[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: SELinux preventing mail on Openshift Origina Fedora 19.



The dummy who installed this system (me) forgot to check sebooleans and allow httpd to send mail.  

enabled that, but im having the same issue.   

I went ahead and installed updates, and rebooted (something I wanted to do anyway), which made no difference in the end. 

I've done some googling, and Ive found others having this problem on RHEL/Fedora (though, not OpenShift Specific) and all of the pointed to the boolean. 

It's definitely on. 

# getsebool httpd_can_sendmail
httpd_can_sendmail --> on


There arent per-gear booleans or something are there?


-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- 
Nathan Lager, RHCSA, RHCE, RHCVA (#110-011-426) 
System Administrator 
11 Pardee Hall 
Lafayette College, Easton, PA 18042 


----- Original Message -----
> From: "Nathan T. Lager" <lagern lafayette edu>
> To: "Aaron Knister" <aaron knister gmail com>
> Cc: users lists openshift redhat com
> Sent: Wednesday, December 25, 2013 8:14:48 AM
> Subject: Re: SELinux preventing mail on Openshift Origina Fedora 19.
> 
> Sorry for the time its taken to respond, Christmas, family and all.
> 
> Here are all of the avc's logged from the moment i submit the contact form:
> 
> 1256. 12/25/2013 08:12:07 virt-what
> system_u:system_r:openshift_cron_t:s0-s0:c0.c1023 4 dir search
> system_u:system_r:init_t:s0 denied 62013
> 1257. 12/25/2013 08:12:07 virt-what
> system_u:system_r:openshift_cron_t:s0-s0:c0.c1023 4 file getattr
> system_u:system_r:init_t:s0 denied 62013
> 1258. 12/25/2013 08:12:07 cat
> system_u:system_r:openshift_cron_t:s0-s0:c0.c1023 2 file read
> system_u:system_r:init_t:s0 denied 62014
> 1259. 12/25/2013 08:12:07 cat
> system_u:system_r:openshift_cron_t:s0-s0:c0.c1023 2 file open
> system_u:system_r:init_t:s0 denied 62014
> 
> 
> ----- Original Message -----
> > From: "Aaron Knister" <aaron knister gmail com>
> > To: "Nathan T. Lager" <lagern lafayette edu>
> > Cc: users lists openshift redhat com
> > Sent: Sunday, December 22, 2013 9:23:02 AM
> > Subject: Re: SELinux preventing mail on Openshift Origina Fedora 19.
> > 
> > Can you send the AVC denials? I think "aureport -a" should do the job.
> > 
> > Sent from my iPhone
> > 
> > > On Dec 22, 2013, at 12:34 AM, "Lager, Nathan T." <lagern lafayette edu>
> > > wrote:
> > > 
> > > So, i have an OO running, on fedora 19.
> > > 
> > > I have a wordpress app running, with a contact form.
> > > 
> > > Whenever the contact from is used, the message is not sent.  The error
> > > returned is permission denied (in /var/log/maillog).
> > > 
> > > If i setenforce 0, it works, this is obviously not a fix, just
> > > troubleshooting.  So selinux appears to be the issue.
> > > 
> > > Fedora was, for some reason, using sendmail rather than postfix, so i
> > > tried
> > > switching to postfix, this didnt help.
> > > 
> > > The error in maillog with postfix is:
> > > Dec 22 00:22:21 strife postfix/sendmail[25834]: fatal: chdir
> > > /var/spool/postfix: Permission denied
> > > 
> > > While sendmail looks like this:
> > > Dec 22 00:08:51 strife sendmail[21105]: NOQUEUE:
> > > SYSERR(529f36b7516de23ea3000002): can not
> > > chdir(/var/spool/clientmqueue/):
> > > Permission denied
> > > 
> > > I've tried the usual troubleshooting.  Restorecon'd on the given
> > > directory,
> > > tried sealert on /var/log/audit/autit.log.  Nothing seems to be pointing
> > > me in the right direction.
> > > 
> > > How can i allow contact forms in my apps?
> > > 
> > > Thanks!
> > > 
> > > _______________________________________________
> > > users mailing list
> > > users lists openshift redhat com
> > > http://lists.openshift.redhat.com/openshiftmm/listinfo/users
> > 
> 
> _______________________________________________
> users mailing list
> users lists openshift redhat com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
> 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]