Yesterday, one of our customers reported an issue with a PHP mail form that was using mail() function to send outgoing emails. The problem was simple, it was unable to send any emails usign that form.
We were able to reproduce the problem, and determined that the problem was caused by CloudLinux CageFS security.
The error was logged inside Apache’s error_log and was captured using tail and grep against my network IP while doing trying to reproduce the problem:
tail -f /usr/local/apache/logs/error_log | grep XX.XX.XX.XX
This was the exact error:
/bin/cat: /var/.cagefs/.cagefs.token: Permission denied You are not authorized to run this command
It seems CageFS was restricting the use of /bin/cat binary, and that was the reason it was unable to send outgoing email (doesn’t have any sense I know, as ‘cat’ command wasn’t inside the email form code)
The quick fix was to disable CafeFS for this user in particular:
/usr/sbin/cagefsctl --disable user
In order to check if this was sucessfully disabled it can be confirmed using:
/usr/sbin/cagefsctl --list-disabled
This is not the definitive solution, for a quick fix while you can investigate a real fix while keeping CafeFS enabled.