Hello again, On Tue, 6 Oct 2020, Matthew Campbell via clamav-users wrote:
The files in /user/ are private data and /user/ uses a separate file system ...
What is /user/ and how is it relevant?
I believe SELinux and AppArmor are both installed.
Look at the logs. If you do just the things that are widely recommended (it's more about behaviour than it is about clever system tweaks) then a Debian system doesn't need much help from you to be secure. If you tinker with it without really knowing what you're doing then the effects might be the opposite of what you intended, plus you risk breaking things. I think that's what's happened here. SELinux is very much more difficult to use than AppArmor and it will likely be a long time (years) before you can use SELinux effectively. In my experience they can cause the sort of problems you're seeing. I don't think you want to use both. I don't want to chase you down that particular rabbit-hole but you might want to read about them (but be alert, when reading, for the sound of axes being ground). Some links: https://security.stackexchange.com/questions/29378/comparison-between-apparmor-and-selinux https://www.tecmint.com/mandatory-access-control-with-selinux-or-apparmor-linux/ https://en.wikipedia.org/wiki/AppArmor https://en.wikipedia.org/wiki/Security-Enhanced_Linux#Comparison_with_AppArmor
Ged wrote: > > > You could remove all the clamav packages (there's more than one) > > > and purge them, then reinstall.
Ged added:
> Try it. But don't try anything clever, just let the package manager > do what it wants to do and let it install things where it wants to. > That way at least we'll have a reasonable idea of what you've done. > When you become more familiar with the system you can adjust things > to your needs if it's really necessary. But only if it's necessary.
Matthew replied:
I used: # apt install clamav-base clamav-daemon clamav-docs clamav-freshclam clamav-milter clamav-testfiles clamav clamdscan to install ClamAV, at least according to the list of installed packages.
But did you try to purge and reinstall in the way that I have (twice) suggested? This is the third (and last) time that I'll suggest that. I sense some reluctance, but it's trivial to do it on a Debian system unless you've thoroughly broken it in which case a reinstall might be the easiest and quickest option. Obviously you will need to copy any data that you're particularly fond of somewhere safe before doing it, but obviously you're already doing that with your daily backups. -- 73, Ged. _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
