Summary: SELinux is preventing /usr/sbin/clamd "getattr" access on /tmp/clamav-2a2044350823ca999d9180c38c989e08/COPYING. Detailed Description: [SELinux is in permissive mode. This access was not denied.] SELinux denied access requested by clamd. It is not expected that this access is required by clamd and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug report. Additional Information: Source Context system_u:system_r:clamd_t:s0 Target Context system_u:object_r:httpd_sys_rw_content_t:s0 Target Objects /tmp/clamav- 2a2044350823ca999d9180c38c989e08/COPYING [ file ] Source clamd Source Path /usr/sbin/clamd Port <Unknown> Host (removed) Source RPM Packages clamav-server-0.95.3-1301.fc13 Target RPM Packages Policy RPM selinux-policy-3.7.19-21.fc13 Selinux Enabled True Policy Type targeted Enforcing Mode Permissive Plugin Name catchall Host Name (removed) Platform Linux (removed) 2.6.33.5-112.fc13.x86_64 #1 SMP Thu May 27 02:28:31 UTC 2010 x86_64 x86_64 Alert Count 1 First Seen Thu 03 Jun 2010 09:42:16 AM EDT Last Seen Thu 03 Jun 2010 09:42:16 AM EDT Local ID b45fc172-76f2-447c-ab59-c809d3d9f775 Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1275572536.431:31): avc: denied { getattr } for pid=2380 comm="clamd" path="/tmp/clamav-2a2044350823ca999d9180c38c989e08/COPYING" dev=dm-0 ino=3278347 scontext=system_u:system_r:clamd_t:s0 tcontext=system_u:object_r:httpd_sys_rw_content_t:s0 tclass=file node=(removed) type=SYSCALL msg=audit(1275572536.431:31): arch=c000003e syscall=5 success=yes exit=0 a0=b a1=7ffff21e4eb0 a2=7ffff21e4eb0 a3=1e0 items=0 ppid=1 pid=2380 auid=4294967295 uid=485 gid=469 euid=485 suid=485 fsuid=485 egid=469 sgid=469 fsgid=469 tty=(none) ses=4294967295 comm="clamd" exe="/usr/sbin/clamd" subj=system_u:system_r:clamd_t:s0 key=(null) Hash String generated from catchall,clamd,clamd_t,httpd_sys_rw_content_t,file,getattr audit2allow suggests: #============= clamd_t ============== allow clamd_t httpd_sys_rw_content_t:file getattr;
*** This bug has been marked as a duplicate of bug 599545 ***