Choosing A Webhost:
A web hosting service is a type of Internet hosting service that allows individuals and organizations to provide their own website accessible via the World Wide Web. Web hosts are companies that provide space on a server they own for use by their clients as well as providing Internet connectivity, typically in a data center. Web hosts can also provide data center space and connectivity to the Internet for servers they do not own to be located in their data center, called colocation. more...
|
Re: Allow apache to send mail?: msg#00027
|
Subject: |
Re: Allow apache to send mail? |
Daniel J Walsh said the following on 07/12/2005 21:24:
> Robin Bowes wrote:
>
>> Hi,
>>
>> Can anyone tell me how to allow apache (httpd) to send mail, i.e. to use
>> the smtp port?
>>
>> I'm trying to enable notifications in Trac and am seeing this in the
>> audit log:
>>
>> type=AVC msg=audit(1133985478.317:38): avc: denied { name_connect }
>> for pid=2175 comm="httpd" dest=25 scontext=system_u:system_r:httpd_t
>> tcontext=system_u:object_r:smtp_port_t tclass=tcp_socket
>> type=SYSCALL msg=audit(1133985478.317:38): arch=c000003e syscall=42
>> success=no exit=-13 a0=11 a1=2aaab21569f0 a2=10 a3=0 items=0 pid=2175
>> auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48
>> fsgid=48 comm="httpd" exe="/usr/sbin/httpd"
>> type=SOCKADDR msg=audit(1133985478.317:38):
>> saddr=020000195433A04E0000000000000000
>>
>> How do I modify my policy to allow this?
>
> Easiest way is
>
> setsebool -P httpd_can_network_connect=1
Daniel,
Thanks.
I came up with the following:
allow httpd_t smtp_port_t:tcp_socket name_connect;
CAn this be added to the std policy? Or preferably added as a boolean, e.g.:
setsebool -P httpd_can_send_mail
R.
|
| |
