Using SuExec with Mailman

I had issues installing mailman with SuExec, as the mailman CGI programs are by default suid mailman, which SuExec will refuse to work with. Having looked around the internet, I found nothing useful with regards to setting up Mailman to work correctly with SuExec, so I have made this doucment to help others hoping to use mailman with SuExec. When setting up your Virtual Host for mailman, ensure that you have the user and group set to the user defined at build time as the cgi-user. By default in Gentoo, this is apache, however I chose to change it. Another point to note is that the CGI binaries need to be within the SuExec document root, which is defined at compile time. Use ‘suexec -V’ to find out what this is.

<VirtualHost 81.91.108.180>
  User mailman
  Group mailman
  ShapVHOn on
  DocumentRoot /usr/local/mailman
  ServerName list.pengus.net
</VirtualHost>
    

You will also need the following in your apache configuration, in gentoo, this is added into a file in addin-modules, which simply needs including in your main apache.conf. ScriptAlias /mailman/ “/usr/local/mailman/cgi-bin/”

<Directory "/usr/local/mailman/cgi-bin/">
      AllowOverride None
      Options None
      Order allow,deny
      Allow from all
</Directory>

Alias /pipermail/ "/usr/local/mailman/archives/public/"

<Directory "/usr/local/mailman/archives/public/">
      AllowOverride None
      Options ExecCGI FollowSymLinks
      Order allow,deny
      Allow from all
</Directory>