SELinux prevents autoresponder from working

Created:

2016-11-16 13:16:34 UTC

Modified:

2017-08-16 17:28:49 UTC

0

Was this article helpful?


Have more questions?

Submit a request

SELinux prevents autoresponder from working

Applicable to:

  • Plesk 12.5 for Linux

Symptoms

On CentOS 6.8 SELinux enabled, the autoresponder on a mailbox fails to work properly.

in /var/log/maillog

Jul  8 17:05:26 servername postfix-local[16512]: postfix-local: from=info@domain.tld, to=user@example.com, dirname=/var/qmail/mailnames
Jul 8 17:05:26 servername autoresponder filter[16513]: Unable to send response. sendmail status:
13

in /var/log/audit/audit.log

type=AVC msg=audit(1467990573.825:792963): avc:  denied  { read } for  pid=18165 comm="autoresponder" path="pipe:[213248202]" dev=pipefs ino=213248202 scontext=system_u:system_r:sendmail_t:s0 tcontext=system_u:system_r:postfix_pipe_t:s0 tclass=fifo_file
type=AVC msg=audit(1467990573.825:792963): avc: denied { write } for pid=18165 comm="autoresponder" path="pipe:[213248202]" dev=pipefs ino=213248202 scontext=system_u:system_r:sendmail_t:s0 tcontext=system_u:system_r:postfix_pipe_t:s0 tclass=fifo_file
type=AVC msg=audit(1467990573.825:792963): avc: denied { write } for pid=18165 comm="autoresponder" path="pipe:[43766291]" dev=pipefs ino=43766291 scontext=system_u:system_r:sendmail_t:s0 tcontext=system_u:system_r:postfix_master_t:s0 tclass=fifo_file

Cause

CentOS 6.8 specific internal Plesk issue #PPPM-4709

Workaround

  1. Download this SELinux policy module.
  2. Install it

    semodule -i sendmail_pipe.pp

Also, you can use audit2allow to generate and compile a loadable module. Additional information is available on https://wiki.centos.org/HowTos/SELinux or via man audit2allow

Note: Type enforcement (TE) rule is also attached for reference.

Attachments:

Have more questions? Submit a request
Please sign in to leave a comment.