Hi all,
CentOs 4.0 i386, clean install, running as a server (no GUI).
I can't seem to get sendmail to send out stuff from anything "local" such as PHP or Squirrelmail, when SELinux is enabled. When I send from squrrelmail I get the following in /var/log/messages:
Mar 15 09:49:41 orca kernel: audit(1110880181.204:0): avc: denied { read } for pid=19321 exe=/usr/sbin/sendmail.sendmail name=urandom dev=tmpfs ino=435 scontext=user_u:system_r:system_mail_t tcontext=system_u
bject_r:urandom_device_t tclass=chr_file
Mar 15 09:49:41 orca kernel: audit(1110880181.204:0): avc: denied { read } for pid=19321 exe=/usr/sbin/sendmail.sendmail name=random dev=tmpfs ino=433 scontext=user_u:system_r:system_mail_t tcontext=system_u
bject_r:random_device_t tclass=chr_file
If I disable SEL via:
echo "0" >/selinux/enforce
the messages are sent without issue.
I've used chcon to enable SEL on /var/www/html for wesbites, and that all works fine, but I don't know what to run fro sendmail.
I've had to switch off SEL until I can get this resolved. Does anyone have any suggestions?
Many thanks,
Jim