Dave, Now that you mention it, James Ralston put in a request to get the policy updated awhile back.
Did a bit of searching and here's the bug report detailing the root of the problem and a local policy fix which should resolve the policy issue for everyone in the interim: https://bugzilla.redhat.com/show_bug.cgi?id=1464269 Hope that helps, - Mickey On Tue, Feb 19, 2019 at 11:49 AM Dave Lahn <david.l...@forward3d.com> wrote: > Mickey, > > Do you know what needs to be updated in the policies? > > Best regards, > Dave > > On Thu, 14 Feb 2019 at 15:59, Mickey Sola <ms...@sourcefire.com> wrote: > >> Hi all, >> >> I couldn't get this issue to reproduce on my test system, but I've put >> together a very quick and dirty patch that *should* allow for clamd to >> recover from an unexpected SELinux denial. It's not an ideal fix, but I'm >> hoping it'll work as intended and will fit your needs until the policy is >> updated. I've attached the patch here. Hoping you guys can test it out, >> since I can't get the issue to reproduce reliably on a stock CentOS 7.6 >> install. >> >> - Mickey >> >> On Thu, Feb 14, 2019 at 10:54 AM Dave Lahn <david.l...@forward3d.com> >> wrote: >> >>> Hi, >>> >>> We are also seeing the same issue. Did anyone make any progress with >>> this? >>> >>> The odd thing is, we aren't even seeing any denials in the audit log for >>> SELinux, and we have the SELinux booleans set for ClamAV. >>> >>> When we try to do exclusions, we are also seeing things like this: >>> >>> "Permission denied to stat /proc/1111 to exclude UIDs... perhaps SELinux >>> denial?" >>> >>> -- >>> *David Lahn* >>> DevOps Engineer >>> Development >>> _______________________________________________ >>> clamav-users mailing list >>> clamav-users@lists.clamav.net >>> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users >>> >>> >>> Help us build a comprehensive ClamAV guide: >>> https://github.com/vrtadmin/clamav-faq >>> >>> http://www.clamav.net/contact.html#ml >>> >> _______________________________________________ >> clamav-users mailing list >> clamav-users@lists.clamav.net >> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users >> >> >> Help us build a comprehensive ClamAV guide: >> https://github.com/vrtadmin/clamav-faq >> >> http://www.clamav.net/contact.html#ml >> > > > -- > *David Lahn* > DevOps Engineer > Development > . > . > *FORWARD3D* > <http://www.forward3d.com/?utm_source=Email-Signature&utm_campaign=staff-email-sigs&utm_content=F3D-URL> > NEWS - > <http://www.forward3d.com/news/latest/?utm_campaign=staff-email-sigs&utm_content=News&utm_source=email> > EVENTS > - > <http://www.forward3d.com/events/?utm_source=email&utm_campaign=staff-email-sigs&utm_content=Events> > OFFICES > <http://www.forward3d.com/contact/london?utm_source=email&utm_campaign=staff-email-sigs&utm_content=Offices> > Data Protection Policy > <http://www.forward3d.com/terms-and-conditions/?utm_source=email&utm_campaign=staff-email-sigs&utm_content=Data-Policy> > . > Forward3D and PMX Agency <http://www.pmxagency.com> are uniting as > ForwardPMX! <http://www.forwardpmx.com> > . > *PART OF THE STAGWELL GROUP * > <http://www.stagwellgroup.com/?utm_source=F3D-Staff-Email-Signature&utm_campaign=Stagwell-URL> > _______________________________________________ > clamav-users mailing list > clamav-users@lists.clamav.net > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml >
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
