Proper settings to allow web server to send mail
Jeroen van Meeuwen (Kolab Systems)
vanmeeuwen at kolabsys.com
Tue Jan 10 23:51:44 UTC 2012
On 2012-01-10 22:19, Steven Stern wrote:
> I found this in my maillog:
>
> Jan 10 13:54:02 scarletfire sendmail[9824]: NOQUEUE: SYSERR(apache):
> can
> not chdir(/var/spool/clientmqueue/): Permission denied
>
> coming from an AVC:
>
> Jan 10 13:54:02 scarletfire kernel: type=1400
> audit(1326225242.351:5):
> avc: denied { search } for pid=9824 comm="sendmail"
> name="clientmqueue" dev=dm-0 ino=1312124
> scontext=system_u:system_r:httpd_t:s0
> tcontext=system_u:object_r:mqueue_spool_t:s0 tclass=dir
>
> What is the proper settings to allow a web server to do whatever it
> was
> trying to do here... (Or was this something bad that SELINUX
> prevented)
You'll find the selinux booleans of interest when such things happen.
In this case, I think you're looking for httpd_can_sendmail.
Kind regards,
Jeroen van Meeuwen
--
Systems Architect, Kolab Systems AG
e: vanmeeuwen at kolabsys.com
t: +44 144 340 9500
m: +44 74 2516 3817
w: http://www.kolabsys.com
pgp: 9342 BF08
More information about the selinux
mailing list