1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

MAIL() not working "avc: denied"

Discussion in 'Plesk for Linux - 8.x and Older' started by riquel, Feb 6, 2006.

  1. riquel

    riquel Guest


    I have this problem since several weeks and still haven't found anything yet to repair it... If anyone could help, I'd be very grateful, thanks.

    I'm on fedora core 3 with plesk reloaded 7.5.4 and the problem is my mail() (php function) ain't working!

    Here is the code which will hopefully show you what is happening:
    Jan 31 10:16:31 mtl kernelaudit(1138702591.914:0): avc:  denied  execute } for  pid=18494 exe=/bin/bash name=sendmail dev=hda1 ino=3294211 scontext=user_u:system_r:httpd_sys_script_t tcontext=system_u:object_r:var_t tclass=file
    Jan 31 10
    :16:31 mtl kernelaudit(1138702591.914:0): avc:  denied  getattr } for  pid=18494 exe=/bin/bash path=/var/qmail/bin/sendmail dev=hda1 ino=3294211 scontext=user_u:system_r:httpd_sys_script_t tcontext=system_u:object_r:var_t tclass=file
    Jan 31 10
    :16:31 mtl kernelaudit(1138702591.915:0): avc:  denied  getattr } for  pid=18494 exe=/bin/bash path=/var/qmail/bin/sendmail dev=hda1 ino=3294211 scontext=user_u:system_r:httpd_sys_script_t tcontext=system_u:object_r:var_t tclass=file
    Jan 31 10
    :17:01 mtl crond(pam_unix)[18498]: session opened for user drweb by (uid=0)
    Jan 31 10:17:04 mtl crond(pam_unix)[18498]: session closed for user drweb
    Jan 31 10
    :18:58 mtl kernelaudit(1138702738.137:0): avc:  denied  execute } for  pid=18535 exe=/bin/bash name=sendmail dev=hda1 ino=3294211 scontext=user_u:system_r:httpd_sys_script_t tcontext=system_u:object_r:var_t tclass=file
    Jan 31 10
    :18:58 mtl kernelaudit(1138702738.137:0): avc:  denied  getattr } for  pid=18535 exe=/bin/bash path=/var/qmail/bin/sendmail dev=hda1 ino=3294211 scontext=user_u:system_r:httpd_sys_script_t tcontext=system_u:object_r:var_t tclass=file
    Jan 31 10
    :18:58 mtl kernelaudit(1138702738.138:0): avc:  denied  getattr } for  pid=18535 exe=/bin/bash path=/var/qmail/bin/sendmail dev=hda1 ino=3294211 scontext=user_u:system_r:httpd_sys_script_t tcontext=system_u:object_r:var_t tclass=file

    I also have another problem which I think doesn't have anything to do with this one, it is that, when i try to backup sthing through my pannel I get an error saying "error while calling the fopen function..."

    Thanks in advance!
  2. riquel

    riquel Guest

    help pls! :confused:
  3. riquel

    riquel Guest

    I really need to fix this as all my sites are mail disabled , please if anyone can help it would be very apreciated thx
  4. wagnerch

    wagnerch Guest

    Why did you start two threads on this? Did you look at SELinux any further? You claim you disabled SELinux, but you didn't ever lead into exactly what you have done. Clearly from my perspective it is an SELinux issue and you have not disabled it. Try executing "setenforce 0" as root and see if it helps, if it does then you haven't disabled SELinux properly. "setenforce 0" is only temporary and after the server is rebooted the SELinux policies will be back in enforcing mode.

    Maybe you should just pay someone? It is a far stretch to expect people to take their time to help address your problems when you are not really giving any information back.
  5. riquel

    riquel Guest

    so first, I made a new topic because the old one had reached 3 pages and I was sure no one would bother reading it up...

    Jamesyouc tried to help me, and I thank him again, when he suggested me to deactivate selinux, so that is what I did:
    And that is what I have done

    Many features of all my website are deactivated because of this and I'm sure you understand I would really want it to be repeaired as soon as possible

    I'm new to this and my budget doesn't allow me for buying support, specially when it is as costy as it is now

    So I'm sorry if I offended you anyhow, I only want my server repaired ..

    but thx for the help, I will try your advices
  6. riquel

    riquel Guest

    aaah it was the error... at last ..

    It has repaired it all, thanks a bunch mate.

    But how can I deactivate it permanently?

    Thanks again!
  7. riquel

    riquel Guest

    I tried putting

    (and rebooting)
    in the etc/sysconfig/selinux
    but none worked

    I have to write setenforce 0 in order for it to work

    Anyone knows how to remove it permanently?
  8. wagnerch

    wagnerch Guest

    Just incase it isn't obvious these forums are _community_ forums, SWsoft doesn't typically respond to issues or problems through the forums. The intent is for people like you and me to obtain free support, but if no one helps then your choices are limited. You can either pay a consultant for help, or you can buy support from SWsoft. This problem is actually outside of a Plesk issue, it is a server issue -- but Plesk SHOULD check for this condition and provide some sort of guidance.

    In any event here is what my /etc/sysconfig/selinux file looks like:

    # This file controls the state of SELinux on the system.
    # SELINUX= can take one of these three values:
    # enforcinfg - SELinux security policy is enforced.
    # permissive - SELinux prints warnings instead of enforcing.
    # disabled - No SELinux policy is loaded.

    It is _critical_ that the variable is SELINUX (upper case), and there is only one occurrence of the SELINUX variable in the file. I am not sure what OS you are running, but the above example is from Fedora Core 2.

    Worst case if it still doesn't take the sysconfig file, you can modify your boot parameters. Reply to this thread if the above doesn't work for you. It should work fine. Another option is to put "setenforce 0" into the /etc/rc.d/rc.local file.
  9. riquel

    riquel Guest

    it still doesn't want to work,

    however there is a "SELINUXTYPE=targeted" variable bellow it may be because of it

    I will try the other option
  10. wagnerch

    wagnerch Guest

    I guess you are running FC3 or later -- or one of the RHEL's. FC3 FAQ on SELinux may help:

    SELinux FAQ for FC3
  11. riquel

    riquel Guest

    Ok it is fixed, thanks a lot for your help wagnerch, I'm certainly not the only one you just helped ;)

    To those who own FEDORA CORE 3 and would like to deactivate SELINUX do the following

    Edit the "config" file located in "/etc/sysconfig/selinux"

    and set

    Thanks again wagnerch
    have a great day :)
  12. riquel

    riquel Guest

    although it has resolved my main problem (mail() and bind) and I'm very satisfied, one problem has arisen and the fopen problem when trying to backup is still there.

    On my other websites, I get this error:

    Warning: main(): open_basedir restriction in effect. File(../include.conf) is not within the allowed path(s): (/var/www/vhosts/domain.com/httpdocs:/tmp)

    I know how to repair it tho, I have to add some lines in my .conf files. I guess I'll have to do it on all websites.

    For the backup it seems the fopen problem is still there