Hi,
On Wed, Aug 25, 2010 at 10:17 AM, Arthur Dent
<misc.lists(a)blueyonder.co.uk> wrote:
Do you speak perl?
I do. At least some.
This is an extract of the clamdwatch script:
# "CONFIG" section
#
# $Socket values:
# = "3310" (as in the tcp port; make sure $ip is correct if you use this)
# = "/path/to/clamd/socket"
my $Socket = $options{s} || "/var/run/clamd/clamd.sock";
my $log = $options{l} || 0;
my $ip = "127.0.0.1";
my $timeout = $options{t} || 15;
my $lockFile = $options{L} || "/var/lock/subsys/clamd";
my $quiet = $options{q} || 0;
my $sock;
# reversed eicar
my $data =
"*H+H\$!ELIF-TSET-SURIVITNA-DRADNATS-RACIE\$}7)CC7)^P(45XZP\\4\[PA\@\%P!O5X";
srand;
my ($fh, $tempFile) = mkstemp( "/tmp/clamdwatch-XXXXXXXXXXXXXXXX" );
chmod('0644', $tempFile);
Could we change that line to add a chcon command?
You just need to enclose it in backquotes (`). So something like this
`chcon -t clamd_tmp_t $templfile` would result in:
my $data =
"*H+H\$!ELIF-TSET-SURIVITNA-DRADNATS-RACIE\$}7)CC7)^P(45XZP\\4\[PA\@\%P!O5X";
srand;
my ($fh, $tempFile) = mkstemp( "/tmp/clamdwatch-XXXXXXXXXXXXXXXX" );
`chcon -t clamd_tmp_t $tempFile`
chmod('0644', $tempFile);
However, I think that the mkstemp call is failing since I think this
script cannot write into the /tmp/ directory. You may need to do
something like create a /tmp/clamd/ directory and give it a
clamd_tmp_t type.
Jason