Mail CGI script and SeLinux

Paul Howarth paul at city-fan.org
Fri Jul 7 10:00:53 UTC 2006 

redhatdude at bellsouth.net wrote:
> Hi,
> I set up a perl script in my cgi-bin that would get the content of an 
> html form and mail it to me. However, it doesn't work. I already enabled 
> cgi support in selinux and set up the context of the script to 
> -rwxr-xr-x  root root system_u:object_r:httpd_sys_script_exec_t FormMail.pl
> If I disable selinux everything works.
> Please advice what I should do for the email to get through.
> The logs are bellow.
> Thanks,
> EJ
> 
> 
> maillog
> relay=none, delay=1, status=deferred (connect to 
> /var/lib/imap/socket/lmtp[/var/lib/imap/socket/lmtp]: Permission denied)
> 
> audit.log
> 
> type=AVC msg=audit(1152263826.932:21): avc:  denied  { getattr } for  
> pid=2318 comm="postdrop" name="[7669]" dev=pipefs ino=7669 
> scontext=user_u:system_r:postfix_postdrop_t:s0 
> tcontext=user_u:system_r:httpd_t:s0 tclass=fifo_file
> type=SYSCALL msg=audit(1152263826.932:21): arch=40000003 syscall=197 
> success=no exit=-13 a0=2 a1=bf9d6720 a2=a22ff4 a3=3 items=0 pid=2318 
> auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=90 sgid=90 
> fsgid=90 tty=(none) comm="postdrop" exe="/usr/sbin/postdrop" 
> subj=user_u:system_r:postfix_postdrop_t:s0
> type=AVC_PATH msg=audit(1152263826.932:21):  path="pipe:[7669]"
> type=AVC msg=audit(1152263826.976:22): avc:  denied  { connectto } for  
> pid=2306 comm="lmtp" name="lmtp" 
> scontext=system_u:system_r:postfix_master_t:s0 
> tcontext=system_u:system_r:initrc_t:s0 tclass=unix_stream_socket
> type=SYSCALL msg=audit(1152263826.976:22): arch=40000003 syscall=102 
> success=no exit=-13 a0=3 a1=bfe4ff90 a2=bd9430 a3=bdbc24 items=1 
> pid=2306 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 
> sgid=89 fsgid=89 tty=(none) comm="lmtp" exe="/usr/libexec/postfix/lmtp" 
> subj=system_u:system_r:postfix_master_t:s0
> type=AVC_PATH msg=audit(1152263826.976:22):  
> path="/var/lib/imap/socket/lmtp"
> type=SOCKADDR msg=audit(1152263826.976:22): 
> saddr=01002F7661722F6C69622F696D61702F736F636B65742F6C6D74700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 
> 
> type=SOCKETCALL msg=audit(1152263826.976:22): nargs=3 a0=b a1=bfe500ac 
> a2=6e
> type=PATH msg=audit(1152263826.976:22): item=0 name=(null) inode=8585327 
> dev=fd:00 mode=0140777 ouid=0 ogid=0 rdev=00:00 
> obj=system_u:object_r:cyrus_var_lib_t:s0

These look more like postfix issues than httpd issues. I'd try 
fedora-selinux-list.

I hope you're using a fully up to date version of formmail.pl, legendary 
script loved by spammers due to its multiple historical vulnerabilities.

Paul.

More information about the fedora-list mailing list