Struggling getting Postfix to run properly on CentOS9, I have it working sending a mail when I call webpage that has the code for a hardcoded email test.
The issue is on a contact form on the website, it comes up with the below issues with SELinux, I'd prefer not to disable SELinux.
I've tried creating a custom rule file but can't get it working.
[root@web ~]# audit2allow -a
#============= NetworkManager_dispatcher_chronyc_t ==============
allow NetworkManager_dispatcher_chronyc_t unlabeled_t:file getattr;
#============= NetworkManager_dispatcher_dhclient_t ==============
allow NetworkManager_dispatcher_dhclient_t unlabeled_t:file getattr;
#============= dkim_milter_t ==============
allow dkim_milter_t reserved_port_t:tcp_socket name_bind;
#============= httpd_t ==============
allow httpd_t postfix_etc_t:file read;
#============= postfix_local_t ==============
allow postfix_local_t httpd_var_lib_t:dir search;
#============= system_mail_t ==============
allow system_mail_t httpd_sys_content_t:file read;
UPDATE #1:
I've managed to create a custom rule file but it's still not sending mail, I've noticed the change in audit2allow
now showng #!!!! This avc is allowed in the current policy
, is there a step I'm missing?
[root@web ~]# audit2allow -a -M postfixCustom
******************** IMPORTANT ***********************
To make this policy package active, execute:
semodule -i postfixCustom.pp
[root@web ~]# semodule -i postfixCustom.pp
[root@web ~]# audit2allow -a
#============= NetworkManager_dispatcher_chronyc_t ==============
#!!!! This avc is allowed in the current policy
allow NetworkManager_dispatcher_chronyc_t unlabeled_t:file getattr;
#============= NetworkManager_dispatcher_dhclient_t ==============
#!!!! This avc is allowed in the current policy
allow NetworkManager_dispatcher_dhclient_t unlabeled_t:file getattr;
#============= dkim_milter_t ==============
#!!!! This avc is allowed in the current policy
allow dkim_milter_t reserved_port_t:tcp_socket name_bind;
#============= httpd_t ==============
#!!!! This avc is allowed in the current policy
allow httpd_t postfix_etc_t:file read;
#============= postfix_local_t ==============
#!!!! This avc is allowed in the current policy
allow postfix_local_t httpd_var_lib_t:dir search;
#============= system_mail_t ==============
#!!!! This avc is allowed in the current policy
allow system_mail_t httpd_sys_content_t:file read;
semanage
or something else to run it?maillog
.