Re: rc.local question/problem (mostly solved)

I've been able to figure out that running clamscan from cron.d works with SELinux but rc.local doesn't and one has to use setenforce. I managed to get enough material together to submit Bug #720223 as that just doesn't seem right. My system now does update and scan on reboot and then cron jobs

Re: rc.local question/problem (partly solved w/ setenforce=0)

On 03Jul2011 19:00, Paul Allen Newell wrote: | > I expect it varies depending on what clamscan thinks is needs to scan | > each time. | > Do you run prelink? It hacks binaries about on a regular basis and may | > be causing clamscan to be more active. | | If I am running prelink, I don't know it.

Re: rc.local question/problem (partly solved w/ setenforce=0)

inline and at tail ... On 7/3/2011 6:22 PM, Cameron Simpson wrote: > On 03Jul2011 17:35, Paul Allen Newell wrote: > > > My habit for a virus scanner would be sbin; these days bin is for general > purpose commands which sbin is for administrative commands (eg setenforce) > and daemons (eg sshd). >

Re: rc.local question/problem (partly solved w/ setenforce=0)

On 03Jul2011 17:35, Paul Allen Newell wrote: | On 7/3/2011 5:15 PM, Cameron Simpson wrote: | > On 03Jul2011 15:02, Paul Allen Newell wrote: | > | On 7/3/2011 2:54 PM, Paul Morgan wrote: | > |>it really is bad form to run a script out of root's home | > |>directory. | > | > A little untidy, sure.

Re: rc.local question/problem (partly solved w/ setenforce=0)

On 7/3/2011 5:15 PM, Cameron Simpson wrote: > On 03Jul2011 15:02, Paul Allen Newell wrote: > | On 7/3/2011 2:54 PM, Paul Morgan wrote: > |>On Jul 3, 2011 5:38 PM, "Paul Allen Newell" |>> wrote: > |> > |>it really is bad form to run a script out of root's home > |>direct

Re: rc.local question/problem (partly solved w/ setenforce=0)

On 03Jul2011 15:02, Paul Allen Newell wrote: | On 7/3/2011 2:54 PM, Paul Morgan wrote: | >On Jul 3, 2011 5:38 PM, "Paul Allen Newell" > wrote: | > | >it really is bad form to run a script out of root's home | >directory. A little untidy, sure. But... | Perhaps put it i

Re: rc.local question/problem (partly solved w/ setenforce=0)

On 7/3/2011 2:54 PM, Paul Morgan wrote: On Jul 3, 2011 5:38 PM, "Paul Allen Newell" > wrote: it really is bad form to run a script out of root's home directory. Perhaps put it in /usr/sbin , restorecon, and leave selinux enforcing the whole time. -paul Yeah,

Re: rc.local question/problem (partly solved w/ setenforce=0)

On Jul 3, 2011 5:38 PM, "Paul Allen Newell" wrote: > > On 7/3/2011 12:53 AM, Cameron Simpson wrote: > > On 02Jul2011 22:26, Paul Allen Newell wrote: > > | On 7/2/2011 10:06 PM, Joe Zeff wrote: > > |> On 07/02/2011 09:45 PM, Cameron Simpson wrote: > > |>> That should be the case. (Of course, SEL

Re: rc.local question/problem (partly solved w/ setenforce=0)

On 7/3/2011 12:53 AM, Cameron Simpson wrote: > On 02Jul2011 22:26, Paul Allen Newell wrote: > | On 7/2/2011 10:06 PM, Joe Zeff wrote: > |> On 07/02/2011 09:45 PM, Cameron Simpson wrote: > |>> That should be the case. (Of course, SELinux can break anything - if you > > > You can put it into non-e

Re: rc.local question/problem (correction)

On 7/3/2011 12:35 PM, Paul Allen Newell wrote: > On 7/3/2011 12:53 AM, Cameron Simpson wrote: >> On 02Jul2011 22:26, Paul Allen Newell wrote: >> | On 7/2/2011 10:06 PM, Joe Zeff wrote: >> |> On 07/02/2011 09:45 PM, Cameron Simpson wrote: >> |>> That should be the case. (Of course, SELinux can br

Re: rc.local question/problem

On 7/3/2011 12:53 AM, Cameron Simpson wrote: > On 02Jul2011 22:26, Paul Allen Newell wrote: > | On 7/2/2011 10:06 PM, Joe Zeff wrote: > |> On 07/02/2011 09:45 PM, Cameron Simpson wrote: > |>> That should be the case. (Of course, SELinux can break anything - if you > > > You can put it into non-e

Re: rc.local question/problem

On 02Jul2011 22:24, Paul Allen Newell wrote: | inline and at tail ... As things should be :-) | On 7/2/2011 9:45 PM, Cameron Simpson wrote: | >On 02Jul2011 20:40, Paul Allen Newell wrote: [...] | >Thought: is clamscan setuid or something? | >If you get nowhere there, try stracing the clamscan r

Re: rc.local question/problem

On 02Jul2011 22:26, Paul Allen Newell wrote: | On 7/2/2011 10:06 PM, Joe Zeff wrote: | > On 07/02/2011 09:45 PM, Cameron Simpson wrote: | >> That should be the case. (Of course, SELinux can break anything - if you | >> run out of ideas you could turn it off to see if the behaviour changes.) | > I'

Re: rc.local question/problem

On 7/2/2011 10:06 PM, Joe Zeff wrote: > On 07/02/2011 09:45 PM, Cameron Simpson wrote: >> That should be the case. (Of course, SELinux can break anything - if you >> run out of ideas you could turn it off to see if the behaviour changes.) > I've had experience with SELinux issues. There's somethin

Re: rc.local question/problem

inline and at tail ... On 7/2/2011 9:45 PM, Cameron Simpson wrote: On 02Jul2011 20:40, Paul Allen Newell wrote: [...] Am I mistaken in thinking that I | can run any *.sh file in ~root in rc.local and it will be run as root | (meaning no permission problems). That should be the case. (Of course

Re: rc.local question/problem

On 07/02/2011 09:45 PM, Cameron Simpson wrote: > That should be the case. (Of course, SELinux can break anything - if you > run out of ideas you could turn it off to see if the behaviour changes.) I've had experience with SELinux issues. There's something about the Einstein@home work units that

Re: rc.local question/problem

On 02Jul2011 20:40, Paul Allen Newell wrote: | I am trying to run clamav from rc.local so it happens whenever I power | on and/or reboot. Script fails as though it can't open anything. Running | the script as root works like a champ. Am I mistaken in thinking that I | can run any *.sh file in ~

rc.local question/problem

I am trying to run clamav from rc.local so it happens whenever I power on and/or reboot. Script fails as though it can't open anything. Running the script as root works like a champ. Am I mistaken in thinking that I can run any *.sh file in ~root in rc.local and it will be run as root (meaning