If I perform "matchpathcon /var/whatever" I still get var_t as its default type. Then again, why it kept the httpd_sys_content_t after the relabel?
I did the same test on Fedora 10 (which of course is way newer than Centos) and it behaves different (the way I had in mind): after a relabel thru ./autorelabel, all the files & directories I create under /var return to var_t (if there's no override in file_contexts.local).
In CentOS 5.3, If I manually change from var_t to something else, when I relabel the filesystem, the file keeps the type I specified (and not the default it should have based on its location). Please if anyone knows why this happens i'd be glad to know.
Read this thread: https://www.redhat.com/archives/fedora-selinux-list/2009-July/msg00141.html
HTH Sasha