From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.8.1.10) Gecko/20071128 Fedora/2.0.0.10-2.fc7 Firefox/2.0.0.10 Description of problem: Summary SELinux is preventing the /usr/sbin/sendmail.postfix from using potentially mislabeled files (/tmp/.apc.541B8K (deleted)). Detailed Description SELinux has denied /usr/sbin/sendmail.postfix access to potentially mislabeled file(s) (/tmp/.apc.541B8K (deleted)). This means that SELinux will not allow /usr/sbin/sendmail.postfix to use these files. It is common for users to edit files in their home directory or tmp directories and then move (mv) them to system directories. The problem is that the files end up with the wrong file context which confined applications are not allowed to access. Allowing Access If you want /usr/sbin/sendmail.postfix to access this files, you need to relabel them using restorecon -v /tmp/.apc.541B8K (deleted). You might want to relabel the entire directory using restorecon -R -v /tmp. Additional Information Source Context system_u:system_r:system_mail_t Target Context system_u:object_r:httpd_tmp_t Target Objects /tmp/.apc.541B8K (deleted) [ file ] Affected RPM Packages postfix-2.4.5-2.fc7 [application] Policy RPM selinux-policy-2.6.4-61.fc7 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name plugins.home_tmp_bad_labels Host Name newage.cosywallet.com Platform Linux newage.cosywallet.com 2.6.23.8-34.fc7 #1 SMP Thu Nov 22 20:39:56 EST 2007 x86_64 x86_64 Alert Count 6 First Seen Thu 13 Dec 2007 03:49:17 PM CET Last Seen Thu 13 Dec 2007 04:11:43 PM CET Local ID b54b3f00-c896-46c5-9c5d-60d61da75b70 Line Numbers Raw Audit Messages avc: denied { read, write } for comm="sendmail" dev=dm-0 egid=48 euid=48 exe="/usr/sbin/sendmail.postfix" exit=0 fsgid=48 fsuid=48 gid=48 items=0 path=2F746D702F2E6170632E35343142384B202864656C6574656429 pid=4430 scontext=system_u:system_r:system_mail_t:s0 sgid=48 subj=system_u:system_r:system_mail_t:s0 suid=48 tclass=file tcontext=system_u:object_r:httpd_tmp_t:s0 tty=(none) uid=48 Version-Release number of selected component (if applicable): postfix 2:2.4.5-2.fc7.x86_64 selinux-policy 2.6.4-61.fc7.noarch How reproducible: Always Steps to Reproduce: 1.Create mail from php 2. 3. Actual Results: Expected Results: Additional info:
This is a leaked file descriptor from PHP. Which your PHP/apache execs the sendmail program it is not closing all of its file descriptors so the kernel checks to see if system_mail has access, and then closes the file descriptor. You can safely ignore this, but upstream mod_php should be informed that they have a leaked file descriptor
I have reported the problem to the php team