I have a CentOS 7 server with SELinux, Apache2, ClamAV and php-clamav installed and configured.
Everything is working nice (after a lot of struggling with SELinux), apart from the fact I keep getting this annoying message in the error log whever I initialize clamAV from Apache (via php-clamav):
LibClamAV Warning: RWX mapping denied: Can't allocate RWX Memory: Permission denied LibClamAV Warning: Bytecode: disabling JIT because SELinux is preventing 'execmem' access. Run 'setsebool -P clamd_use_jit on'.
Also, every clamav script call is taking exactly 9 seconds, even cl_info(); or scanning a blank or nonexistent file which seems a long time to me, on a quad core, 2 gb ram server.
I already configured SELinux booleans antivirus_can_scan_system and antivirus_use_jit to ON. I even tried to set httpd_use_cifs to ON, to no effect, so I reverted to OFF to avoid security risks.
Obviously, I searched the Internet wide to understand the issue, learned a lot about SELinux, but I still can't get httpd call to clamd to use JIT. I almost resorted to disable clamd JIT entirely, but I would prefer to allow it instead, if (as I understand) this would make performances better.
Please give me some hint about what's going on. Thanks.