Continue reading »]]> I reckon about three people a day enter the #selinux channel on freenode, ask a question, and than leave a few minutes later without giving anyone a chance to respond. Since no question askers read the topics or have the time to idle I figured I’d start posting their questions here. There is a good chance I won’t be able to answer them without more detail, but hell, its gotta be better than nothing (maybe). This quote is from the IRC channel so forgive the formatting.

how can i give a user read access to the /etc/mail (etc_mail_t) sendmail.cf?
when i try to connect to sendmail: NOQUEUE: SYSERR(rattler):
/etc/mail/sendmail.cf: line 0: cannot open: Permission denied


On a targeted system a “user”, as in the traditional Unix sense, is not confined in any manner. On a default FC6 install I can read /etc/mail/sendmail.cf with no denials in enforcing mode with any user logged in at the local console or via SSH.

So given the fact that any user can read the file I can only assume you mean the daemon itself. Well, once again on a default system, the sendmail daemon can read the file you specified. On my system the file has the type:

[spencer@sshimko-fc6 ~]$ ls -Z /etc/mail/sendmail.cf
-rw-r--r-- root root system_u:object_r:etc_mail_t:s0 /etc/mail/sendmail.cf


Make sure your file is labeled similarly. If not, run “restorecon /etc/mail/sendmail.cf” and restart the mail service. If this still doesn’t work could you please give more details?