Fedora 19 clamd jit in logwatch, uncertain if bug?
Douglas Brown
d46.brown at student.qut.edu.au
Sun Jul 7 02:23:47 UTC 2013
On 07/07/2013, at 3:47 AM, "Frank Murphy" <frankly3d at gmail.com> wrote:
> On Sat, 6 Jul 2013 22:24:35 +1000
> Douglas Brown <d46.brown at student.qut.edu.au> wrote:
>
>> Try this:
>>
>> First run: semanage dontaudit off
>>
>> Which will disable any 'dontaudit' rules.
>>
>> Rerun clam.
>>
>> Then: grep clam /var/log/audit/audit.log | audit2why
>>
>> semanage dontaudit on
>>
>> This *may* give you somewhere to start.
>>
>> Cheers,
>> Doug
>
> This came back will try it:
> grep clam /var/log/audit/audit.log | audit2why
> type=AVC msg=audit(1373130883.401:2868): avc: denied { execmem }
> for pid=1144 comm="clamd" scontext=system_u:system_r:antivirus_t:s0
> tcontext=system_u:system_r:antivirus_t:s0 tclass=process
>
> Was caused by:
> The boolean antivirus_use_jit was set incorrectly.
> Description:
> Determine whether can antivirus programs use JIT compiler.
>
> Allow access by executing:
> # setsebool -P antivirus_use_jit 1
Could you please also check the boolean is referenced using 'antivirus...' instead of 'clamav...' in the applicable man pages with apropos, then submit a bug report?
Cheers,
Doug
More information about the selinux
mailing list