Hi Ralph,
Thanks for filing a bug.
I'm still unable to reproduce this problem inside a Jammy VM. I
installed clamav-daemon, rebooted the VM, but it still starts fine.
There's no apparmor denials on dmesg, and the service is being enforced:
# aa-status
apparmor module is loaded.
41 profiles are loaded.
41 profiles are in enforce mode.
/snap/snapd/21759/usr/lib/snapd/snap-confine
/snap/snapd/21759/usr/lib/snapd/snap-confine//mount-namespace-capture-helper
/usr/bin/freshclam
/usr/bin/man
/usr/lib/NetworkManager/nm-dhcp-client.action
/usr/lib/NetworkManager/nm-dhcp-helper
/usr/lib/connman/scripts/dhclient-script
/usr/lib/snapd/snap-confine
/usr/lib/snapd/snap-confine//mount-namespace-capture-helper
/usr/sbin/clamd
/{,usr/}sbin/dhclient
lsb_release
man_filter
man_groff
nvidia_modprobe
nvidia_modprobe//kmod
snap-update-ns.lxd
snap.lxd.activate
snap.lxd.benchmark
snap.lxd.buginfo
snap.lxd.check-kernel
snap.lxd.daemon
snap.lxd.hook.configure
snap.lxd.hook.install
snap.lxd.hook.remove
snap.lxd.lxc
snap.lxd.lxc-to-lxd
snap.lxd.lxd
snap.lxd.migrate
snap.lxd.user-daemon
tcpdump
ubuntu_pro_apt_news
ubuntu_pro_esm_cache
ubuntu_pro_esm_cache//apt_methods
ubuntu_pro_esm_cache//apt_methods_gpgv
ubuntu_pro_esm_cache//cloud_id
ubuntu_pro_esm_cache//dpkg
ubuntu_pro_esm_cache//ps
ubuntu_pro_esm_cache//ubuntu_distro_info
ubuntu_pro_esm_cache_systemctl
ubuntu_pro_esm_cache_systemd_detect_virt
0 profiles are in complain mode.
0 profiles are in kill mode.
0 profiles are in unconfined mode.
2 processes have profiles defined.
2 processes are in enforce mode.
/usr/bin/freshclam (370)
/usr/sbin/clamd (643)
0 processes are in complain mode.
0 processes are unconfined but have a profile defined.
0 processes are in mixed mode.
0 processes are in kill mode.
# systemctl status clamav-daemon.service
● clamav-daemon.service - Clam AntiVirus userspace daemon
Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled; vendor
preset: enabled)
Drop-In: /etc/systemd/system/clamav-daemon.service.d
└─extend.conf
Active: active (running) since Wed 2024-08-21 18:32:06 UTC; 1min 47s ago
Docs: man:clamd(8)
man:clamd.conf(5)
https://docs.clamav.net/
Process: 641 ExecStartPre=/bin/mkdir -p /run/clamav (code=exited,
status=0/SUCCESS)
Process: 642 ExecStartPre=/bin/chown clamav /run/clamav (code=exited,
status=0/SUCCESS)
Main PID: 643 (clamd)
Tasks: 2 (limit: 4713)
Memory: 1.3G
CPU: 13.104s
CGroup: /system.slice/clamav-daemon.service
└─643 /usr/sbin/clamd --foreground=true
Aug 21 18:32:20 j-clamav clamd[643]: Wed Aug 21 18:32:20 2024 -> Portable
Executable support enabled.
Aug 21 18:32:20 j-clamav clamd[643]: Wed Aug 21 18:32:20 2024 -> ELF support
enabled.
Aug 21 18:32:20 j-clamav clamd[643]: Wed Aug 21 18:32:20 2024 -> Mail files
support enabled.
Aug 21 18:32:20 j-clamav clamd[643]: Wed Aug 21 18:32:20 2024 -> OLE2 support
enabled.
Aug 21 18:32:20 j-clamav clamd[643]: Wed Aug 21 18:32:20 2024 -> PDF support
enabled.
Aug 21 18:32:20 j-clamav clamd[643]: Wed Aug 21 18:32:20 2024 -> SWF support
enabled.
Aug 21 18:32:20 j-clamav clamd[643]: Wed Aug 21 18:32:20 2024 -> HTML support
enabled.
Aug 21 18:32:20 j-clamav clamd[643]: Wed Aug 21 18:32:20 2024 -> XMLDOCS
support enabled.
Aug 21 18:32:20 j-clamav clamd[643]: Wed Aug 21 18:32:20 2024 -> HWP3 support
enabled.
Aug 21 18:32:20 j-clamav clamd[643]: Wed Aug 21 18:32:20 2024 -> Self checking
every 3600 seconds.
# ls -l /var/run/clamav/
total 0
srw-rw-rw- 1 clamav clamav 0 Aug 21 18:32 clamd.ctl
Are you able to reproduce this problem in a pristine environment? We
need a reproducer for this problem, otherwise there's little we can do.
Thanks.
** Changed in: clamav (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2076875
Title:
creation of directory /var/run/clamav blocked by apparmor
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/clamav/+bug/2076875/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
