Description of problem: The SELinux configuration distributed with RHEL5 and CentOS5 isn't suitable for use with ClamAV. In the standard configuration, /var/run/clamd.* will be set to the system_u:object_r:var_run_t:s0 context, and clamd will fail to start on boot. It will, however, start if it is not run in the "proper" context. In order to correct the problem, the reference configuration for clamav should be included in the clamav-server package: http://oss.tresys.com/repos/refpolicy/trunk/policy/modules/services/clamav.fc Version-Release number of selected component (if applicable): clamav-server-0.93.3-1.el5 How reproducible: Always Steps to Reproduce: 1. # restorecon -Rv /var/run/clamd.* Actual results: # restorecon -Rv /var/run/clamd.courier/ restorecon reset /var/run/clamd.courier context system_u:object_r:clamd_var_run_t:s0->system_u:object_r:var_run_t:s0 Expected results: # restorecon -Rv /var/run/clamd.courier/ restorecon reset /var/run/clamd.courier context system_u:object_r:var_run_t:s0->system_u:object_r:clamd_var_run_t:s0
As a workaround: # chcon -Rv system_u:object_r:clamd_var_run_t /var/run/clamd.*
Daniel, can we maybe include the fixes for selinux-policy for RHEL 5.3?
Should already be in there. selinux-policy-2.4.6-178.el5 Try it out on http://people.redhat.com/dwalsh/SELinux/RHEL5
Gordon, Is this still an issue for you, looks like both clamav and selinux-policy have been updated significantly since you reported the bug
No response after a week, so closing this one off.
I appreciate your effort. I can confirm that this is no longer a problem. Thanks.