On Mon, 2006-06-12 at 21:04 +0200, Peter Lesterhuis wrote: > > > > ith SELinux in permissive mode clamd started without problem. > > > In the graphical configuration tool of SELinux I found SELinux Service Protection; there I only had to check clamd. > > > Clamd is now also running in enforced mode (SELinux). > > > > > > Can you post the output of: > > > > # getsebool -a | grep clam > > > > I suspect all you've done is turn off SELinux protection of clamd (by > > setting the clamd_disable_trans boolean). If that's the case, there is a > > better way but it'll need more work. > # getsebool -a | grep clam > clamd_disable_trans --> on > clamscan_disable_trans --> off > freshclam_disable_trans --> off > > As you can see I am afraid that is the case. To fix it "properly" you'd need to put SELinux in permissive mode, turn off the clamd_disable_trans boolean and then find the "avc: denied" messages mentioning clamd in your log files when you start and use the service. By looking at those messages, we can figure out what's wrong and hopefully fix it. Paul.
