HostOnNet Blog

CentOS release 6.5 sendmail error NOQUEUE: SYSERR(apache): can not chdir

On a CentOS release 6.5 (Final) server, when sending mail from PHP, no mails are sent out. Checking the log file (/var/log/maillog), i got following error message.

Aug 21 22:56:26 cl-231 sendmail[27917]: NOQUEUE: SYSERR(apache): can not chdir(/var/spool/clientmqueue/): Permission denied
Aug 21 22:56:28 cl-231 sendmail[27918]: NOQUEUE: SYSERR(apache): can not chdir(/var/spool/clientmqueue/): Permission denied
Aug 21 22:56:35 cl-231 sendmail[27919]: NOQUEUE: SYSERR(apache): can not chdir(/var/spool/clientmqueue/): Permission denied
Aug 22 00:06:51 cl-231 sendmail[29307]: NOQUEUE: SYSERR(apache): can not chdir(/var/spool/clientmqueue/): Permission denied

Look like CentOS is now using sendmail as default. Some time back, they made switch to postfix, not sure why sendmail again.

This error is due to SELinux (Security Enhanced Linux). There is two way you can solve the error.

  1. Disable SELinux
  2. Allow Apache to send mail in SELinux

Checking If SELinux is enabled.

To check if SELinux enabled, run getenforce.

[root@cl-231 log]# getenforce
Enforcing
[root@cl-231 log]#

Method 1: Disable SELinux

You can disable SELinux by editing file /etc/selinux/config

[root@cl-231 ~]# cat /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted 


[root@cl-231 ~]# 

Find

SELINUX=enforcing

Replace with

SELINUX=disabled

and reboot.

Method 2: httpd_can_sendmail

Lets see mail related SELinux configuration.

[root@cl-231 log]# getsebool -a | grep mail
allow_postfix_local_write_mail_spool --> on
httpd_can_sendmail --> off
logging_syslogd_can_sendmail --> off
[root@cl-231 log]# 

httpd_can_sendmail is set to off.

We need to enable it, run

setsebool httpd_can_sendmail 1

Posted in CentOS