Stephan, I reinstalled as per instructions (also removing the previous fix of using apparmor complain) and it does function correctly.
thank you Greg ps I was only loading clamd directly looking for errors Stefan Lesicnik wrote: > Hi, > > I believe the fix for this is the addition of > > #include <abstractions/nameservice> > > in /etc/apparmor.d/usr.sbin.clamd. > > To test this: > > - start from a clean base > apt-get purge clamav clamav-base clamav-daemon > rm -rf /var/lib/clamav > > - install clamav > apt-get install clamav-daemon > > check clamd is running (ps -afx or the like) > process should be: /usr/sbin/clamd > > Modify clamd to use TCP 3310 and bind to localhost > Add > > TCPAddr localhost > TCPSocket 3310 > > to /etc/clamav/clamd.conf > > - Restart clamd > /etc/init.d/clamav-daemon restart > > This should segfault now due to the apparmor profile denying access to > tcp network related files (hosts, nsswitch resolve.conf etc) > > To resolve this > > Add > > #include <abstractions/nameservice> > > to /etc/apparmor.d/usr.sbin.clamd > > - Reload apparmor > /etc/init.d/apparmor reload > > - Restart clamd > /etc/init.d/clamav-daemon restart > > - This should now start correctly. > > clamdrib should also work correctly. > > > <aside> > Please correct me if I am wrong, but decided 'capability setuid' in this > case is not required as clamdscan has the ability to call a file to scan with > the - option. ie. clamdscan - <filename. which should run it in as the > current user, which i suspect clamdrib is doing therefore shouldnt be > necessary to setuid. > </aside> > > Greg - please note that calling clamd or sudo clamd as per your original > post is the incorrect way to start the daemon, as it should be started > as root via the init script (/etc/init.d/clamav-daemon) which will > result in the application dropping privileges to the clamav user. You > should be doing clamd --config-file=/etc/clamav/clamd.conf > > -- =================================== Greg Eden [EMAIL PROTECTED] -- clamd daemon fails to load https://bugs.launchpad.net/bugs/288942 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
