On 08/25/2010 08:13 PM, Arthur Dent wrote: > On Mon, 2010-08-23 at 20:50 +0200, Dominick Grift wrote: > >> >> open your ~/myclamd/myclamd.te file and append the following: >> >> gen_require(` >> type clamscan_t; >> ') >> >> procmail_rw_tmp_files(clamscan_t) >> mta_read_queue(clamscan_t) >> >> >> Then rebuild be binary representation and reinstall it: >> >> cd ~/myclamd; >> make -f /usr/share/selinux/devel/Makefile myclamd.pp >> sudo semodule -i myclamd.pp >> >> Next rebuild the policy with the hidden denials loaded. >> >> sudo semodule -B > > I'm afraid we're still not quite there yet... > > This is from /var/log/clamd.log: > Wed Aug 25 18:27:05 2010 -> WARNING: Control message truncated, no control data received, 1 bytes read(Is SELinux/AppArmor enabled, and blocking file descriptor passing?) > Wed Aug 25 18:27:05 2010 -> WARNING: Error condition on fd 9 > > I have no idea what fd 9 is. Probably a file descriptor we missed. run semodule -DB to unload hidden denials, try to reproduce it and send the AVC denials you are getting so that we can review them and fix it. > I also still have a problem with clamdwatch, but I'll deal with that in > a separate posting. > > Thanks for your patience and help. > > Mark > > > > > > -- > selinux mailing list > selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux
Attachment:
signature.asc
Description: OpenPGP digital signature
-- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
