Mailing List CGatePro@mail.stalker.com Message #106096
From: Bill Cole <cgp-2015@billmail.scconsult.com>
Subject: Re: sendmail and SELinux
Date: Fri, 17 Jun 2016 10:43:17 -0400
To: CommuniGate Pro Discussions <CGatePro@mail.stalker.com>
X-Mailer: MailMate (1.9.4r5234)
On 16 Jun 2016, at 10:19, Chris Vlad wrote:

Hello Support,

I'm not Support, but I do have a suggestion...

I ran CGP on the same box centos 7 with a php application and when SELinux is enabled I can’t send emails from php through sendmail replacement from CGP.
The config in php.ini is fine and the appropriate link has been created in /usr/sbin/sendmail=> /opt/CommuniGate/sendmail, the context of the /opt/CommuniGate/sendmail is “sendmail_exec_t” just like the original application sendmail.postfix . I think it maybe another SELinux context I am missing , probably related to the new path where sendmail is now.
If anyone can point me in the right direction, I really appreciate it.

If you haven't done so already, install the policycoreutils-python package and read the man pages for audit2why and audit2allow. I've got no idea why that package isn't installed by default on CentOS, since the alternative is to read the audit log and SELinux policy yourself to find a prudent fix.

As the names suggest, audit2why translates unsuccessful audit.log entries into comprehensible English and audit2allow translates them into policy snippets that can be injected into your local policy customizations to allow the blocked action. It's generally best to start with audit2why because you are smarter than audit2allow and might see that there's a better place to attack the conflict than it would pick.
Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster