The mailing list for listmasters using Sympa

["McLaren, Terry" <address@concealed>]

Greetings Thoralf  - Version 6.2.68 throws an error when a listmaster tries to impersonate another listmaster.   I suspect this is by design.

 

 

person_three@our_domain should be able to log in to the server and be granted listmaster privileges for that specific email address.  

 

Additionally, our sympa.conf/robot.conf files define the listmaster param as one continual line w/o the new line after the param name as you reference below.   E.g.

 

[…]

listmaster  person_one@our_domain,person_two@our_domain,person_three@our_domain

 

Terry McLaren

 

 

-----Original Message-----
From: address@concealed <address@concealed> On Behalf Of Thoralf Schulze
Sent: Friday, September 23, 2022 5:13 AM
To: address@concealed
Subject: [en@sympa] listmaster setting not working

 

hi there -

 

first of all, thank you for your work.

 

Unfortunately, sympa doesn't recognize one of our listmaster accounts.

Listmaster accounts are defined in $mail_domain_name/robot.conf as follows:

 

listmaster

person_one@our_domain,person_two@our_domain,person_three@our_domain

 

When person_three@our_domain logs in or that account is impersonated from another admin account, most admin tools including the "listmaster admin" menu item are missing. Everything works fine for person_one@our_domain and person_two@our_domain.

 

I was assuming that this might be due to us using ldap-/ad-accounts and person_three having had another email address (ie. the mail-attribute) in the ad before, but poking around in the sqlite database for both the old and the new email address does not support this theory. Would it be possible / feasible to completely delete user_three from the sqlite database?

 

We are using sympa 6.2.60 from the debian bullseye repos, I would be thankful for any pointers on how to resolve this issue. I will happily provide more detailed logs or cpnfig files that might be of relevance.

 

Thank you very much & with kind regards, Thoralf.

 

 

fwiw, here are the sanitised logs (@level2) for impersonating person_two:

 

Sep 23 11:07:54 weiser wwsympa[900]: info main::do_set_session_email() [robot lists.our_domain] [session 50059163015675] [client a.b.c.d] [user admin_account@our_domain] Sep 23 11:07:54 weiser wwsympa[900]: debug2 main::check_param_out() [robot lists.our_domain] [session 50059163015675] [client a.b.c.d] [user admin_account@our_domain] Sep 23 11:07:54 weiser wwsympa[900]: debug Sympa::WWW::Session::store() Sep 23 11:07:54 weiser wwsympa[900]: debug Sympa::WWW::Session::set_cookie(Sympa::WWW::Session, localhost, 0, 1) Sep 23 11:07:54 weiser wwsympa[900]: notice main:: Redirecting to https://lists.our_domain/ Sep 23 11:07:54 weiser wwsympa[900]: debug Sympa::WWW::Session::set_cookie(Sympa::WWW::Session, localhost, session, 1) Sep 23 11:07:54 weiser wwsympa[900]: debug2 Sympa::List::get_robots() Sep 23 11:07:54 weiser wwsympa[900]: debug2

Sympa::User::get_global_user(person_two@our_domain)

Sep 23 11:07:54 weiser wwsympa[900]: debug2 main::check_param_in() [robot lists.our_domain] [session 50059163015675] [client a.b.c.d] [user person_two@our_domain] Sep 23 11:07:54 weiser wwsympa[900]: debug2 Sympa::Scenario::new(Sympa::Scenario, lists.our_domain, create_list, ...) Sep 23 11:07:54 weiser wwsympa[900]: debug2 Sympa::Scenario::authz(Sympa::Scenario

<create_list.public_listmaster;/usr/share/sympa/default/scenari/create_list.public_listmaster>,

md5, HASH, ...)

Sep 23 11:07:54 weiser wwsympa[900]: debug2 Sympa::Scenario::do_search(lists.our_domain, HASH, blacklist.txt) Sep 23 11:07:54 weiser wwsympa[900]: debug2

main::export_topics(lists.our_domain) [robot lists.our_domain] [session 50059163015675] [client a.b.c.d] [user person_two@our_domain] Sep 23 11:07:54 weiser wwsympa[900]: debug2

Sympa::Robot::load_topics(lists.our_domain)

Sep 23 11:07:54 weiser wwsympa[900]: debug2 Sympa::Scenario::new(Sympa::Scenario, lists.our_domain, topics_visibility, ...) Sep 23 11:07:54 weiser wwsympa[900]: debug2 Sympa::Scenario::authz(Sympa::Scenario

<topics_visibility.noconceal;/usr/share/sympa/default/scenari/topics_visibility.noconceal>,

md5, HASH, ...)

[ … lots of these]

Sep 23 11:07:54 weiser wwsympa[900]: info main::do_home() [robot lists.our_domain] [session 50059163015675] [client a.b.c.d] [user person_two@our_domain] Sep 23 11:07:54 weiser wwsympa[900]: debug2 main::check_param_out() [robot lists.our_domain] [session 50059163015675] [client a.b.c.d] [user person_two@our_domain] Sep 23 11:07:54 weiser wwsympa[900]: debug Sympa::WWW::Session::store() Sep 23 11:07:54 weiser wwsympa[900]: debug Sympa::WWW::Session::set_cookie(Sympa::WWW::Session, localhost, 0, 1) Sep 23 11:07:54 weiser wwsympa[900]: debug2 Sympa::List::get_robots()

 

and for person_three:

 

Sep 23 11:15:27 weiser wwsympa[900]: info main::do_set_session_email() [robot lists.our_domain] [session 50059163015675] [client a.b.c.d] [user admin_account@our_domain] Sep 23 11:15:27 weiser wwsympa[900]: debug2 main::check_param_out() [robot lists.our_domain] [session 50059163015675] [client a.b.c.d] [user admin_account@our_domain] Sep 23 11:15:27 weiser wwsympa[900]: debug Sympa::WWW::Session::store() Sep 23 11:15:27 weiser wwsympa[900]: debug Sympa::WWW::Session::set_cookie(Sympa::WWW::Session, localhost, 0, 1) Sep 23 11:15:27 weiser wwsympa[900]: notice main:: Redirecting to https://lists.our_domain/ Sep 23 11:15:27 weiser wwsympa[900]: debug Sympa::WWW::Session::set_cookie(Sympa::WWW::Session, localhost, session, 1) Sep 23 11:15:27 weiser wwsympa[900]: debug2 Sympa::List::get_robots() Sep 23 11:15:27 weiser wwsympa[900]: debug2

Sympa::User::get_global_user(person_three@our_domain)

Sep 23 11:15:27 weiser wwsympa[900]: debug2 main::check_param_in() [robot lists.our_domain] [session 50059163015675] [client a.b.c.d] [user person_three@our_domain] Sep 23 11:15:27 weiser wwsympa[900]: debug2 Sympa::Scenario::new(Sympa::Scenario, lists.our_domain, create_list, ...) Sep 23 11:15:27 weiser wwsympa[900]: debug2 Sympa::Scenario::authz(Sympa::Scenario

<create_list.public_listmaster;/usr/share/sympa/default/scenari/create_list.public_listmaster>,

md5, HASH, ...)

Sep 23 11:15:27 weiser wwsympa[900]: debug2 Sympa::Scenario::do_search(lists.our_domain, HASH, blacklist.txt) Sep 23 11:15:27 weiser wwsympa[900]: debug2

main::export_topics(lists.our_domain) [robot lists.our_domain] [session 50059163015675] [client a.b.c.d] [user person_three@our_domain] Sep 23 11:15:27 weiser wwsympa[900]: debug2

Sympa::Robot::load_topics(lists.our_domain)

Sep 23 11:15:27 weiser wwsympa[900]: debug2 Sympa::Scenario::new(Sympa::Scenario, lists.our_domain, topics_visibility, ...) Sep 23 11:15:27 weiser wwsympa[900]: debug2 Sympa::Scenario::authz(Sympa::Scenario

<topics_visibility.noconceal;/usr/share/sympa/default/scenari/topics_visibility.noconceal>,

md5, HASH, ...)

[ … lots of these]

Sep 23 11:15:27 weiser wwsympa[900]: info main::do_home() [robot lists.our_domain] [session 50059163015675] [client a.b.c.d] [user person_three@our_domain] Sep 23 11:15:27 weiser wwsympa[900]: debug2 main::check_param_out() [robot lists.our_domain] [session 50059163015675] [client a.b.c.d] [user person_three@our_domain] Sep 23 11:15:27 weiser wwsympa[900]: debug Sympa::WWW::Session::store() Sep 23 11:15:27 weiser wwsympa[900]: debug Sympa::WWW::Session::set_cookie(Sympa::WWW::Session, localhost, 0, 1)

 

… which afaict don't show any difference.