.txt.gz
drwxrwsr-x 2 mailman mailman 2048 Dec 31 2008 2008-December/
-rw-r–r-- 1 mailman mailman 116114 Dec 31 2008 2008-December.txt
-rw-r–r-- 1 mailman mailman 33449 Jan 1 2009
2008-December.txt.gz
drwxrwsr-x 2 mailman mailman 2560 Jul 31 2008 2008-July/
-rw-r–r-- 1 mailman mailman 206426 Jul 31 2008 2008-July.txt
-rw-r–r-- 1 mailman mailman 52905 Aug 1 2008 2008-July.txt.gz
drwxrwsr-x 2 mailman mailman 3584 Jun 30 2008 2008-June/
-rw-r–r-- 1 mailman mailman 278629 Jun 30 2008 2008-June.txt
-rw-r–r-- 1 mailman mailman 67803 Jul 1 2008 2008-June.txt.gz
drwxrwsr-x 2 mailman mailman 2560 May 31 2008 2008-May/
-rw-r–r-- 1 mailman mailman 225326 May 31 2008 2008-May.txt
-rw-r–r-- 1 mailman mailman 58933 Jun 1 2008 2008-May.txt.gz
drwxrwsr-x 2 mailman mailman 3072 Nov 30 2008 2008-November/
-rw-r–r-- 1 mailman mailman 406590 Nov 30 2008 2008-November.txt
-rw-r–r-- 1 mailman mailman 78248 Dec 1 2008
2008-November.txt.gz
drwxrwsr-x 2 mailman mailman 3072 Oct 31 2008 2008-October/
-rw-r–r-- 1 mailman mailman 264975 Oct 31 2008 2008-October.txt
-rw-r–r-- 1 mailman mailman 57381 Nov 1 2008
2008-October.txt.gz
drwxrwsr-x 2 mailman mailman 2048 Sep 30 2008 2008-September/
-rw-r–r-- 1 mailman mailman 153765 Sep 30 2008 2008-September.txt
-rw-r–r-- 1 mailman mailman 45627 Oct 1 2008
2008-September.txt.gz
drwxrwsr-x 2 mailman mailman 3072 Apr 30 2009 2009-April/
-rw-r–r-- 1 mailman mailman 327338 Apr 30 2009 2009-April.txt
-rw-r–r-- 1 mailman mailman 85981 May 1 2009 2009-April.txt.gz
drwxrwsr-x 2 mailman mailman 3072 Aug 31 2009 2009-August/
-rw-rw-r-- 1 mailman mailman 200662 Aug 31 2009 2009-August.txt
-rw-rw-r-- 1 mailman mailman 59623 Sep 1 2009 2009-August.txt.gz
drwxrwsr-x 2 mailman mailman 3584 Dec 31 2009 2009-December/
-rw-rw-r-- 1 mailman mailman 256204 Dec 31 2009 2009-December.txt
-rw-rw-r-- 1 mailman mailman 65701 Jan 1 2010
2009-December.txt.gz
drwxrwsr-x 2 mailman mailman 3072 Feb 28 2009 2009-February/
-rw-r–r-- 1 mailman mailman 231603 Feb 28 2009 2009-February.txt
-rw-r–r-- 1 mailman mailman 65750 Mar 1 2009
2009-February.txt.gz
drwxrwsr-x 2 mailman mailman 4096 Jan 31 2009 2009-January/
-rw-r–r-- 1 mailman mailman 375628 Jan 31 2009 2009-January.txt
-rw-r–r-- 1 mailman mailman 95679 Jan 31 2009
2009-January.txt.gz
drwxrwsr-x 2 mailman mailman 3584 Jul 31 2009 2009-July/
-rw-rw-r-- 1 mailman mailman 324597 Jul 31 2009 2009-July.txt
-rw-rw-r-- 1 mailman mailman 86993 Aug 1 2009 2009-July.txt.gz
drwxrwsr-x 2 mailman mailman 5120 Jun 30 2009 2009-June/
-rw-rw-r-- 1 mailman mailman 556825 Jun 30 2009 2009-June.txt
-rw-rw-r-- 1 mailman mailman 124024 Jul 1 2009 2009-June.txt.gz
drwxrwsr-x 2 mailman mailman 2560 Mar 31 2009 2009-March/
-rw-r–r-- 1 mailman mailman 185277 Mar 31 2009 2009-March.txt
-rw-r–r-- 1 mailman mailman 49182 Apr 1 2009 2009-March.txt.gz
drwxrwsr-x 2 mailman mailman 4608 May 31 2009 2009-May/
-rw-r–r-- 1 mailman mailman 471849 May 31 2009 2009-May.txt
-rw-r–r-- 1 mailman mailman 107722 Jun 1 2009 2009-May.txt.gz
drwxrwsr-x 2 mailman mailman 3584 Nov 30 2009 2009-November/
-rw-rw-r-- 1 mailman mailman 275720 Nov 30 2009 2009-November.txt
-rw-rw-r-- 1 mailman mailman 75768 Dec 1 2009
2009-November.txt.gz
drwxrwsr-x 2 mailman mailman 3584 Oct 31 2009 2009-October/
-rw-rw-r-- 1 mailman mailman 466349 Oct 31 2009 2009-October.txt
-rw-rw-r-- 1 mailman mailman 99495 Nov 1 2009
2009-October.txt.gz
drwxrwsr-x 2 mailman mailman 2560 Sep 30 2009 2009-September/
-rw-rw-r-- 1 mailman mailman 214690 Sep 30 2009 2009-September.txt
-rw-rw-r-- 1 mailman mailman 56099 Oct 1 2009
2009-September.txt.gz
drwxrwsr-x 2 mailman mailman 3072 May 19 2010 2010-April/
-rw-rw-r-- 1 mailman mailman 223366 May 19 2010 2010-April.txt
-rw-rw-r-- 1 mailman mailman 61761 May 20 2010 2010-April.txt.gz
drwxrwsr-x 2 mailman mailman 3584 Aug 31 23:17 2010-August/
-rw-rw-r-- 1 mailman mailman 297303 Aug 31 23:17 2010-August.txt
-rw-rw-r-- 1 mailman mailman 75725 Sep 1 03:27 2010-August.txt.gz
drwxrwsr-x 2 mailman mailman 3584 Dec 19 20:28 2010-December/
-rw-rw-r-- 1 mailman mailman 291589 Dec 19 20:28 2010-December.txt
-rw-rw-r-- 1 mailman mailman 66613 Dec 20 03:27
2010-December.txt.gz
drwxrwsr-x 2 mailman mailman 2560 Feb 28 2010 2010-February/
-rw-rw-r-- 1 mailman mailman 223869 Feb 28 2010 2010-February.txt
-rw-rw-r-- 1 mailman mailman 52130 Mar 1 2010
2010-February.txt.gz
drwxrwsr-x 2 mailman mailman 2048 Jan 31 2010 2010-January/
-rw-rw-r-- 1 mailman mailman 152989 Jan 31 2010 2010-January.txt
-rw-rw-r-- 1 mailman mailman 40033 Feb 1 2010
2010-January.txt.gz
drwxrwsr-x 2 mailman mailman 2560 Jul 31 17:52 2010-July/
-rw-rw-r-- 1 mailman mailman 195699 Jul 31 17:52 2010-July.txt
-rw-rw-r-- 1 mailman mailman 53176 Aug 1 03:27 2010-July.txt.gz
drwxrwsr-x 2 mailman mailman 4608 Jun 30 11:53 2010-June/
-rw-rw-r-- 1 mailman mailman 391856 Jun 30 11:53 2010-June.txt
-rw-rw-r-- 1 mailman mailman 90754 Jul 1 03:27 2010-June.txt.gz
drwxrwsr-x 2 mailman mailman 3072 Mar 31 2010 2010-March/
-rw-rw-r-- 1 mailman mailman 194155 Mar 31 2010 2010-March.txt
-rw-rw-r-- 1 mailman mailman 58805 Apr 1 2010 2010-March.txt.gz
drwxrwsr-x 2 mailman mailman 4096 May 31 2010 2010-May/
-rw-rw-r-- 1 mailman mailman 395188 May 31 2010 2010-May.txt
-rw-rw-r-- 1 mailman mailman 89527 Jun 1 2010 2010-May.txt.gz
drwxrwsr-x 2 mailman mailman 5632 Nov 30 21:57 2010-November/
-rw-rw-r-- 1 mailman mailman 435500 Nov 30 21:57 2010-November.txt
-rw-rw-r-- 1 mailman mailman 101703 Dec 1 03:27
2010-November.txt.gz
drwxrwsr-x 2 mailman mailman 5120 Oct 31 20:31 2010-October/
-rw-rw-r-- 1 mailman mailman 432117 Oct 31 20:31 2010-October.txt
-rw-rw-r-- 1 mailman mailman 97521 Nov 1 03:27
2010-October.txt.gz
drwxrwsr-x 2 mailman mailman 3584 Sep 30 23:31 2010-September/
-rw-rw-r-- 1 mailman mailman 292044 Sep 30 23:31 2010-September.txt
-rw-rw-r-- 1 mailman mailman 76813 Oct 1 03:27
2010-September.txt.gz
drwxrwsr-x 882 mailman mailman 18432 Dec 19 10:17 attachments/
drwxrws— 2 mailman mailman 5632 Dec 19 20:28 database/
-rw-r–r-- 1 mailman mailman 14698 Dec 19 20:28 index.html
-rw-r----- 1 mailman mailman 1517 Dec 19 20:28 pipermail.pck

dn

On 12/20/10 9:29 AM, Igor S. wrote:

What does “ls -ld /usr/local/mailman/archives/private/somelist” show ?

drwxrwxr-x 37 _nginx mailman 3072 Dec 2 03:27
/usr/local/mailman/archives/private/somelist/

Just now I tried changing ownership of this directory to mailman and
restarting nginx (kill -HUP cat /var/run/nginx.pid) and mailman
(/usr/local/mailman/bin/mailmanctl restart), but the problem persists.

Thanks in advance for additional clues.

dn

On Mon, Dec 20, 2010 at 09:09:12AM -0800, David Newman wrote:

On 12/20/10 8:13 AM, Igor S. wrote:

from /usr/local/mailman/archives/public:

lrwxr-xr-x 1 root mailman 43 Dec 19 14:51 somelist@ →
/usr/local/mailman/archives/private/somelist

What does “ls -l /usr/local/mailman/archives/private/somelist” show ?

ls -l /usr/local/mailman/archives/private/somelist

index.html rights are enough for nginx:

-rw-r–r-- 1 mailman mailman 14698 Dec 19 20:28 index.html

What does “ls -ld /usr/local/mailman/archives/private/somelist” show ?


Igor S.
http://sysoev.ru/en/

On Mon, Dec 20, 2010 at 10:12:34AM -0800, David Newman wrote:

Thanks in advance for additional clues.

The problem is probably in an intermediate path directory.
You should check that every directory in these pathes
/usr/local/mailman/archives/public/ and
/usr/local/mailman/archives/private/
has “r-x” rights for others.


Igor S.
http://sysoev.ru/en/

On Mon, Dec 20, 2010 at 12:57:12PM -0800, David Newman wrote:

I thought this might make private archives accessible to anyone, but
this is not the case. It appears that all private list archives remain
private.

Yes, in mentioned configuration nginx can access the archives only
via enabled symlinks in the public directory.


Igor S.
http://sysoev.ru/en/

On 12/20/10 10:17 AM, Igor S. wrote:

The problem is probably in an intermediate path directory.
You should check that every directory in these pathes
/usr/local/mailman/archives/public/ and /usr/local/mailman/archives/private/
has “r-x” rights for others.

Bingo. The private directory had drwxrws— permissions.

Doing ‘chmod o+rx’ fixed the display issue.

I thought this might make private archives accessible to anyone, but
this is not the case. It appears that all private list archives remain
private.

Thanks!

dn