fedora-selinux January 2012 archive
Main Archive Page > Month Archives  > fedora-selinux archives
fedora-selinux: Proper settings to allow web server to send mail

Proper settings to allow web server to send mail

From: Steven Stern <subscribed-lists_at_nospam>
Date: Tue Jan 10 2012 - 22:19:22 GMT
To: selinux@lists.fedoraproject.org

I found this in my maillog:

Jan 10 13:54:02 scarletfire sendmail[9824]: NOQUEUE: SYSERR(apache): can
not chdir(/var/spool/clientmqueue/): Permission denied

coming from an AVC:

Jan 10 13:54:02 scarletfire kernel: type=1400 audit(1326225242.351:5):
avc: denied { search } for pid=9824 comm="sendmail"
name="clientmqueue" dev=dm-0 ino=1312124
scontext=system_u:system_r:httpd_t:s0
tcontext=system_u:object_r:mqueue_spool_t:s0 tclass=dir

What is the proper settings to allow a web server to do whatever it was
trying to do here... (Or was this something bad that SELINUX prevented)

-- -- Steve -- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux