bash에서 사용자 지정 clamscan( clamav)을 만들었고 셸에서 실행할 때 모든 작업은 괜찮지 만에서 실행 cron하면 로그 파일을 만들 수 없습니다.
다음은 오류입니다.
쉘에서 스크립트를 실행하면 문제없이 로그 파일이 생성됩니다.
질문 :
bash script적절한 파일을 쓸 수 있도록 어떻게해야 합니까?다음은 스크립트입니다.
#!/bin/bash
FILENAMEDATE=$(date +"%F")
/usr/bin/clamscan -i -r --log=/var/log/clamscan/weekly/clamscan-Test-$FILENAMEDATE.log /home/Username/Downloads >/dev/null 2>/dev/null
if [ $? -gt 0 ];
then
SUBJECT="Virus Report for `uname -n`, `date +%m-%d-%Y`"
mail -s "$SUBJECT" 'Email' < /var/log/clamscan/weekly/clamscan-Test-$FILENAMEDATE.log
fi
다음은 / etc / crontab입니다.
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO="Email"
# For details see man 4 crontabs
# Example of job definition:
# .---------------- minute (0 - 59)
# | .------------- hour (0 - 23)
# | | .---------- day of month (1 - 31)
# | | | .------- month (1 - 12) OR jan,feb,mar,apr ...
# | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# | | | | |
# * * * * * user-name command to be executed
56 13 * * * root /bin/bash /root/Scripts/clamscan
답을 찾았습니다.
이 시스템은 Fedora 20입니다.
SELinux는 clamscan이 시스템에 쓰기, 생성 등을하는 것을 거부했습니다.
따라서 clamscan 액세스 허용에 대한 SELinux 문제 해결사의 지침을 따르고 모든 액세스에 대해 반복하십시오. 또한 mailx에 대한 거부가 있었지만 프로세스에 표시되는 작업을 수행하지 않았습니다. 작동합니다!
다음은 SELinux 거부 중 두 가지입니다.
SELinux is preventing /usr/bin/mailx from ioctl access on the file .
***** Plugin catchall (100. confidence) suggests **************************
If you believe that mailx should be allowed ioctl access on the file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep mail /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp
Additional Information:
Source Context system_u:system_r:system_mail_t:s0-s0:c0.c1023
Target Context system_u:object_r:user_home_t:s0
Target Objects [ file ]
Source mail
Source Path /usr/bin/mailx
Port <Unknown>
Host Hostname
Source RPM Packages mailx-12.5-10.fc20.x86_64
Target RPM Packages
Policy RPM selinux-policy-3.12.1-183.fc20.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name Hostname
Platform Linux Hostname 3.16.2-200.fc20.x86_64 #1 SMP Mon
Sep 8 11:54:45 UTC 2014 x86_64 x86_64
Alert Count 1
First Seen 2014-09-16 17:42:37 GMT
Last Seen 2014-09-16 17:42:37 GMT
Local ID abc31a8e-345d-4d49-adf4-42cefab652a0
Raw Audit Messages
type=AVC msg=audit(1410889357.123:13483): avc: denied { ioctl } for pid=32125 comm="mail" path="PathToLogFile.log" dev="dm-3" ino=2760739 scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=0
type=SYSCALL msg=audit(1410889357.123:13483): arch=x86_64 syscall=ioctl success=no exit=EACCES a0=0 a1=5401 a2=7fff29623700 a3=8 items=0 ppid=32089 pid=32125 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=765 comm=mail exe=/usr/bin/mailx subj=system_u:system_r:system_mail_t:s0-s0:c0.c1023 key=(null)
Hash: mail,system_mail_t,user_home_t,file,ioctl
SELinux is preventing /usr/bin/clamscan from unlink access on the file .
***** Plugin catchall (100. confidence) suggests **************************
If you believe that clamscan should be allowed unlink access on the file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep clamscan /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp
Additional Information:
Source Context system_u:system_r:antivirus_t:s0-s0:c0.c1023
Target Context unconfined_u:object_r:user_home_t:s0
Target Objects [ file ]
Source clamscan
Source Path /usr/bin/clamscan
Port <Unknown>
Host Hostname
Source RPM Packages clamav-0.98.4-1.fc20.x86_64
Target RPM Packages
Policy RPM selinux-policy-3.12.1-183.fc20.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name Hostname
Platform Linux Hostname 3.16.2-200.fc20.x86_64 #1 SMP Mon
Sep 8 11:54:45 UTC 2014 x86_64 x86_64
Alert Count 1
First Seen 2014-09-16 18:28:11 GMT
Last Seen 2014-09-16 18:28:11 GMT
Local ID 513c5c73-1ca8-4715-8b6a-458010ede5bf
Raw Audit Messages
type=AVC msg=audit(1410892091.713:13684): avc: denied { unlink } for pid=1305 comm="clamscan" name="eicar.com.txt" dev="dm-4" ino=10769 scontext=system_u:system_r:antivirus_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=0
type=SYSCALL msg=audit(1410892091.713:13684): arch=x86_64 syscall=unlink success=no exit=EACCES a0=21fecf0 a1=3aa5db9a10 a2=0 a3=3a7478742e6d6f63 items=0 ppid=1302 pid=1305 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=792 comm=clamscan exe=/usr/bin/clamscan subj=system_u:system_r:antivirus_t:s0-s0:c0.c1023 key=(null)
Hash: clamscan,antivirus_t,user_home_t,file,unlink
이 기사는 인터넷에서 수집됩니다. 재 인쇄 할 때 출처를 알려주십시오.
침해가 발생한 경우 연락 주시기 바랍니다[email protected] 삭제
몇 마디 만하겠습니다