SELinux, apache/php and qmail's sendmail
I use qmail instead of sendmail on RHEL v5 and I could use some advice on
setting contexts for qmail's sendmail so that apache/php can use it. Below are the files and directories involved with qmail's sendmail (and delivery to queue) allow apache/php to invoke qmail's sendmail program: /var/qmail/bin/sendmail allow qmail's sendmail to invoke qmail-inject program: /var/qmail/bin/qmail-inject allow qmail-inject to list the contents of the config files directory: /var/qmail/control allow qmail-inject to read the config files it uses: /var/qmail/control/defaultdomain /var/qmail/control/deaulthost /var/qmail/control/idhost /var/qmail/control/plusdomain /var/qmail/control/me allow qmail-inject to invoke qmail-queue program: /var/qmail/bin/qmail-queue allow qmail-queue to read the config file used by the 'taps' patch: /var/qmail/control/taps allow qmail-queue to put a message into the queue: (create, edit, delete and link files) /var/qmail/queue/pid (and subdirectories) /var/qmail/queue/mess (and subdirectories) /var/qmail/queue/intd (and subdirectories) /var/qmail/queue/todo (and subdirectories) For testing I specified the context "httpd_sys_content_t" but I know that it isn't the desired context. What context(s) should I specify for the aforementioned programs, directories and configuration files? Are there any other things I should do or consider besides setting the context(s)? Your guidance is greatly appreciated. -- fedora-selinux-list mailing list fedora-selinux-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-selinux-list |
SELinux, apache/php and qmail's sendmail
I use qmail instead of sendmail on RHEL v5 and I could use some advice on
setting contexts for qmail's sendmail so that apache/php can use it. Below are the files and directories involved with qmail's sendmail (and delivery to queue) allow apache/php to invoke qmail's sendmail program: /var/qmail/bin/sendmail allow qmail's sendmail to invoke qmail-inject program: /var/qmail/bin/qmail-inject allow qmail-inject to list the contents of the config files directory: /var/qmail/control allow qmail-inject to read the config files it uses: /var/qmail/control/defaultdomain /var/qmail/control/deaulthost /var/qmail/control/idhost /var/qmail/control/plusdomain /var/qmail/control/me allow qmail-inject to invoke qmail-queue program: /var/qmail/bin/qmail-queue allow qmail-queue to read the config file used by the 'taps' patch: /var/qmail/control/taps allow qmail-queue to put a message into the queue: (create, edit, delete and link files) /var/qmail/queue/pid (and subdirectories) /var/qmail/queue/mess (and subdirectories) /var/qmail/queue/intd (and subdirectories) /var/qmail/queue/todo (and subdirectories) For testing I specified the context "httpd_sys_content_t" but I know that it isn't the desired context. What context(s) should I specify for the aforementioned programs, directories and configuration files? Are there any other things I should do or consider besides setting the context(s)? Your guidance is greatly appreciated. -- fedora-selinux-list mailing list fedora-selinux-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-selinux-list |
| All times are GMT. The time now is 01:24 AM. |
VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.