Giving a process cap_sys_admin is effectively giving it root, which is
something we don't want to do. This means there is no good way to
support OnAccess by default.
Allowing cap_sys_admin via AppArmor also kind of defeats the purpose of
AppArmor, as the capability is so wide, so I doubt the chang
** Changed in: clamav (Ubuntu)
Status: New => Triaged
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1842695
Title:
ClamAV AppArmor profiles are incorrect in 0.100.3
To manage notifications a
** Tags removed: server-triage-discuss
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1842695
Title:
ClamAV AppArmor profiles are incorrect in 0.100.3
To manage notifications about this bug go to:
h
Thanks for your report and for providing the relevant logs. This can be
reproduced fairly easily by installing the auditd and clamav packages
(unprivileged LXD containers can't run auditd, I used a VM). The
OnAccess scanning mode can be enabled by setting
LocalSocketGroup root
User root
Scan
