On Sat, 2020-01-11 at 19:28 -0600, Chris wrote:
> On Sat, 2020-01-11 at 12:09 +0000, G.W. Haywood via clamav-users
> wrote:
> > Hi there,
> >
> > On Fri, 10 Jan 2020, Chris via clamav-users wrote:
> >
> > > Since upgrading to 0.102.1+dfsg-0ubuntu0.18.04.2 this past
> > > Wednesday
> > > I'm seeing the above error in my syslog. I see the same error if
> > > I
> > > set
> > > the temporary path to /var/tmp
> > >
> > > clamd[25154]: LibClamAV Error: cli_gentempfd_with_prefix: Can't
> > > create
> > > temporary file /var/tmp/clamav-
> > > f297c096fb16292e8547120761d949f3.tmp:
> > > Permission denied
> > >
> > > Permissions for /var/tmp are
> > > drwxrwxrwt 13 root root 12288 Jan 10 19:26 tmp
> > >
> > > and for /var/lib/clamav
> > > drwxrwxr-x 3 clamav clamav 4096 Jan 10 18:04
> > > clamav
> > >
> > > Any suggestions?
> >
> > Check the list archives, I think this has been discussed recently.
> >
Looking further down the syslog I saw:
kernel: [3544249.137987] audit: type=1400 audit(1578844048.198:831):
apparmor="DENIED" operation="mknod" profile="/usr/sbin/clamd"
name="/var/tmp/clamav-193c3ff1e7ed9bea9a0953339c8480be.tmp" pid=602
comm="clamd" requested_mask="c" denied_mask="c" fsuid=121 ouid=121
This was from early this morning after I'd changed the path to the tmp
directory to /var/tmp in /etc/clamd.conf to see if it made a difference
after restarting the clamav-daemon, which it didn't. Doing some more
'Googling' I came across this Ubuntu bug report:
https://bugs.launchpad.net/ubuntu/+source/clamav/+bug/1839767
Though it didn't specifically address my problem it gave me an idea.
Taking a look at /etc/apparmor.d/usr.sbin.clamd I saw these lines:
/tmp/ rw,
/tmp/** krw,
I added these two lines under those above:
/var/tmp rw,
/var/tmp/** krw,
then ran
sudo apparmor_parser -r /etc/apparmor.d/usr.sbin.clamd and restarted
the daemon.
So far that seems to have fixed the problem. I imagine I wouldn't have
had to go through this if I'd made the tmp folder just /tmp since it
was already set in the /etc/apparmor.d/usr.sbin.clamd file.
Chris
--
Chris
31.11972; -97.90167 (Elev. 1092 ft)
15:15:11 up 41 days, 5:58, 1 user, load average: 1.14, 0.89, 0.71
Description: Ubuntu 18.04.3 LTS, kernel 5.0.0-37-generic
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
> On Sat, 2020-01-11 at 12:09 +0000, G.W. Haywood via clamav-users
> wrote:
> > Hi there,
> >
> > On Fri, 10 Jan 2020, Chris via clamav-users wrote:
> >
> > > Since upgrading to 0.102.1+dfsg-0ubuntu0.18.04.2 this past
> > > Wednesday
> > > I'm seeing the above error in my syslog. I see the same error if
> > > I
> > > set
> > > the temporary path to /var/tmp
> > >
> > > clamd[25154]: LibClamAV Error: cli_gentempfd_with_prefix: Can't
> > > create
> > > temporary file /var/tmp/clamav-
> > > f297c096fb16292e8547120761d949f3.tmp:
> > > Permission denied
> > >
> > > Permissions for /var/tmp are
> > > drwxrwxrwt 13 root root 12288 Jan 10 19:26 tmp
> > >
> > > and for /var/lib/clamav
> > > drwxrwxr-x 3 clamav clamav 4096 Jan 10 18:04
> > > clamav
> > >
> > > Any suggestions?
> >
> > Check the list archives, I think this has been discussed recently.
> >
Looking further down the syslog I saw:
kernel: [3544249.137987] audit: type=1400 audit(1578844048.198:831):
apparmor="DENIED" operation="mknod" profile="/usr/sbin/clamd"
name="/var/tmp/clamav-193c3ff1e7ed9bea9a0953339c8480be.tmp" pid=602
comm="clamd" requested_mask="c" denied_mask="c" fsuid=121 ouid=121
This was from early this morning after I'd changed the path to the tmp
directory to /var/tmp in /etc/clamd.conf to see if it made a difference
after restarting the clamav-daemon, which it didn't. Doing some more
'Googling' I came across this Ubuntu bug report:
https://bugs.launchpad.net/ubuntu/+source/clamav/+bug/1839767
Though it didn't specifically address my problem it gave me an idea.
Taking a look at /etc/apparmor.d/usr.sbin.clamd I saw these lines:
/tmp/ rw,
/tmp/** krw,
I added these two lines under those above:
/var/tmp rw,
/var/tmp/** krw,
then ran
sudo apparmor_parser -r /etc/apparmor.d/usr.sbin.clamd and restarted
the daemon.
So far that seems to have fixed the problem. I imagine I wouldn't have
had to go through this if I'd made the tmp folder just /tmp since it
was already set in the /etc/apparmor.d/usr.sbin.clamd file.
Chris
--
Chris
31.11972; -97.90167 (Elev. 1092 ft)
15:15:11 up 41 days, 5:58, 1 user, load average: 1.14, 0.89, 0.71
Description: Ubuntu 18.04.3 LTS, kernel 5.0.0-37-generic
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml