selinux-clamav was causing errors in attempting to load policy until I also emerged selinux-spamassassin and selinux-apache, which I thought my be a good bet after looking at the error messages I was seeing. Reproducible: Always Steps to Reproduce: 1.ensure neither selinux-spamassassin nor selinux-apache are present 2.emerge selinux-clamav 3.attempt to make and load the policy (if not already configured to occur during emerge) Actual Results: Got this error when loading policy: /usr/bin/checkpolicy: loading policy configuration from /etc/security/selinux/src/policy.conf domains/program/clamav.te:38:ERROR 'unknown type spamd_t' at token ';' on line 26800: allow spamd_t spamd_var_run_t:sock_file unlink; /usr/bin/checkpolicy: error(s) encountered while parsing configuration make: *** [/etc/security/selinux/policy.18] Error 1 make: Leaving directory `/etc/security/selinux/src/policy' Looking at the error I thought it might be worth merging selinux-spamassassin and then trying again. This time the error was slightly different: /usr/bin/checkpolicy: loading policy configuration from /etc/security/selinux/src/policy.conf domains/program/clamav.te:55:ERROR 'unknown type http_port_t' at token ';' on line 33076: allow freshclam_t http_port_t:tcp_socket name_connect; #line 55 /usr/bin/checkpolicy: error(s) encountered while parsing configuration make: *** [/etc/security/selinux/policy.18] Error 1 make: Leaving directory `/etc/security/selinux/src/policy' Having had partial success from the last attempt I now decided trying to merge selinux-apache before once again attempting selinux-clamav and loading the policy. This time it worked as expected without errors. Expected Results: Installed and allowed the policy to load successfully first time. Probably by specifying sec-policy/selinux-spamassassin and sec-policy/selinux-apache as dependencies in sec-policy/selinux-clamav ebuild I suppose. Here is my emerge info: Gentoo Base System version 1.6.12 Portage 2.0.51.22-r1 (selinux/2004.1/x86/hardened, gcc-3.3.5-20050130, glibc- 2.3.4.20041102-r1, 2.6.11-hardened-r15 i686) ================================================================= System uname: 2.6.11-hardened-r15 i686 Pentium II (Deschutes) dev-lang/python: 2.3.5 sys-apps/sandbox: 1.2.10 sys-devel/autoconf: 2.13, 2.59-r6 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.5 sys-devel/binutils: 2.15.92.0.2-r10 sys-devel/libtool: 1.5.18-r1 virtual/os-headers: 2.6.8.1-r1, 2.6.11-r2 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -mcpu=pentium2 -pipe -fomit-frame-pointer" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config /usr/share /config /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-O2 -mcpu=pentium2 -pipe -fomit-frame-pointer" DISTDIR="/distfiles" FEATURES="autoconfig distlocks loadpolicy sandbox selinux sfperms strict" GENTOO_MIRRORS="http://www.lspeed.org/gentoo_portage/" LINGUAS="en_GB" PKGDIR="/usr/portage_packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="berkdb crypt cups curl dlloader exiscan-acl gdbm gpm hardened kerberos ldap lzo mmx mysql ncurses nls nptl pam perl pic png python readline samba selinux snmp ssl symlink syslog tcpd tiff winbind x86 xml2 zlib linguas_en_GB userland_GNU kernel_linux elibc_glibc" Unset: ASFLAGS, CTARGET, LANG, LC_ALL, LDFLAGS, MAKEOPTS
fixed in selinux-clamav-20050712 thanks for the bug report