We're using LinuxShield 1.6.0 on a RHEL5 platform with SELinux enforcing. When an on-demand scan is scheduled or deleted the /etc/crontab file is updated. The update is changing the SELinux enforcing context from system_cron_spool_t to etc_t which keeps the cron.hourly, cron.weekly and orher crons in this file from executing. One must run the restorecon program on /etc/crontab to restore the context to system_cron_spool_t. How do I prevent scheduling/deleting on-demand scans from changing the context of the /etc/crontab file?
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.