<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> <HTML> <HEAD> <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> <META NAME="Generator" CONTENT="MS Exchange Server version 6.5.7652.24"> <TITLE>selinux-policy-targeted-2.6.4-49.fc7 blocking httpd from sendmail.postfix</TITLE> </HEAD> <BODY>  <TT>I just installed a Fedora Core 7 box, ran yum update yesterday, and installed php5 and apache 2.2.6. SELinux is in Enforcing mode, and is blocking PHP's mail() function from sending: Nov 2 11:05:41 webserver setroubleshoot: SELinux is preventing the sh from using potentially mislabeled files sendmail.postfix (sendmail_exec_t). For complete SELinux messages. run sealert -l c9001c48-5d48-4b7c-9fd7-8400544daa8f sealert says: Source Context user_u:system_r:httpd_t Target Context system_u:object_r:sendmail_exec_t Target Objects /usr/sbin/sendmail.postfix [ file ] Affected RPM Packages postfix-2.4.3-2.fc7 [target] Policy RPM selinux-policy-2.6.4-48.fc7 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name plugins.httpd_bad_labels If I follow sealert's suggestion and "chcon -t httpd_sys_content_t /usr/sbin/sendmail.postfix", then I get the following (expected to me) errors in /var/log/messages on "service postfix restart": Nov 2 13:38:25 $(server) setroubleshoot: SELinux is preventing postfix-script (postfix_master_t) "getattr" to /usr/sbin/sendmail.postfix (httpd_sys_content_t). For complete SELinux messages. run sealert -l b8bea1cd-10eb-40bc-8d5b-2031b5bceabe According to this post: <A HREF="https://www.redhat.com/archives/fedora-selinux-list/2004-December/msg00033.html">https://www.redhat.com/archives/fedora-selinux-list/2004-December/msg00033.html</A>, this problem has been seen before and was fixed in selinux-policy-targeted-1.19.8-1. Has that fix been lost, or am I seeing something new? Thanks, Robert Auch</TT> </BODY> </HTML>