2009/4/14 D Tucny <d at tucny.com> > 2009/4/14 Dan Mensom <mensomman at yahoo.com> > >> >> Hey guys, >> >> I've been getting some strange selinux messages after the 5.3 upgrade. >> It appears as though my mail system (postfix) is constantly trying to >> access the rpm database? Here's the audit messages (I tend to look at >> my selinux messages using audit2allow < /var/log/audit.log as I find >> it easier to read quickly): >> >> Does anyone know what these accesses are? And why they might be still >> continously triggering for the mail system, where as all the other >> packages have stopped causing them? >> >> Also, on a related note, is it normally best practices to 'setenforce 0' >> during a 5.x upgrade? Is it possible I've damaged something by leaving >> selinux enabled? Other than the spamassassin issue, the machine seems >> to be running ok.. >> > > I've seen the same with a bit of php sending mail through a cronjob... I've > so far been unable to reproduce it though... The php in question isn't > supposed to touch the rpmdb even it was maintaining open file handles when > launching sendmail... > Narrowed it down, nothing to do with the php, it's when cron was sending a mail, the php script was just a regular cron job... Stopped crond, tried debugging it in foreground and saw nothing related... Started crond back up again and the messages are no longer appearing... I wonder if it was something to do with cron being last started during an rpm transaction as a result of being upgraded and it receiving the rpmdb filehandles at that point and sharing them with sendmail... d -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20090414/ccd6188e/attachment-0005.html>