View Issue Details

IDProjectCategoryView StatusLast Update
0015943CentOS-7selinux-policypublic2019-03-22 19:32
ReporterNigel Aves 
PrioritynormalSeverityminorReproducibilityhave not tried
Status newResolutionopen 
PlatformOSOS Version7
Product Version 
Target VersionFixed in Version 
Summary0015943: SELinux is preventing clamscan from 'write' accesses on the file /tmp/clamwrapper.16585.
DescriptionDescription of problem:
This was from a fresh install. I was actually in Firefox at the time.

No idea what cause is. Stated I should report as "bug".
SELinux is preventing clamscan from 'write' accesses on the file /tmp/clamwrapper.16585.

***** Plugin catchall (100. confidence) suggests **************************

If you believe that clamscan should be allowed write access on the clamwrapper.16585 file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'clamscan' --raw | audit2allow -M my-clamscan
# semodule -i my-clamscan.pp

Additional Information:
Source Context system_u:system_r:antivirus_t:s0
Target Context system_u:object_r:procmail_tmp_t:s0
Target Objects /tmp/clamwrapper.16585 [ file ]
Source clamscan
Source Path clamscan
Port <Unknown>
Host (removed)
Source RPM Packages
Target RPM Packages
Policy RPM selinux-policy-3.13.1-229.el7_6.9.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Permissive
Host Name (removed)
Platform Linux (removed) 5.0.3-1.el7.elrepo.x86_64 #1 SMP
                              Tue Mar 19 09:51:25 EDT 2019 x86_64 x86_64
Alert Count 4
First Seen 2019-03-22 13:22:27 MDT
Last Seen 2019-03-22 13:23:28 MDT
Local ID 0fb03c0e-789c-47ba-93cb-5a34cd489478

Raw Audit Messages
type=AVC msg=audit(1553282608.304:741): avc: denied { write } for pid=16587 comm="clamscan" path="/tmp/clamwrapper.16585" dev="dm-3" ino=143 scontext=system_u:system_r:antivirus_t:s0 tcontext=system_u:object_r:procmail_tmp_t:s0 tclass=file permissive=1


type=AVC msg=audit(1553282608.304:741): avc: denied { read } for pid=16587 comm="clamscan" path="pipe:[174225]" dev="pipefs" ino=174225 scontext=system_u:system_r:antivirus_t:s0 tcontext=system_u:system_r:postfix_local_t:s0 tclass=fifo_file permissive=1


type=AVC msg=audit(1553282608.304:741): avc: denied { write } for pid=16587 comm="clamscan" path="pipe:[174225]" dev="pipefs" ino=174225 scontext=system_u:system_r:antivirus_t:s0 tcontext=system_u:system_r:postfix_local_t:s0 tclass=fifo_file permissive=1


type=AVC msg=audit(1553282608.304:741): avc: denied { write } for pid=16587 comm="clamscan" path="pipe:[48392]" dev="pipefs" ino=48392 scontext=system_u:system_r:antivirus_t:s0 tcontext=system_u:system_r:postfix_master_t:s0 tclass=fifo_file permissive=1


Hash: clamscan,antivirus_t,procmail_tmp_t,file,write

Version-Release number of selected component:
selinux-policy-3.13.1-229.el7_6.9.noarch
Additional Informationreporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 5.0.3-1.el7.elrepo.x86_64
reproducible: Not sure how to reproduce the problem
type: libreport
TagsNo tags attached.
abrt_hash157515a716cb1250c48a0afb22f06a95f1da03289c9f30cabcac67450041887c
URL

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2019-03-22 19:32 Nigel Aves New Issue