Thanks Nicholas
However, it doesnt to my knowledge looks like an issue with mailx or
sendmail (I use exim4).
The reason i derive at at is because the whole thing works the moment i
disable selinux.
What i wonder is why selinux is not complaining about the failure ? No logs
whatsoever ...
On Mon, Aug 21, 2023 at 12:58 AM Nicholas Geovanis <nickgeova...@gmail.com>
wrote:
> On Sun, Aug 20, 2023, 9:20 AM Bhasker C V <bhas...@unixindia.com> wrote:
>
>> Finally i switched on the enforcing mode on my linux system
>> Pretty much everything is working except
>>
>> ```
>> $ echo hello | mail -s test x...@yyy.xyz
>> 2023-08-20 14:39:30 1qXieQ-000Bpa-1P 1qXieQ-000Bpa-1P no recipients found
>> in headers
>> Can't send mail: sendmail process failed with error code 1
>> ```
>> however the same works fine when I put selinux in permissive state (no
>> warnings shown in audit/dmesg)
>>
>
> Is it easy for you to get the headers that cause Sendmail to say "no
> recipients found in headers"? And compare with the headers generated by the
> successful mail.
> It might help tell if it's a bug or working as designed ;-) or maybe a
> mailx issue not sendmail.
>
> A quick ltrace says
>> ```
>> 1qXia0-000BPb-0a Failed to create spool file
>> /var/spool/exim4//input//1qXia0-000BPb-0a-D: Permission denied
>> ```
>>
>> However there are no avc: messages for me to allow this through in my
>> selinux module
>> I even tried
>>
>> ```
>> allow unconfined_t exim_spool_t:file { open read write create };
>> allow unconfined_t exim_spool_t:dir { open read write };
>> ```
>>
>> since /var/spool/exim4/input has exim_spool_dir set in it
>>
>> I cant fine any booleans either ..
>>
>> Please could someone tell me how to get this to work ? has anyone got
>> mailx working with selinux on their system ?
>>
>>
>>
