由于 SELINUX 会阻挡掉 SMTP, 所以需要增加 policy,
以让 SMTP 服务通过
另一个方法也可以选择将 SELINUX 关掉
$ gedit /etc/sysconfig/selinux
SELINUX=disabled
1. 创建文件
$ su
$ gedit postfix-local.te
module postfix-local 1.0;
require {
type tmpfs_t;
type sendmail_t;
type postfix_local_t;
type postfix_cleanup_t;
type postfix_smtp_t;
type postfix_smtpd_t;
type postfix_qmgr_t;
type postfix_master_t;
type postfix_pickup_t;
class lnk_file read;
}
allow sendmail_t tmpfs_t:lnk_file read;
allow postfix_local_t tmpfs_t:lnk_file read;
allow postfix_cleanup_t tmpfs_t:lnk_file read;
allow postfix_smtp_t tmpfs_t:lnk_file read;
allow postfix_smtpd_t tmpfs_t:lnk_file read;
allow postfix_pickup_t tmpfs_t:lnk_file read;
allow postfix_master_t tmpfs_t:lnk_file read;
allow postfix_qmgr_t tmpfs_t:lnk_file read;
2. 运行
$ checkmodule -m -M -o postfix-local.mod postfix-local.te
$ semodule_package --outfile postfix-local.pp --module postfix-local.mod
$ semodule -i postfix-local.pp
没有评论:
发表评论