Displaying 3 results from an estimated 3 matches for "clamd_var_lib_t".
2009 Apr 15
2
SELinux and "i_stream_read() failed: Permission denied"
..._t:dir search;
#============= postfix_local_t ==============
allow postfix_local_t home_root_t:file { create getattr link unlink write };
allow postfix_local_t admin_home_t:dir { create read write };
allow postfix_local_t home_root_t:dir { add_name create remove_name write };
allow postfix_local_t clamd_var_lib_t:dir { add_name create remove_name \
rename setattr write read };
allow postfix_local_t clamd_var_lib_t:file { create link lock read rename \
getattr setattr unlink write };
allow postfix_local_t home_root_t:dir { rename setattr };
allow postfix_local_t self:capability { sys_nice chown };
allow po...
2014 Dec 12
0
More avc's wrt to email
...see are these:
audit2allow -l -a
#============= amavis_t ==============
allow amavis_t sysfs_t:dir read;
allow amavis_t sysfs_t:file open;
#============= clamscan_t ==============
#!!!! The source type 'clamscan_t' can write to a 'dir' of the following types:
# clamscan_tmp_t, clamd_var_lib_t, tmp_t, root_t
allow clamscan_t amavis_spool_t:dir write;
#============= postfix_smtp_t ==============
allow postfix_smtp_t postfix_spool_maildrop_t:file open;
#============= spamd_t ==============
allow spamd_t etc_runtime_t:file append;
Is there anything wrong with just creating a local poli...
2009 Apr 03
2
clamav and selinux
...is ignored...
# grep clam /etc/selinux/targeted/contexts/files/file_contexts
/etc/clamav(/.*)? system_u:object_r:clamd_etc_t:s0
/var/run/clamd.* system_u:object_r:clamd_var_run_t:s0
/var/run/clamav.* system_u:object_r:clamd_var_run_t:s0
/var/lib/clamav(/.*)? system_u:object_r:clamd_var_lib_t:s0
/var/log/clamav(/.*)? system_u:object_r:clamd_var_log_t:s0
/var/run/amavis(d)?/clamd\.pid --
system_u:object_r:clamd_var_run_t:s0
/var/log/clamav/freshclam.* --
system_u:object_r:freshclam_var_log_t:s0
/usr/sbin/clamd -- system_u:object_r:clamd_exec_t:s0
/usr/bin/clamscan --...