[leglug-users] sendmail and apache issue with fedora
Abdallah Deeb
abdallah.deeb at gmail.com
Sat Jun 7 10:48:27 EDT 2008
Yeap, SELinux is yet another mess :)
On Sat, Jun 7, 2008 at 5:23 PM, Chady Kassouf <chady.kassouf at gmail.com> wrote:
> Hi Abdallah,
>
> It was finally resolved a couple of hours ago.
>
> The syntax is correct, and what was baffling me was if I call the script
> directly from a login:
>
> $ perl test.cgi
>
> it sends the mail. Even doing this:
>
> $ sudo -u apache perl test.cgi
>
> it also sent the mail, just hitting it form the webserver failed on closing
> the pipe with sendmail.
>
>
> Finally, after a gazillion combination of search queries, I was able to
> pinpoint the reason of the issue.
>
> can you say SELinux?
>
> that was the reason nothing was showing up in the maillog, cause it was
> being denied at the kernel level and not even reaching back.
>
>
> Regards,
>
>
> On Sat, Jun 7, 2008 at 5:14 PM, Abdallah Deeb <abdallah.deeb at gmail.com>
> wrote:
>>
>> Hi Chadi,
>>
>> A couple of things I could think of:
>> 1- How is your script being called by apache? The correct syntax
>> should be something like:
>> $mailprog = "/usr/sbin/sendmail -t -fsender\@example.com";
>> Where sender at example.com is a valid address (or alias)
>>
>> 2- Sometimes sendmail is set to suid to root. I'm not sure how it goes
>> on Fedora and I don't have one to play with atm. But, you can try
>> su-ing as apache (or the username for your apache installation) and
>> trying the script as that user.
>>
>> 3- Remove Sendmail, it's a hassle to maintain it and it's such a pest
>> anyway. Use postfix instead, it's fully compatible with Sendmail, easy
>> to maintain and with a virtually flawless security. It shouldn't be
>> too much trouble to replace that, mail aliases all the same and if
>> you're using unix users to authenticate, it's seemless.
>>
>> Good luck with it :)
>>
>> Cheers,
>> Abdallah
>> --
>>
>> On Sat, Jun 7, 2008 at 1:38 PM, Chady Kassouf <chady.kassouf at gmail.com>
>> wrote:
>> > Hi all,
>> >
>> > I'm just trying my luck to see if someone has any idea on why this might
>> > be
>> > happening.
>> >
>> >
>> > I'm trying to send an email from a Perl script and it's failing, I
>> > narrowed
>> > the issue down to the following:
>> >
>> > I created a simple script that pipes to sendmail and sends a test email,
>> > if I run the script from the command line it works fine and mail gets
>> > sent.
>> > If I run the script from the webserver, the script dies trying to close
>> > the
>> > pipe to sendmail, with sendmail's return code of 18432 (a code which
>> > I've
>> > never seen in my life)
>> > And when the script dies on that, nothing gets even printed into
>> > maillog.
>> >
>> > System is Fedora 8
>> >
>> > anyone has any idea on how this might be happening?
>> > I'm guessing some sort of ACL that is preventing apache from
>> > communicating
>> > with sendmail, but I'm no expert in that area, so any insight is much
>> > appreciated.
>> >
>> > Regards,
>> >
>> > --
>> > Chady 'Leviathan' Kassouf
>> > http://chady.net/
>> > _______________________________________________
>> > leglug-users mailing list
>> > leglug-users at lists.leglug.org
>> > http://lists.leglug.org/mailman/listinfo/leglug-users
>> >
>> >
>> _______________________________________________
>> leglug-users mailing list
>> leglug-users at lists.leglug.org
>> http://lists.leglug.org/mailman/listinfo/leglug-users
>
>
>
> --
> Chady 'Leviathan' Kassouf
> http://chady.net/
> _______________________________________________
> leglug-users mailing list
> leglug-users at lists.leglug.org
> http://lists.leglug.org/mailman/listinfo/leglug-users
>
>
--
Abdallah Deeb
More information about the leglug-users
mailing list