SELinux and mail() in PHP

Since I upgraded my server and activated SELinux I haven’t gotten any emails from wordpress when people post comments on this blog (that’s why it has taken my so long time to approve comments). Today I decided it was time to look into the problem.

It turned out that the problem was related to the following message that I’ve been seeing in my log:

The mail() function in PHP (which is what wordpress uses to send the notification mail) is implemented using popen(3). When you call mail(), PHP executes popen(“sendmail …”, “w”). This ends up with a call to “sh -c sendmail …”, which explains the log message.

The solution was allow execute_no_trans for httpd:

One thought on “SELinux and mail() in PHP

Comments are closed.