On Sun, Aug 20, 2023, 9:20 AM Bhasker C V <bhasker@unixindia.com> wrote:Finally i switched on the enforcing mode on my linux systemPretty much everything is working except```$ echo hello | mail -s test XXXX@YYY.XYZ
2023-08-20 14:39:30 1qXieQ-000Bpa-1P 1qXieQ-000Bpa-1P no recipients found in headers
Can't send mail: sendmail process failed with error code 1```however the same works fine when I put selinux in permissive state (no warnings shown in audit/dmesg)Is it easy for you to get the headers that cause Sendmail to say "no recipients found in headers"? And compare with the headers generated by the successful mail.It might help tell if it's a bug or working as designed ;-) or maybe a mailx issue not sendmail.A quick ltrace says```1qXia0-000BPb-0a Failed to create spool file /var/spool/exim4//input//1qXia0-000BPb-0a-D: Permission denied```However there are no avc: messages for me to allow this through in my selinux moduleI even tried```allow unconfined_t exim_spool_t:file { open read write create };
allow unconfined_t exim_spool_t:dir { open read write };```since /var/spool/exim4/input has exim_spool_dir set in itI cant fine any booleans either ..Please could someone tell me how to get this to work ? has anyone got mailx working with selinux on their system ?