# mailman on freeBSD-8.2: getgrgid() fails for apache userID



## wrecks (Aug 2, 2011)

Hi people..

I'm trying to get mailman working on a freeBSD server. Everything seems fine except for the web/cgi interface. Mailman is bailing out because it cannot figure out the group of apache user (who runs all the cgi stuff):

mailman uses getgrgid() to verify the group-name and it is returning null. I wrote a small test program to call getgrgid(). It returns the right group if I run it from my account or as any other humans, but it fails for system accounts like www, nobody, pgsql etc. One of my own system hardening attempts might be creating the trouble here, but I'm not able to figure it out P 

Would appreciate any help to sort it out.. Thanks in anticipation


----------



## SirDice (Aug 2, 2011)

What are the permissions on /etc/passwd and /etc/group? Both files should be world-readable.


----------



## wrecks (Aug 2, 2011)

Both the files are readable by everyone - 644. A C-function call to getgrgid() succeeds only if user's group is wheel. It returns (null) for any other user. I could add apache user "www" to wheel, but I am not sure if that is a wise move


----------



## SirDice (Aug 3, 2011)

wrecks said:
			
		

> I could add apache user "www" to wheel, but I am not sure if that is a wise move


That's definitely not a good idea


----------



## wrecks (Aug 4, 2011)

*Solved!*

/etc had 750 permissions and that was creating all the trouble :\


----------

