[SOLVED] SELinux/Sendmail Problem (thank you)

[Donald Reader]

On Thu, 2008-03-13 at 18:32 -0400, Daniel J Walsh wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Donald Reader wrote:
> > I have narrowed down my SELinux errors to just one while
> > using php to send mail via it's mail function. For the life
> > of me I can't get this one figured out as I did an updatedb 
> > so I could try and use locate to find the file that is
> > being complained about with no luck at all.
> > 
> > If anyone can shed some light on this I would appreciate it
> > greatly. Attached is the sealert with all the info on the problem.
> > 
> > Thank You
> > Donald Reader
> > 
> These avc's show sendmail attempting to read files created by the apache
>  process (mod_php) in /tmp.  sendmail is also trying to read a file off
> of /usr/share/GeoIP/GeoIP.dat which is labeled usr_t.  The easiest thing
> for you to do is to build a local policy module
> 
> 
> # grep httpd /var/log/audit/audit.log | audit2allow -M myhttp
> # semodule -i myhttp.pp
> 
> This would allow the mail program to read these files.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.8 (GNU/Linux)
> Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
> 
> iEYEARECAAYFAkfZq3QACgkQrlYvE4MpobMJoACgtUP9awE738qPTceRR1K9fU+H
> rM0AoMjM+Xq09iGJfuEjgMRDDnJPSmMs
> =bPMH
> -----END PGP SIGNATURE-----

Thank you again Dan. I copied and pasted the command you gave me
then ran it of course. then did an edit replacing httpd with sendmail
and ran another set of commands. Now I don't get the alert when sending
emails. Another command to keep in my arsenal for future use.

Thank You
Donald Reader