Mail CGI script and SeLinux

redhatdude at bellsouth.net redhatdude at bellsouth.net
Fri Jul 7 09:25:47 UTC 2006 

Hi,
I set up a perl script in my cgi-bin that would get the content of an  
html form and mail it to me. However, it doesn't work. I already  
enabled cgi support in selinux and set up the context of the script  
to -rwxr-xr-x  root root system_u:object_r:httpd_sys_script_exec_t  
FormMail.pl
If I disable selinux everything works.
Please advice what I should do for the email to get through.
The logs are bellow.
Thanks,
EJ


maillog
relay=none, delay=1, status=deferred (connect to /var/lib/imap/socket/ 
lmtp[/var/lib/imap/socket/lmtp]: Permission denied)

audit.log

type=AVC msg=audit(1152263826.932:21): avc:  denied  { getattr } for   
pid=2318 comm="postdrop" name="[7669]" dev=pipefs ino=7669  
scontext=user_u:system_r:postfix_postdrop_t:s0  
tcontext=user_u:system_r:httpd_t:s0 tclass=fifo_file
type=SYSCALL msg=audit(1152263826.932:21): arch=40000003 syscall=197  
success=no exit=-13 a0=2 a1=bf9d6720 a2=a22ff4 a3=3 items=0 pid=2318  
auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=90  
sgid=90 fsgid=90 tty=(none) comm="postdrop" exe="/usr/sbin/postdrop"  
subj=user_u:system_r:postfix_postdrop_t:s0
type=AVC_PATH msg=audit(1152263826.932:21):  path="pipe:[7669]"
type=AVC msg=audit(1152263826.976:22): avc:  denied  { connectto }  
for  pid=2306 comm="lmtp" name="lmtp"  
scontext=system_u:system_r:postfix_master_t:s0  
tcontext=system_u:system_r:initrc_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1152263826.976:22): arch=40000003 syscall=102  
success=no exit=-13 a0=3 a1=bfe4ff90 a2=bd9430 a3=bdbc24 items=1  
pid=2306 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89  
egid=89 sgid=89 fsgid=89 tty=(none) comm="lmtp" exe="/usr/libexec/ 
postfix/lmtp" subj=system_u:system_r:postfix_master_t:s0
type=AVC_PATH msg=audit(1152263826.976:22):  path="/var/lib/imap/ 
socket/lmtp"
type=SOCKADDR msg=audit(1152263826.976:22):  
saddr=01002F7661722F6C69622F696D61702F736F636B65742F6C6D7470000000000000 
000000000000000000000000000000000000000000000000000000000000000000000000 
000000000000000000000000000000000000000000000000000000000000000000000000 
0000000000
type=SOCKETCALL msg=audit(1152263826.976:22): nargs=3 a0=b  
a1=bfe500ac a2=6e
type=PATH msg=audit(1152263826.976:22): item=0 name=(null)  
inode=8585327 dev=fd:00 mode=0140777 ouid=0 ogid=0 rdev=00:00  
obj=system_u:object_r:cyrus_var_lib_t:s0

More information about the fedora-list mailing list