Hello all,
does anybody know, how to resolve clamav and SElinux conflict?
System:
Fedora Core 5 + updates
Packages:
selinux-policy-2.2.47-3.fc5
selinux-policy-targeted-2.2.47-3.fc5
/etc/sysconfig/selinux:
SELINUX=enforcing
SELINUXTYPE=targeted
Look at line avc: denied { search } for pid=3357
The errors from audit logs:
type=USER_START msg=audit(1152734866.324:44): user pid=3336 uid=0
auid=4294967295 subj=user_u:system_r:initrc_t:s0 msg='PAM: session open
acct=clamav : exe="/sbin/runuser" (hostname=?, addr=?, terminal=pts/2
res=success)'
type=CRED_ACQ msg=audit(1152734866.328:45): user pid=3336 uid=0
auid=4294967295 subj=user_u:system_r:initrc_t:s0 msg='PAM: setcred
acct=clamav : exe="/sbin/runuser" (hostname=?, addr=?, terminal=pts/2
res=success)'
type=AVC msg=audit(1152734866.460:46): avc: denied { search } for
pid=3357 comm="clamd" scontext=user_u:system_r:clamd_t:s0
tcontext=system_u:object_r:sysctl_kernel_t:s0 tclass=dir
type=SYSCALL msg=audit(1152734866.460:46): arch=40000003 syscall=149
success=no exit=-1 a0=bfd77570 a1=4495aff4 a2=44a4ee00 a3=bfd77568
items=0 pid=3357 auid=4294967295 uid=46 gid=46 euid=46 suid=46 fsuid=46
egid=46 sgid=46 fsgid=46 tty=(none) comm="clamd" exe="/usr/sbin/clamd"
subj=user_u:system_r:clamd_t:s0
type=CRED_DISP msg=audit(1152734870.479:47): user pid=3336 uid=0
auid=4294967295 subj=user_u:system_r:initrc_t:s0 msg='PAM: setcred
acct=clamav : exe="/sbin/runuser" (hostname=?, addr=?, terminal=pts/2
res=success)'
type=USER_END msg=audit(1152734870.515:48): user pid=3336 uid=0
auid=4294967295 subj=user_u:system_r:initrc_t:s0 msg='PAM: session close
acct=clamav : exe="/sbin/runuser" (hostname=?, addr=?, terminal=pts/2
res=success)'
Regs
Petr
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
