[CentOS] clamav and selinux
craigwhite at azapple.com
Sat Apr 4 13:00:50 UTC 2009
On Sat, 2009-04-04 at 14:08 +0200, Ralph Angenendt wrote:
> Craig White wrote:
> > after cleaning up a bunch or selinux alerts, I update and wham,
> > clamav/clamd/clamav-db make me assert contexts again to /var/clamav
> > like...
> > chcon -t clamd_t clamav -R
> > which temporarily solves the problem but it would be better if it were
> > policy and not file contexts. So I search and see for some
> > reason, /var/clamav is ignored...
> > Is there something I don't understand or does this need to be
> > bugzilla'd? Upstream?
> No, rpmforge. They package clamd to use /var/clamav and not /var/lib/clamav. There already have been discussions on their list in the last month/this months. See lists.rpmforge.net.
yeah, I'm even on that list too...
I was thinking that since /etc/selinux/.../file_contexts was part of the
distribution, and it already contained all but one context for the
various clam packages, that amendments to that file would come from
As for the rpmforge list, there was a request to use a modified spec
file to generate rpm's for clamav for this very same problem but it
isn't getting done.
I suppose if nothing else, someone who searches the CentOS list will
have the appropriate command to clean it up each time a new clamav is
chcon -t clamd_t /var/clamav -R
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the CentOS