On 2007-05-16, Indunil Jayasooriya <indunil75 at gmail.com> wrote: > > > Now it is okay, But , is it a good idea to leave selinux disabled ? > Nope.. Not a good idea for clamav, as that program is touching lots of rouge binaries, and it very recently had a remote hole. I think we had the same problem as you, and it was caused by the freshrpms-rpm not putting the /var/clamav where the selinux policy expected it to. We fixed it by: # stop clamd semanage fcontext -a -t clamd_var_lib_t "/var/clamav(/.*)?" restorecon -R /var/clamav # start clamd This tells adds a rule saying that files under /var/clamav should be labeled as clamd_var_lib_t, and then the restorecon command sets this label on all files under there. -jf