LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 06-25-2018, 03:57 PM   #1
Toadman
Member
 
Registered: Aug 2002
Location: Copperas Cove, Texas
Distribution: Ubuntu 18.04 LTS
Posts: 287

Rep: Reputation: 20
apparmor="DENIED" operation="rename_src" profile="/usr/bin/freshclam


I was out of town last week and when I got home I noticed the above
while going through my hourly syslog snippets prior to and at times after freshclam is run. The complete output is:

Code:
Jun 25 10:50:05 localhost kernel: [788545.135322] audit: type=1400 audit(1529941805.647:1558): apparmor="DENIED" operation="rename_src" profile="/usr/bin/freshclam" name="/var/log/clamav/freshclam.log" pid=21707 comm="freshclam" requested_mask="r" denied_mask="r" fsuid=121 ouid=121
Jun 25 10:50:05 localhost kernel: [788545.322606] audit: type=1400 audit(1529941805.834:1559): apparmor="DENIED" operation="rename_src" profile="/usr/bin/freshclam" name="/var/log/clamav/freshclam.log" pid=21707 comm="freshclam" requested_mask="r" denied_mask="r" fsuid=121 ouid=121
Jun 25 10:50:05 localhost kernel: [788545.417903] audit: type=1400 audit(1529941805.930:1560): apparmor="DENIED" operation="rename_src" profile="/usr/bin/freshclam" name="/var/log/clamav/freshclam.log" pid=21707 comm="freshclam" requested_mask="r" denied_mask="r" fsuid=121 ouid=121
Jun 25 10:50:05 localhost kernel: [788545.418042] audit: type=1400 audit(1529941805.930:1561): apparmor="DENIED" operation="rename_src" profile="/usr/bin/freshclam" name="/var/log/clamav/freshclam.log" pid=21707 comm="freshclam" requested_mask="r" denied_mask="r" fsuid=121 ouid=121
Jun 25 10:50:05 localhost kernel: [788545.418059] audit: type=1400 audit(1529941805.930:1562): apparmor="DENIED" operation="rename_src" profile="/usr/bin/freshclam" name="/var/log/clamav/freshclam.log" pid=21707 comm="freshclam" requested_mask="r" denied_mask="r" fsuid=121 ouid=121
Jun 25 10:50:06 localhost freshclam[21707]: Max retries == 3
Jun 25 10:50:06 localhost freshclam[21707]: Using IPv6 aware code
Jun 25 10:50:06 localhost freshclam[21707]: Querying current.cvd.clamav.net
Jun 25 10:50:06 localhost kernel: [788545.531237] audit: type=1400 audit(1529941806.043:1563): apparmor="DENIED" operation="rename_src" profile="/usr/bin/freshclam" name="/var/log/clamav/freshclam.log" pid=21707 comm="freshclam" requested_mask="r" denied_mask="r" fsuid=121 ouid=121
Jun 25 10:50:06 localhost kernel: [788545.531554] audit: type=1400 audit(1529941806.043:1564): apparmor="DENIED" operation="rename_src" profile="/usr/bin/freshclam" name="/var/log/clamav/freshclam.log" pid=21707 comm="freshclam" requested_mask="r" denied_mask="r" fsuid=121 ouid=121
Jun 25 10:50:06 localhost kernel: [788545.531557] audit: type=1400 audit(1529941806.043:1565): apparmor="DENIED" operation="rename_src" profile="/usr/bin/freshclam" name="/var/log/clamav/freshclam.log" pid=21707 comm="freshclam" requested_mask="r" denied_mask="r" fsuid=121 ouid=121
Jun 25 10:50:06 localhost kernel: [788545.531559] audit: type=1400 audit(1529941806.043:1566): apparmor="DENIED" operation="rename_src" profile="/usr/bin/freshclam" name="/var/log/clamav/freshclam.log" pid=21707 comm="freshclam" requested_mask="r" denied_mask="r" fsuid=121 ouid=121
Jun 25 10:50:06 localhost kernel: [788545.531561] audit: type=1400 audit(1529941806.043:1567): apparmor="DENIED" operation="rename_src" profile="/usr/bin/freshclam" name="/var/log/clamav/freshclam.log" pid=21707 comm="freshclam" requested_mask="r" denied_mask="r" fsuid=121 ouid=121
Jun 25 10:50:06 localhost freshclam[21707]: WARNING: Your ClamAV installation is OUTDATED!
Jun 25 10:50:06 localhost freshclam[21707]: WARNING: Local version: 0.99.4 Recommended version: 0.100.0
Jun 25 10:50:06 localhost freshclam[21707]: DON'T PANIC! Read http://www.clamav.net/documents/upgrading-clamav
Jun 25 10:50:06 localhost freshclam[21707]: TTL: 1800
Jun 25 10:50:06 localhost freshclam[21707]: Software version from DNS: 0.100.0
Jun 25 10:50:06 localhost freshclam[21707]: Your ClamAV installation is OUTDATED!
Jun 25 10:50:06 localhost freshclam[21707]: Local version: 0.99.4 Recommended version: 0.100.0
Jun 25 10:50:06 localhost freshclam[21707]: bytecode.cld is up to date (version: 322, sigs: 90, f-level: 63, builder: neo)
Jun 25 10:50:06 localhost freshclam[21707]: DON'T PANIC! Read http://www.clamav.net/documents/upgrading-clamav
Jun 25 10:50:06 localhost freshclam[21707]: main.cvd version from DNS: 58
Jun 25 10:50:06 localhost freshclam[21707]: daily.cvd version from DNS: 24695
Jun 25 10:50:06 localhost freshclam[21707]: bytecode.cvd version from DNS: 322
Jun 25 10:50:06 localhost freshclam[21707]: bytecode.cld is up to date (version: 322, sigs: 90, f-level: 63, builder: neo)
System info is:

lsb_release -rd
Description: Ubuntu 16.04.4 LTS
Release: 16.04

Code:
apt-cache policy clamav-freshclam
clamav-freshclam:
  Installed: 0.99.4+addedllvm-0ubuntu0.16.04.1
  Candidate: 0.99.4+addedllvm-0ubuntu0.16.04.1
  Version table:
 *** 0.99.4+addedllvm-0ubuntu0.16.04.1 500
        500 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages
        500 http://security.ubuntu.com/ubuntu xenial-security/main amd64 Packages
        100 /var/lib/dpkg/status
     0.99+dfsg-1ubuntu1 500
        500 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 Packages
I've asked on the ClamAv Mailing list - suggested I ask on the Ubuntu Users list, asked there over a day ago, not even a reply of 'have no idea' so I'm asking here.
 
Old 06-25-2018, 04:07 PM   #2
scasey
Senior Member
 
Registered: Feb 2013
Location: Tucson, AZ, USA
Distribution: CentOS 7.8.2003
Posts: 4,956

Rep: Reputation: 1830Reputation: 1830Reputation: 1830Reputation: 1830Reputation: 1830Reputation: 1830Reputation: 1830Reputation: 1830Reputation: 1830Reputation: 1830Reputation: 1830
It's not clear to me what you're asking about...so I'll guess:

The current version of clamav is 0.100.0
You're running 0.99.4
There you will see several options for upgrading to the latest version. I'm opting to wait until my distro updates in the repositories, but you could install the upgrade manually, if you wanted to.

It appears that the freshclam upgrade of the AV signatures worked just fine.
 
Old 06-25-2018, 04:23 PM   #3
Toadman
Member
 
Registered: Aug 2002
Location: Copperas Cove, Texas
Distribution: Ubuntu 18.04 LTS
Posts: 287

Original Poster
Rep: Reputation: 20
Apologies, I should have been more explicit in my question. Last Tuesday while I was out of town this started showing up in my syslog prior to and sometimes after the run of freshclam"

Code:
Jun 25 10:50:05 localhost kernel: [788545.135322] audit: type=1400 audit(1529941805.647:1558): apparmor="DENIED" operation="rename_src" profile="/usr/bin/freshclam" name="/var/log/clamav/freshclam.log" pid=21707 comm="freshclam" requested_mask="r" denied_mask="r" fsuid=121 ouid=121
Jun 25 10:50:05 localhost kernel: [788545.322606] audit: type=1400 audit(1529941805.834:1559): apparmor="DENIED" operation="rename_src" profile="/usr/bin/freshclam" name="/var/log/clamav/freshclam.log" pid=21707 comm="freshclam" requested_mask="r" denied_mask="r" fsuid=121 ouid=121
Jun 25 10:50:05 localhost kernel: [788545.417903] audit: type=1400 audit(1529941805.930:1560): apparmor="DENIED" operation="rename_src" profile="/usr/bin/freshclam" name="/var/log/clamav/freshclam.log" pid=21707 comm="freshclam" requested_mask="r" denied_mask="r" fsuid=121 ouid=121
Jun 25 10:50:05 localhost kernel: [788545.418042] audit: type=1400 audit(1529941805.930:1561): apparmor="DENIED" operation="rename_src" profile="/usr/bin/freshclam" name="/var/log/clamav/freshclam.log" pid=21707 comm="freshclam" requested_mask="r" denied_mask="r" fsuid=121 ouid=121
Jun 25 10:50:05 localhost kernel: [788545.418059] audit: type=1400 audit(1529941805.930:1562): apparmor="DENIED" operation="rename_src" profile="/usr/bin/freshclam" name="/var/log/clamav/freshclam.log" pid=21707 comm="freshclam" requested_mask="r" denied_mask="r" fsuid=121 ouid=121
Like you I'm waiting until the Ubuntu devs come out with the .100 release which if I recall may not be until the .101 version of ClamAv.
 
Old 06-25-2018, 04:25 PM   #4
scasey
Senior Member
 
Registered: Feb 2013
Location: Tucson, AZ, USA
Distribution: CentOS 7.8.2003
Posts: 4,956

Rep: Reputation: 1830Reputation: 1830Reputation: 1830Reputation: 1830Reputation: 1830Reputation: 1830Reputation: 1830Reputation: 1830Reputation: 1830Reputation: 1830Reputation: 1830
Oh...sorry. I have no clue what that's about.
 
Old 06-27-2018, 08:52 AM   #5
Toadman
Member
 
Registered: Aug 2002
Location: Copperas Cove, Texas
Distribution: Ubuntu 18.04 LTS
Posts: 287

Original Poster
Rep: Reputation: 20
After posting on the Apparmor Ubuntu list a fix was supplied by Seth Arnold

Code:
in the meantime you could add a new line:

  /var/log/clamav/* r,

to your /etc/apparmor.d/local/usr.bin.freshclam file, then reload the
profile with:

sudo apparmor_parser --replace /etc/apparmor.d/usr.bin.freshclam
He also submitted a bug report - https://bugs.launchpad.net/ubuntu/+s...v/+bug/1778812

I'm marking this a solved.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Cannot 'find "[" -maxdepth 1 -wholename "/usr/bin/[" ! \( -perm /g+w,o+w \)' standard_output Linux - General 5 09-13-2013 04:23 PM
can't locate object method "path" via package "Autom4te::Request" at/usr/bin/autom4te wjh513 Linux - Software 1 08-13-2010 02:31 PM
script using "/usr/bin/cat error" produces "cannot open" in cron Dcrusoe Programming 6 07-22-2009 03:30 PM
problem "make"ing gtk+ "/usr/bin/env: perl -w" caid Linux - Newbie 8 07-29-2005 04:51 AM
what is "S" instead of "X" in the file permission when i look at /usr/bin/chsh? Linux_interest Linux - Newbie 4 08-28-2004 09:22 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 07:46 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration