On 01/11/2012 12:51 AM, Jeroen van Meeuwen (Kolab Systems) wrote:
On 2012-01-10 22:19, Steven Stern wrote:I found this in my maillog: Jan 10 13:54:02 scarletfire sendmail[9824]: NOQUEUE: SYSERR(apache): can not chdir(/var/spool/clientmqueue/): Permission denied coming from an AVC: Jan 10 13:54:02 scarletfire kernel: type=1400 audit(1326225242.351:5): avc: denied { search } for pid=9824 comm="sendmail" name="clientmqueue" dev=dm-0 ino=1312124 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:mqueue_spool_t:s0 tclass=dir What is the proper settings to allow a web server to do whatever it was trying to do here... (Or was this something bad that SELINUX prevented)You'll find the selinux booleans of interest when such things happen. In this case, I think you're looking for httpd_can_sendmail. Kind regards, Jeroen van Meeuwen
Yes, you can find it using # man httpd_selinux -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
