<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="Generator" CONTENT="MS Exchange Server version 6.5.7652.24">
<TITLE>selinux-policy-targeted-2.6.4-49.fc7 blocking httpd from sendmail.postfix</TITLE>
</HEAD>
<BODY>
<!-- Converted from text/plain format -->
<P><TT><FONT SIZE=2>I just installed a Fedora Core 7 box, ran yum update yesterday, and installed php5 and apache 2.2.6. SELinux is in Enforcing mode, and is blocking PHP's mail() function from sending:<BR>
<BR>
Nov 2 11:05:41 webserver setroubleshoot: SELinux is preventing the sh from using potentially mislabeled files sendmail.postfix (sendmail_exec_t). For complete SELinux messages. run sealert -l c9001c48-5d48-4b7c-9fd7-8400544daa8f<BR>
<BR>
sealert says:<BR>
Source Context user_u:system_r:httpd_t<BR>
Target Context system_u:object_r:sendmail_exec_t<BR>
Target Objects /usr/sbin/sendmail.postfix [ file ]<BR>
Affected RPM Packages postfix-2.4.3-2.fc7 [target]<BR>
Policy RPM selinux-policy-2.6.4-48.fc7<BR>
Selinux Enabled True<BR>
Policy Type targeted<BR>
MLS Enabled True<BR>
Enforcing Mode Enforcing<BR>
Plugin Name plugins.httpd_bad_labels<BR>
<BR>
If I follow sealert's suggestion and "chcon -t httpd_sys_content_t /usr/sbin/sendmail.postfix", then I get the following (expected to me) errors in /var/log/messages on "service postfix restart":<BR>
Nov 2 13:38:25 $(server) setroubleshoot: SELinux is preventing postfix-script (postfix_master_t) "getattr" to /usr/sbin/sendmail.postfix (httpd_sys_content_t). For complete SELinux messages. run sealert -l b8bea1cd-10eb-40bc-8d5b-2031b5bceabe<BR>
<BR>
According to this post: <A HREF="https://www.redhat.com/archives/fedora-selinux-list/2004-December/msg00033.html">https://www.redhat.com/archives/fedora-selinux-list/2004-December/msg00033.html</A>, this problem has been seen before and was fixed in selinux-policy-targeted-1.19.8-1. Has that fix been lost, or am I seeing something new?<BR>
<BR>
Thanks,<BR>
Robert Auch</FONT></TT>
</P>
</BODY>
</HTML>