I've been able to figure out that running clamscan from cron.d works
with SELinux but rc.local doesn't and one has to use setenforce. I
managed to get enough material together to submit Bug #720223 as that
just doesn't seem right.
My system now does update and scan on reboot and then cron jobs to
periodically run both if my machine is up for a good while (still
sorting out good settings for "when")
I dug into SELinux and decided that it is a bit more than I am prepared
to experiment with. I get the general idea behind it, but the policy
rules are a bit much for a non-sysAdmin sort (and I don't want to run
audit2allow as a "catch-all" when the files that will be barking are
going to multiple over time, leading to patches on patches on patches).
I also filed a "sug" that clamscan should have a "test error" flag so
one can see what happens when it really finds something. Plus a grumble
that I found documentation lacking and almost everything I could get was
from the web from prior releases (f11, f8 or f9) and not a maintained site.
I wanted to thank everyone for their help as I did learn alot out of
this exercise (and hopefully more if I get an answer on my rc.local bug
users mailing list
To unsubscribe or change subscription options: