Hi Rob, I'm facing the same issue. It's actually pretty easy to reproduce.
1) start clamd@scan service 2) login via ssh (with any user) 3) Error message shows up and clamd stops working In my opinion this is a bug and I will create a bug report. Did you find a workaround for this problem? Best regards, Jens -----Original Message----- From: Rob Fulton <r...@cow-frenzy.co.uk> Sent: Friday, December 14, 2018 4:55 PM To: clamav-users@lists.clamav.net Subject: [clamav-users] Using OnAccess scanning with Selinux Hi, I'm trying to run clamav with ScanOnAccess on the / mount on a box running selinux. I've enabled antivirus_can_scan_system in selinux but shortly after startup clamav stops scanning reporting the following : ERROR: ScanOnAccess: Internal error (failed to read data) ... Permission denied Initially I was getting no AVC events but discovered selinux dontaudit rules, on disabling these and making the antivirus context permissive, I can see a whole load of policy denials around access to /etc/shadow and /var/log/audit/audit.log. I'd like to avoid writing a whole load of custom policies around these individual files, I might be a constant task as the so gets updated Has anybody successfully run ScanOnAccess across the whole file system whilst having selinux enabled? Is there a way to tell clamav to continue after encountering a Permission Denied? Currently it appears clamav stops it's scanning and my box eventually grinds to a halt, I guess as the fanotify queue continues to build Any other suggestions on how to run the two together? Regards Rob _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
