0

Struggling getting Postfix to run properly on CentOS9, I have it working sending a mail when I call webpage that has the code for a hardcoded email test.

The issue is on a contact form on the website, it comes up with the below issues with SELinux, I'd prefer not to disable SELinux.

I've tried creating a custom rule file but can't get it working.

[root@web ~]# audit2allow -a

#============= NetworkManager_dispatcher_chronyc_t ==============
allow NetworkManager_dispatcher_chronyc_t unlabeled_t:file getattr;


#============= NetworkManager_dispatcher_dhclient_t ==============
allow NetworkManager_dispatcher_dhclient_t unlabeled_t:file getattr;


#============= dkim_milter_t ==============
allow dkim_milter_t reserved_port_t:tcp_socket name_bind;


#============= httpd_t ==============
allow httpd_t postfix_etc_t:file read;


#============= postfix_local_t ==============
allow postfix_local_t httpd_var_lib_t:dir search;


#============= system_mail_t ==============
allow system_mail_t httpd_sys_content_t:file read;

UPDATE #1:

I've managed to create a custom rule file but it's still not sending mail, I've noticed the change in audit2allow now showng #!!!! This avc is allowed in the current policy, is there a step I'm missing?

[root@web ~]# audit2allow -a -M postfixCustom
******************** IMPORTANT ***********************
To make this policy package active, execute:

semodule -i postfixCustom.pp


[root@web ~]# semodule -i postfixCustom.pp
[root@web ~]# audit2allow -a


#============= NetworkManager_dispatcher_chronyc_t ==============


#!!!! This avc is allowed in the current policy
allow NetworkManager_dispatcher_chronyc_t unlabeled_t:file getattr;


#============= NetworkManager_dispatcher_dhclient_t ==============


#!!!! This avc is allowed in the current policy
allow NetworkManager_dispatcher_dhclient_t unlabeled_t:file getattr;


#============= dkim_milter_t ==============


#!!!! This avc is allowed in the current policy
allow dkim_milter_t reserved_port_t:tcp_socket name_bind;


#============= httpd_t ==============


#!!!! This avc is allowed in the current policy
allow httpd_t postfix_etc_t:file read;


#============= postfix_local_t ==============


#!!!! This avc is allowed in the current policy
allow postfix_local_t httpd_var_lib_t:dir search;


#============= system_mail_t ==============


#!!!! This avc is allowed in the current policy
allow system_mail_t httpd_sys_content_t:file read;
AnFi
  • 6,326
llanato
  • 211

0 Answers0