According to upstream, this is for selinux and pax detection. This
permission problem doesn't affect anything, except for apparmor logs
since we have neither and they wouldn't co-exist with apparmor if a user
had switched to them.
The detection process opens /proc/pid/status and if it can't be opened,
it assumes no pax. Then it opens /proc/filesystems and if it can't open
it then it tries /proc/selinux/enforce and if that can't be opened
either it assumes no selinux.
I suspect it's probably better to allow these checks because other
people will see this in their logs and file bugs. Additionally, I don't
like the idea of leaving a profile in place that interferes with
upstream functionality even though it happens to produce the same result
at the moment.
** Changed in: clamav (Ubuntu)
Milestone: None => ubuntu-10.10
--
apparmor blocks freshclam process info after latest update
https://bugs.launchpad.net/bugs/645061
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to clamav in ubuntu.
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
