[CentOS] Re: clamav error
Jan-Frode Myklebust
janfrode at tanso.net
Wed May 23 10:02:50 UTC 2007
On 2007-05-16, Indunil Jayasooriya <indunil75 at gmail.com> wrote:
>
>
> Now it is okay, But , is it a good idea to leave selinux disabled ?
>
Nope.. Not a good idea for clamav, as that program is touching
lots of rouge binaries, and it very recently had a remote hole.
I think we had the same problem as you, and it was caused by the
freshrpms-rpm not putting the /var/clamav where the selinux
policy expected it to. We fixed it by:
# stop clamd
semanage fcontext -a -t clamd_var_lib_t "/var/clamav(/.*)?"
restorecon -R /var/clamav
# start clamd
This tells adds a rule saying that files under /var/clamav should
be labeled as clamd_var_lib_t, and then the restorecon command
sets this label on all files under there.
-jf
More information about the CentOS
mailing list