Package: clamav-daemon Version: 0.100.2+dfsg-1 Severity: normal File: /etc/apparmor.d/usr.sbin.clamd Usertags: apparmor
When I restart clamav-daemon I get two apparmor denials in syslog: AVC apparmor="DENIED" operation="capable" profile="/usr/sbin/clamd" pid=13277 comm="clamd" capability=12 capname="net_admin" AVC apparmor="DENIED" operation="open" profile="/usr/sbin/clamd" name="/etc/ssl/openssl.cnf" pid=13277 comm="clamd" requested_mask="r" denied_mask="r" fsuid=111 ouid=0 -- Package-specific info: --- configuration --- Checking configuration files in /etc/clamav Config file: clamd.conf ----------------------- BlockMax disabled PreludeEnable disabled PreludeAnalyzerName = "ClamAV" LogFile = "/var/log/clamav/clamav.log" LogFileUnlock disabled LogFileMaxSize = "4294967295" LogTime = "yes" LogClean disabled LogSyslog disabled LogFacility = "LOG_LOCAL6" LogVerbose disabled LogRotate = "yes" ExtendedDetectionInfo = "yes" PidFile disabled TemporaryDirectory = "/tmp" DatabaseDirectory = "/var/lib/clamav" OfficialDatabaseOnly disabled LocalSocket = "/var/run/clamav/clamd.ctl" LocalSocketGroup = "clamav" LocalSocketMode = "666" FixStaleSocket = "yes" TCPSocket disabled TCPAddr disabled MaxConnectionQueueLength = "15" StreamMaxLength = "10485760" StreamMinPort = "1024" StreamMaxPort = "2048" MaxThreads = "12" ReadTimeout = "180" CommandReadTimeout = "5" SendBufTimeout = "200" MaxQueue = "100" IdleTimeout = "30" ExcludePath disabled MaxDirectoryRecursion = "15" FollowDirectorySymlinks disabled FollowFileSymlinks disabled CrossFilesystems = "yes" SelfCheck = "3600" DisableCache disabled VirusEvent disabled ExitOnOOM disabled AllowAllMatchScan = "yes" Foreground disabled Debug disabled LeaveTemporaryFiles disabled User = "clamav" Bytecode = "yes" BytecodeSecurity = "TrustSigned" BytecodeTimeout = "60000" BytecodeUnsigned disabled BytecodeMode = "Auto" DetectPUA disabled ExcludePUA disabled IncludePUA disabled AlgorithmicDetection = "yes" ScanPE = "yes" ScanELF = "yes" DetectBrokenExecutables disabled ScanMail = "yes" ScanPartialMessages disabled PhishingSignatures = "yes" PhishingScanURLs = "yes" PhishingAlwaysBlockCloak disabled PhishingAlwaysBlockSSLMismatch disabled PartitionIntersection disabled HeuristicScanPrecedence disabled StructuredDataDetection disabled StructuredMinCreditCardCount = "3" StructuredMinSSNCount = "3" StructuredSSNFormatNormal = "yes" StructuredSSNFormatStripped disabled ScanHTML = "yes" ScanOLE2 = "yes" OLE2BlockMacros disabled ScanPDF = "yes" ScanSWF = "yes" ScanXMLDOCS = "yes" ScanHWP3 = "yes" ScanArchive = "yes" ArchiveBlockEncrypted disabled ForceToDisk disabled MaxScanSize = "104857600" MaxFileSize = "26214400" MaxRecursion = "16" MaxFiles = "10000" MaxEmbeddedPE = "10485760" MaxHTMLNormalize = "10485760" MaxHTMLNoTags = "2097152" MaxScriptNormalize = "5242880" MaxZipTypeRcg = "1048576" MaxPartitions = "50" MaxIconsPE = "100" MaxRecHWP3 = "16" PCREMatchLimit = "10000" PCRERecMatchLimit = "5000" PCREMaxFileSize = "26214400" ScanOnAccess disabled OnAccessMountPath disabled OnAccessIncludePath disabled OnAccessExcludePath disabled OnAccessExcludeRootUID disabled OnAccessExcludeUID disabled OnAccessMaxFileSize = "5242880" OnAccessDisableDDD disabled OnAccessPrevention disabled OnAccessExtraScanning disabled DevACOnly disabled DevACDepth disabled DevPerformance disabled DevLiblog disabled DisableCertCheck disabled Config file: freshclam.conf --------------------------- LogFileMaxSize = "4294967295" LogTime disabled LogSyslog disabled LogFacility = "LOG_LOCAL6" LogVerbose disabled LogRotate = "yes" PidFile disabled DatabaseDirectory = "/var/lib/clamav/" Foreground disabled Debug disabled UpdateLogFile = "/var/log/clamav/freshclam.log" DatabaseOwner = "clamav" Checks = "24" DNSDatabaseInfo = "current.cvd.clamav.net" DatabaseMirror = "db.local.clamav.net", "database.clamav.net" PrivateMirror disabled MaxAttempts = "5" ScriptedUpdates = "yes" TestDatabases = "yes" CompressLocalDatabase disabled ExtraDatabase disabled DatabaseCustomURL disabled HTTPProxyServer disabled HTTPProxyPort disabled HTTPProxyUsername disabled HTTPProxyPassword disabled HTTPUserAgent disabled NotifyClamd = "/etc/clamav/clamd.conf" OnUpdateExecute disabled OnErrorExecute disabled OnOutdatedExecute disabled LocalIPAddress disabled ConnectTimeout = "30" ReceiveTimeout = "30" SafeBrowsing disabled Bytecode = "yes" clamav-milter.conf not found Software settings ----------------- Version: 0.100.2 Optional features supported: MEMPOOL IPv6 FRESHCLAM_DNS_FIX AUTOIT_EA06 BZIP2 LIBXML2 PCRE2 ICONV JSON Database information -------------------- Database directory: /var/lib/clamav/ WARNING: freshclam.conf and clamd.conf point to different database directories [3rd Party] bofhland_malware_URL.ndb: 10 sigs [3rd Party] securiteinfooffice.hdb: 4264 sigs [3rd Party] mbl.ndb: 0 sig [3rd Party] securiteinfopdf.hdb: 738 sigs bytecode.cld: version 327, sigs: 91, built on Thu Aug 9 08:43:48 2018 [3rd Party] spamimg.hdb: 185 sigs [3rd Party] jurlbl.ndb: 2705 sigs [3rd Party] winnow_bad_cw.hdb: 1 sig [3rd Party] securiteinfodos.hdb: 4509 sigs [3rd Party] securiteinfoelf.hdb: 1256 sigs [3rd Party] bofhland_cracked_URL.ndb: 26 sigs [3rd Party] securiteinfobat.hdb: 2600 sigs [3rd Party] winnow.attachments.hdb: 182 sigs [3rd Party] porcupine.ndb: 4352 sigs [3rd Party] winnow_extended_malware.hdb: 245 sigs [3rd Party] honeynet.hdb: 377 sigs [3rd Party] crdfam.clamav.hdb: 1 sig [3rd Party] bofhland_phishing_URL.ndb: 18 sigs [3rd Party] blurl.ndb: 136168 sigs [3rd Party] securiteinfo.hdb: 0 sig main.cld: version 58, sigs: 4566249, built on Thu Jun 8 05:38:10 2017 [3rd Party] rogue.hdb: 1947 sigs [3rd Party] phishtank.ndb: 23053 sigs [3rd Party] doppelstern.hdb: 1 sig daily.cld: version 25094, sigs: 2142750, built on Tue Nov 6 06:29:37 2018 [3rd Party] winnow_malware.hdb: 293 sigs [3rd Party] scam.ndb: 12521 sigs [3rd Party] sanesecurity.ftm: 170 sigs [3rd Party] junk.ndb: 57739 sigs [3rd Party] winnow_malware_links.ndb: 4623 sigs [3rd Party] bofhland_malware_attach.hdb: 1835 sigs [3rd Party] securiteinfohtml.hdb: 0 sig [3rd Party] spamattach.hdb: 14 sigs [3rd Party] securiteinfosh.hdb: 404 sigs [3rd Party] phish.ndb: 27432 sigs Total number of signatures: 6996759 Platform information -------------------- uname: Linux 4.18.0-2-amd64 #1 SMP Debian 4.18.10-2 (2018-11-02) x86_64 OS: linux-gnu, ARCH: x86_64, CPU: x86_64 Full OS version: Debian GNU/Linux testing (buster) zlib version: 1.2.11 (1.2.11), compile flags: a9 platform id: 0x0a215d5d0800000000080200 Build information ----------------- GNU C: 8.2.0 (8.2.0) CPPFLAGS: -Wdate-time -D_FORTIFY_SOURCE=2 CFLAGS: -g -O2 -fdebug-prefix-map=/build/clamav-T3yrV6/clamav-0.100.2+dfsg=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 CXXFLAGS: -g -O2 -fdebug-prefix-map=/build/clamav-T3yrV6/clamav-0.100.2+dfsg=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64 LDFLAGS: -Wl,-z,relro -Wl,-z,now -Wl,--as-needed Configure: '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=/usr/include' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--disable-silent-rules' '--libdir=/usr/lib/x86_64-linux-gnu' '--libexecdir=/usr/lib/x86_64-linux-gnu' '--runstatedir=/run' '--disable-maintainer-mode' '--disable-dependency-tracking' 'CFLAGS=-g -O2 -fdebug-prefix-map=/build/clamav-T3yrV6/clamav-0.100.2+dfsg=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64' 'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2' 'CXXFLAGS=-g -O2 -fdebug-prefix-map=/build/clamav-T3yrV6/clamav-0.100.2+dfsg=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64' 'LDFLAGS=-Wl,-z,relro -Wl,-z,now -Wl,--as-needed' '--with-dbdir=/var/lib/clamav' '--sysconfdir=/etc/clamav' '--disable-clamav' '--disable-unrar' '--enable-milter' '--enable-dns-fix' '--with-libjson' '--with-system-libmspack' '--with-libcurl=/usr' '--with-gnu-ld' '--with-systemdsystemunitdir=/lib/systemd/system' 'build_alias=x86_64-linux-gnu' sizeof(void*) = 8 Engine flevel: 93, dconf: 93 --- data dir --- total 493968 -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 23002958 Nov 6 09:16 blurl.ndb -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 2720 Nov 3 07:02 bofhland_cracked_URL.ndb -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 1088 Nov 3 07:02 bofhland_malware_URL.ndb -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 106188 Oct 26 2017 bofhland_malware_attach.hdb -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 1700 Nov 5 07:02 bofhland_phishing_URL.ndb -rw-r--r-- 1 clamav clamav 951808 Aug 9 09:56 bytecode.cld drwxr-xr-x 2 clamav clamav 4096 Sep 4 2017 clamav-b20b7008eebb4b9e94a5ddaf4a41c8e7.tmp -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 82 Jul 14 2016 crdfam.clamav.hdb -rw-r--r-- 1 clamav clamav 154948608 Nov 6 06:51 daily.cld -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 65 Jul 26 2013 doppelstern.hdb -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 22549 Feb 5 2013 honeynet.hdb -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 7237711 Nov 5 01:16 junk.ndb -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 322951 Nov 6 07:15 jurlbl.ndb -rw-r--r-- 1 clamav clamav 307499008 Jun 8 2017 main.cld -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 356 Jan 29 2015 mbl.ndb -rw-r--r-- 1 clamav clamav 2340 Nov 6 09:51 mirrors.dat -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 4044867 Nov 6 01:16 phish.ndb -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 3419073 Nov 6 08:01 phishtank.ndb -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 454569 Nov 5 11:01 porcupine.ndb -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 212906 Nov 6 01:16 rogue.hdb -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 11098 Oct 18 2016 sanesecurity.ftm -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 1900636 Nov 3 00:15 scam.ndb -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 281 Sep 9 2015 securiteinfo.hdb -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 200405 Feb 5 2013 securiteinfobat.hdb -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 391274 Nov 28 2013 securiteinfodos.hdb -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 75040 Jan 21 2014 securiteinfoelf.hdb -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 285 Sep 9 2015 securiteinfohtml.hdb -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 264154 Feb 5 2013 securiteinfooffice.hdb -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 51819 Feb 25 2015 securiteinfopdf.hdb -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 29520 Feb 5 2013 securiteinfosh.hdb -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 958 Nov 2 05:20 sigwhitelist.ign2 -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 1391 Apr 28 2017 spamattach.hdb -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 17764 Oct 3 15:15 spamimg.hdb -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 14825 Jul 16 15:28 winnow.attachments.hdb -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 66 Jul 21 2015 winnow_bad_cw.hdb -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 16271 Feb 26 2018 winnow_extended_malware.hdb -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 18189 Mar 5 2018 winnow_malware.hdb -rw-r--r-- 1 clamav-unofficial-sigs clamav-unofficial-sigs 506160 Jun 26 18:27 winnow_malware_links.ndb -- System Information: Debian Release: buster/sid APT prefers testing-debug APT policy: (900, 'testing-debug'), (900, 'testing'), (800, 'unstable-debug'), (800, 'unstable'), (790, 'buildd-unstable'), (700, 'experimental-debug'), (700, 'experimental'), (690, 'buildd-experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.18.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8), LANGUAGE=en_AU.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages clamav-daemon depends on: ii adduser 3.118 ii clamav-base 0.100.2+dfsg-1 ii clamav-freshclam [clamav-data] 0.100.2+dfsg-1 ii debconf [debconf-2.0] 1.5.69 ii dpkg 1.19.2 ii libc6 2.27-8 ii libclamav7 0.100.2+dfsg-1 ii libncurses6 6.1+20181013-1 ii libssl1.1 1.1.1-2 ii libsystemd0 239-11 ii libtinfo6 6.1+20181013-1 ii lsb-base 9.20170808 ii procps 2:3.3.15-2 ii ucf 3.0038 ii zlib1g 1:1.2.11.dfsg-1 Versions of packages clamav-daemon recommends: ii clamdscan 0.100.2+dfsg-1 Versions of packages clamav-daemon suggests: ii apparmor 2.13.1-3+b1 pn clamav-docs <none> pn daemon <none> -- bye, pabs https://bonedaddy.net/pabs3/
signature.asc
Description: This is a digitally signed message part