On Wed, 2006-06-28 at 22:23 +0100, Paul Howarth wrote: > On Wed, 2006-06-28 at 15:56 -0500, Marc Schwartz (via MN) wrote: <snip> > > > > There are no .forward files on my system at all, unless that is a temp > > file, which does not make sense location-wise. > > > > A Google search came up empty for that file, so I can only presume that > > there are certain configuration scenarios where the pipelining of > > e-mails would require that file. > > > > Since I am using clamassassin, I also searched through that script and > > noted nothing relevant here. > > > > Not sure what else to make of it. > > That might be dontaudit-able. Is /var/lib/clamav any user's home > directory? The /var/lib/clamav tree appears to be owned by 'clamav', both user and group: $ ls -l /var/lib total 264 ... drwxr-xr-x 2 clamav clamav 4096 Jun 28 11:00 clamav ... ls -l /var/lib/clamav total 8832 -rw-r--r-- 1 clamav clamav 4050 Jun 28 11:01 clamav-4d6166b710f63075 -rw-r--r-- 1 clamav clamav 3640966 Jun 9 16:49 clamav-651c96be267fc93e -rw-r--r-- 1 clamav clamav 380351 Jun 28 08:00 daily.cvd -rw-r--r-- 1 clamav clamav 4978654 Jun 9 18:00 main.cvd $ cat /etc/passwd | grep clamav clamav:x:100:101:Clamav database update user:/var/lib/clamav:/sbin/nologin $ cat /etc/group | grep clamav clamav:x:101: <snip> > > > > No further avc's at this time. > > > > Is it time to venture back into the Enforcing World once again? > > Give it a try. Bear in mind it may fail if any of the dontaudit rules > should be allows instead. I'll wait for any comments that you have on the above first. Thanks, Marc -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
