Re: Odd SELinux messages during+after 5.3 upgrade (system_mail_t and postfix_postdrop_t access rpm_var_lib_t)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Tue, 2009-04-14 at 12:06 +0800, D Tucny wrote:
> 2009/4/14 Dan Mensom <mensomman@xxxxxxxxx>
>         
>         Hey guys,
>         
>         I've been getting some strange selinux messages after the 5.3
>         upgrade.
>         It appears as though my mail system (postfix) is constantly
>         trying to
>         access the rpm database? Here's the audit messages (I tend to
>         look at
>         my selinux messages using audit2allow < /var/log/audit.log as
>         I find
>         it easier to read quickly):
>         
>         Does anyone know what these accesses are? And why they might
>         be still
>         continously triggering for the mail system, where as all the
>         other
>         packages have stopped causing them?
>         
>         Also, on a related note, is it normally best practices to
>         'setenforce 0'
>         during a 5.x upgrade? Is it possible I've damaged something by
>         leaving
>         selinux enabled? Other than the spamassassin issue, the
>         machine seems
>         to be running ok..
> 
> I've seen the same with a bit of php sending mail through a cronjob...
> I've so far been unable to reproduce it though... The php in question
> isn't supposed to touch the rpmdb even it was maintaining open file
> handles when launching sendmail...
> 
> d
---
Is it possible yours stopped with the new PHP update that just come out?

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux