Summary: SELinux is preventing /usr/sbin/clamd "getattr" access on /tmp/tfxGeNP4. Detailed Description: SELinux denied access requested by clamd. It is not expected that this access is required by clamd and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug report. Additional Information: Source Context system_u:system_r:clamd_t:s0 Target Context system_u:object_r:initrc_tmp_t:s0 Target Objects /tmp/tfxGeNP4 [ file ] Source clamd Source Path /usr/sbin/clamd Port <Unknown> Host (removed) Source RPM Packages clamav-server-0.95.3-1301.fc13 Target RPM Packages Policy RPM selinux-policy-3.7.19-33.fc13 Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Plugin Name catchall Host Name (removed) Platform Linux (removed) 2.6.33.6-147.fc13.x86_64 #1 SMP Tue Jul 6 22:32:17 UTC 2010 x86_64 x86_64 Alert Count 131 First Seen Vi 02 iul 2010 07:51:51 +0000 Last Seen Sb 10 iul 2010 12:08:17 +0000 Local ID 3994b38e-5971-43e7-bffd-800dccceb3a1 Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1278752897.291:30915): avc: denied { getattr } for pid=2659 comm="clamd" path="/tmp/tfxGeNP4" dev=dm-0 ino=787219 scontext=system_u:system_r:clamd_t:s0 tcontext=system_u:object_r:initrc_tmp_t:s0 tclass=file node=(removed) type=SYSCALL msg=audit(1278752897.291:30915): arch=c000003e syscall=6 success=no exit=-13 a0=c48fd0 a1=7fe947ffebd0 a2=7fe947ffebd0 a3=ffffffffffffff92 items=0 ppid=1 pid=2659 auid=4294967295 uid=487 gid=474 euid=487 suid=487 fsuid=487 egid=474 sgid=474 fsgid=474 tty=(none) ses=4294967295 comm="clamd" exe="/usr/sbin/clamd" subj=system_u:system_r:clamd_t:s0 key=(null) Hash String generated from catchall,clamd,clamd_t,initrc_tmp_t,file,getattr audit2allow suggests: #============= clamd_t ============== allow clamd_t initrc_tmp_t:file getattr;
*** This bug has been marked as a duplicate of bug 612327 ***