PureMessage for UNIX - AdminGUI Permissions

Hello Wolfgang,

In the "Server Group Manager" interface (18080), it's not possible to give a single user access to one policy list.

In the "Groups Manager" interface (http://localhost:28080/groups), if a group is setup, and a user is designated to admin that group, it is possible to have a single user administer a per-group list.

As the pmx user, run:

$ pmx-group

This gives a variety of commands around group and they proper syntax.  Unfortunately you can't use the original lists in this way, but you could substitute a new list in your policy and get this to work.  It would take a bit of work, but it is possible.

There is a very detailed Groups Walkthrough in the intstructions as well.  Click on the help in the Server Group Manager and search for groups.

Good luck!

MarkJD.

I've located this feature now. But am I seeing right, that there's no way to allow access to only a single custom list used in the public policy?

Hello Wolfgang,

If you setup "Groups", you can do this.

There is a bit of complexity in this, so it's necessary to read the Groups FAQ in the help menu to understand it.

Alternatively, you can call Sophos Support for advice.  It is not possible to do this with a default installation, but it is possible with Groups setup.

You could create one group for all your mail, and then have the one user administer the one list.

Submitting a support request to Sophos Support, so they can analyze your setup and give customized advise would be the quickest route for you to address this.

Cheers,

MarkJD.

Thanks for this hint, MarkJD!

But now I run into another problem while creating the list itself.

I'm trying to execute the following command:

pmx@myawesomeserver:~> pmx-group-list --add --id myTestList --name "My Test List" --description "This is a group list" --match-type contains

 But always the same error:

ERROR:  duplicate key violates unique constraint "pk_cfg_location_instance" CONTEXT:  PL/pgSQL function "ins_cfg_instance" line 4 at SQL statement at /opt/pmx/lib/site_perl/5.8.7/PureMessage/Resources/Store/DB.pm line 137.

Am I doing something wrong?!?

That syntax returns fine on my system.

Can you delete it?  switch --add for --delete.

If not you have may have some database schema issues.

To have this issue solved more quickly, I would suggest opening a ticket with support.

Provide them with the output of :

$ echo "select * from cfg_location_instance" | /opt/pmx/postgres/bin/psql pmx_quarantine

They should be able to point you in the right direction of what may be causing this issue to fail. 

MarkJD.

When deleting the list I get:

No such permission - configuration.lists.mytestlist

 I've opened a support ticket now. Thanks so far!

I'll leave this thread as it is until I can provide a solution here.

For your information:

As we're running PMX 5.5 with a Postgres 7 under a SLES 9 we're out of support :-/

An update doesn't make sense now as we're planning to renew our complete AntiSpam infrastructure with the new release 6 of PMX...

So now another question:

Is it possible to update the content of a list used within a policy via shell? And is it possible to trigger the "replication" to the edge servers via shell?

Hi Wolfgang,

Yes you can modify a list from command line.  If they are group lists then you can use the command pmx-list to add users.  Alternatively you can modify the file directly itself, however, you will need to sync the changes you made locally to the DB so that it can be replicated via the sync-from-db scheduled job.

JasonW