Description of problem: The selinux policy is preventing me from usinf the php mail() function. Please note I am using postfix in my machine, so the same _could_ work with the default MTA (sendmail). Version-Release number of selected component (if applicable): selinux-policy-targeted-1.17.30-2.52.1.noarch How reproducible: always Steps to Reproduce: 1. Of course you need an httpd server with php enabled 2. create a index.php file in /var/www/html containing the line: <?php mail ("user", "TEST Subject", "Test body"; ?> 3. browse the page and hopeless wait for an email in the inbox... Actual results: The mail is not sent to user Expected results: mail sent Additional info: In /var/log/messages I can see: Apr 13 23:08:08 moat kernel: audit(1113426488.965:0): avc: denied { getattr } for pid=29205 exe=/bin/bash path=/var/log dev=dm-0 ino=261142 scontext=root:system_r:httpd_sys_script_t tcontext=system_u:object_r:var_log_t tclass=dir Apr 13 23:08:08 moat kernel: audit(1113426488.975:0): avc: denied { create } for pid=29205 exe=/usr/sbin/sendmail.postfix scontext=root:system_r:httpd_sys_script_t tcontext=root:system_r:httpd_sys_script_t tclass=unix_dgram_socket Apr 13 23:08:09 moat kernel: audit(1113426489.093:0): avc: denied { search } for pid=29205 exe=/usr/sbin/sendmail.postfix name=spool dev=dm-0 ino=261156 scontext=root:system_r:httpd_sys_script_t tcontext=system_u:object_r:var_spool_t tclass=dir Apr 13 23:08:09 moat kernel: audit(1113426489.094:0): avc: denied { create } for pid=29205 exe=/usr/sbin/sendmail.postfix scontext=root:system_r:httpd_sys_script_t tcontext=root:system_r:httpd_sys_script_t tclass=unix_dgram_socket
The policy in U1 fixes this problem. You can grab a preview from ftp://people.redhat.com/dwalsh/SELinux/RHEL4/{selinux-policy-targeted, policycoretuils}
thanks a lot. I "yum"med the whole thing and now it works as expected.