[CentOS] SELInux and POSTFIX

Fri Apr 25 14:52:07 UTC 2014
James B. Byrne <byrnejb at harte-lyne.ca>

On Wed, April 23, 2014 16:44, Daniel J Walsh wrote:
> Looks like this is allowed in rhel6.5 policy. You could try
>
> selinux-policy-3.7.19-235.el6
> on people.redhat.com/dwalsh/SELinux/RHEL6
>

yum --enablerepo=localfile update selinux\*
Loaded plugins: downloadonly, fastestmirror, priorities
Loading mirror speeds from cached hostfile
 * Webmin: download.webmin.com
 * base: centos.mirror.rafal.ca
 * epel: fedora.mirror.nexicom.net
 * extras: mirror.netflash.net
 * updates: mirror.csclub.uwaterloo.ca
Setting up Update Process
Resolving Dependencies
--> Running transaction check
---> Package selinux-policy.noarch 0:3.7.19-231.el6_5.1 will be updated
--> Processing Dependency: selinux-policy = 3.7.19-231.el6_5.1 for package:
selinux-policy-targeted-3.7.19-231.el6_5.1.noarch
--> Processing Dependency: selinux-policy = 3.7.19-231.el6_5.1 for package:
selinux-policy-targeted-3.7.19-231.el6_5.1.noarch
---> Package selinux-policy.noarch 0:3.7.19-235.el6 will be an update
--> Finished Dependency Resolution
Error: Package: selinux-policy-targeted-3.7.19-231.el6_5.1.noarch (@updates)
           Requires: selinux-policy = 3.7.19-231.el6_5.1
           Removing: selinux-policy-3.7.19-231.el6_5.1.noarch (@updates)
               selinux-policy = 3.7.19-231.el6_5.1
           Updated By: selinux-policy-3.7.19-235.el6.noarch (localfile)
               selinux-policy = 3.7.19-235.el6
           Available: selinux-policy-3.7.19-231.el6.noarch (base)
               selinux-policy = 3.7.19-231.el6
 You could try using --skip-broken to work around the problem
 You could try running: rpm -Va --nofiles --nodigest


I have these packages in /root/RPMS/repo/Packages:

total 3776
-rw-r--r--. 1 root root   69264 Apr 24 20:52 opendmarc-1.1.3-3.1.x86_64.rpm
-rw-r--r--. 1 root root  845052 Apr 23 16:41
selinux-policy-3.7.19-235.el6.noarch.rpm
-rw-r--r--. 1 root root 2946848 Apr 23 16:41
selinux-policy-targeted-3.7.19-235.el6.noarch.rpm

I have run 'createrepo --database --update /root/RPMS/repo'

What do I not understand respecting performing this update?

I only noted this issue following implementation of an spf policy daemon with
Postfix.  However, that change was the reason I was looking at the log files
to begin with so the situation may have been present for a very long time
before that.

-- 
***          E-Mail is NOT a SECURE channel          ***
James B. Byrne                mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited          http://www.harte-lyne.ca
9 Brockley Drive              vox: +1 905 561 1241
Hamilton, Ontario             fax: +1 905 561 0757
Canada  L8E 3C3