Make sure that it is SELinux that is causing the problem:
sestatus checks the current status of SELinux
Temporarily disable SELinux with sudo setenforce 0 and test to see if the failure persists.
Check audit logs for SELinux errors:
sudo ausearch -m avc
Generate a policy file that fixes the SELinux errors errors in the audit log:
sudo ausearch -c 'sendmail' --raw | audit2allow -M my-sendmail sudo semodule -i my-sendmail.pp
-c 'sendmail' indicates the comm= element from the audit log records that identifies the problems to be fixed. Only these records will be selected for the new policy being created.
Use -ts “MM/DD/YYYY” “HH:MM:SS” in place of the -c option in order to search for log records that were recorded after a certain time.
Browse the my-sendmail.te file before running the semodule command to review the policy changes that will be applied.
Setting security context for files:
ls -lZ displays current file context
chcon modifies the security context. For example: chcon -R -t httpd_sys_content_t /www/sites
Where: httpd_sys_content_t – Apache Read-Only access httpd_sys_rw_content_t – Apache Read/Write access httpd_log_t – Apache log files httpd_cache_t – Apache caching
Or, use a reference directory to copy the context it has to another directory tree: chcon -R --reference=/var/www/html /www/sites
