>From: Rob MacGregor [mailto:rob.macgre...@gmail.com] ><---SNIP---> >> When I invoke clamdscan [filename or folder] I get >> dpatt...@quarantine:~$ clamdscan po.conf >> /home/dpatters/po.conf: Access denied. ERROR >> >> This happens on all directories except /tmp. My directories are world >> readable and executable, as are the files. The clamd user is clamav. > >So, the user clamav almost certainly doesn't have access to the file. > Have you considered using clamscan (as a user with access to the >file) instead?
All directories except /tmp - that feels suspiciously like SELinux not allowing anything in the clamd_t context to access files outside tmp_t. From a quick look at the CentOS 5.2 SELinux rules for clamd_t, it should allow you to scan /etc too - which isn't going to be very useful. Clamscan appears to run in unconfined_t when started from the command line, so it should work. Hey, while answering this I discovered how to query SELinux's type transition rules: "sesearch -t clamd_exec_t --type"! Moray. "To err is human. To purr, feline" _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
