Proper settings to allow web server to send mail
Miroslav Grepl
mgrepl at redhat.com
Wed Jan 11 10:06:09 UTC 2012
On 01/11/2012 12:51 AM, Jeroen van Meeuwen (Kolab Systems) wrote:
> On 2012-01-10 22:19, Steven Stern wrote:
>> I found this in my maillog:
>>
>> Jan 10 13:54:02 scarletfire sendmail[9824]: NOQUEUE: SYSERR(apache): can
>> not chdir(/var/spool/clientmqueue/): Permission denied
>>
>> coming from an AVC:
>>
>> Jan 10 13:54:02 scarletfire kernel: type=1400 audit(1326225242.351:5):
>> avc: denied { search } for pid=9824 comm="sendmail"
>> name="clientmqueue" dev=dm-0 ino=1312124
>> scontext=system_u:system_r:httpd_t:s0
>> tcontext=system_u:object_r:mqueue_spool_t:s0 tclass=dir
>>
>> What is the proper settings to allow a web server to do whatever it was
>> trying to do here... (Or was this something bad that SELINUX prevented)
>
> You'll find the selinux booleans of interest when such things happen.
>
> In this case, I think you're looking for httpd_can_sendmail.
>
> Kind regards,
>
> Jeroen van Meeuwen
>
Yes, you can find it using
# man httpd_selinux
More information about the selinux
mailing list