When using onaccess scanning together with selinux, it seems these
2 are not sufficient:
setsebool -P antivirus_can_scan_system 1
setsebool -P clamd_use_jit 1
Onaccess scanning will still fail to initialize (at least when
launched via systemd). Currently I added this:
semanage permissive -a antivirus_t
But I presume that's in fact a little too much. There's no real doc
found at clamav concerning selinux either, so could someone shed a
light on this?
Franky
2 are not sufficient:
setsebool -P antivirus_can_scan_system 1
setsebool -P clamd_use_jit 1
Onaccess scanning will still fail to initialize (at least when
launched via systemd). Currently I added this:
semanage permissive -a antivirus_t
But I presume that's in fact a little too much. There's no real doc
found at clamav concerning selinux either, so could someone shed a
light on this?
Franky