Success!
I went to rpmfind and downloaded
selinux-policy-targeted-1.17.30-3.2.noarch.rpm
selinux-policy-targeted-sources-1.17.30-3.2.noarch.rpm
I uninstalled the previous rpms (using --nodeps), and installed these rpms.
The sources rpm gave a fixfiles error. I then ran:
fixfiles -R selinux-policy-targeted-sources restore
fixfiles -R postfix restore
And PHP mail works!
I still get this error:
May 13 10:04:26 legolas kernel: audit(1116000266.637:0): avc: denied
{ getattr } for pid=26577 exe=/usr/sbin/postdrop
path=/var/spool/postfix/public/pickup dev=md1 ino=438092
scontext=root:system_r:system_mail_t tcontext=root:object_r:var_spool_t
tclass=fifo_file
But mail is being delivered, so I'm ignoring it.
I hope that my policy change doesn't have any negative side-effects.
Thanks for the help, Jordan.
Richard Esplin
On Friday 13 May 2005 09:04, Richard Esplin wrote:
<snip>
>The remaining errors seem to be
> caused by all the postfix files having the wrong security context. When I
> run restorecon they all go back to system_u:object_r:sbin_t. Google pointed
> me to this URL:
> https://www.redhat.com/archives/fedora-selinux-list/2004-December/msg00033.
>html
>
> where someone had the exact same problem, and the Red Hat engineer said
> that it was fixed in policy 1.17.30-2.41. I am running
> selinux-policy-targeted-1.17.30-2.52.1
>
> Any ideas?
>
> Richard Esplin
>
> On Wednesday 11 May 2005 19:39, Jordan Curzon wrote:
> > You may need to run restorecon to get postfix back to the right
> > context, but really that only has to do with operations on it, not by
> > it. You http_t context is missing privileges normally given to the
> > mail domain.
<snip>
> > Jordan Curzon
> >
> > On 5/11/05, Richard Esplin <[EMAIL PROTECTED]> wrote:
> > > I am running CentOS4, and I am trying to get the PHP mail() command to
> > > work. When I turn off SELinux enforcing, everything works fine. When
> > > SELinux is enforcing, the mail() command fails and I get these errors
> > > in /var/log/messages:
<snip>
.===================================.
| This has been a P.L.U.G. mailing. |
| Don't Fear the Penguin. |
| IRC: #utah at irc.freenode.net |
`==================================='
