[CentOS] Odd SELinux messages during+after 5.3 upgrade (system_mail_t and postfix_postdrop_t access rpm_var_lib_t)

Tue Apr 14 04:35:11 UTC 2009
JohnS <jses27 at gmail.com>

On Tue, 2009-04-14 at 12:06 +0800, D Tucny wrote:
> 2009/4/14 Dan Mensom <mensomman at yahoo.com>
>         
>         Hey guys,
>         
>         I've been getting some strange selinux messages after the 5.3
>         upgrade.
>         It appears as though my mail system (postfix) is constantly
>         trying to
>         access the rpm database? Here's the audit messages (I tend to
>         look at
>         my selinux messages using audit2allow < /var/log/audit.log as
>         I find
>         it easier to read quickly):
>         
>         Does anyone know what these accesses are? And why they might
>         be still
>         continously triggering for the mail system, where as all the
>         other
>         packages have stopped causing them?
>         
>         Also, on a related note, is it normally best practices to
>         'setenforce 0'
>         during a 5.x upgrade? Is it possible I've damaged something by
>         leaving
>         selinux enabled? Other than the spamassassin issue, the
>         machine seems
>         to be running ok..
> 
> I've seen the same with a bit of php sending mail through a cronjob...
> I've so far been unable to reproduce it though... The php in question
> isn't supposed to touch the rpmdb even it was maintaining open file
> handles when launching sendmail...
> 
> d
---
Is it possible yours stopped with the new PHP update that just come out?