[clamav-users] fanotify allowed in kernel, clamd running as root, clamd complaining it needs to run as root
Mark Fortescue
mark.lists at thurning-instruments.co.uk
Wed Sep 4 13:14:59 UTC 2019
Hi Jeff,
Looks like Apparmor may be stepping in and preventing access. Have you
checked that Apparmor has been changed to give clamd the required
permissions ?
Regards
Mark.
On 03/09/2019 22:01, Jeff Blaine via clamav-users wrote:
> Hello all,
>
> I'm experiencing something odd on Ubuntu 18.04. As far as I can tell I
> have done everything I am supposed to in order to get OnAccess scanning
> working. I've already gotten our RHEL 7 hosts working fine. If anyone
> knows what is going wrong here, I would love to hear it. Thank you.
>
> 1. The kernel checks out fine for fanotify:
>
> jblaine at ub18test:/etc/clamav$ uname -a
> Linux ub18test 4.15.0-58-generic #64-Ubuntu SMP Tue Aug 6 11:12:41 UTC
> 2019 x86_64 x86_64 x86_64 GNU/Linux
> jblaine at ub18test:/etc/clamav$ cat /boot/config-4.15.0-58-generic | grep
> FANOTIFY
> CONFIG_FANOTIFY=y
> CONFIG_FANOTIFY_ACCESS_PERMISSIONS=y
> jblaine at ub18test:/etc/clamav$
>
> 2. clamd *is* running as root:
>
> root 55172 1 81 16:33 ? 00:00:44 /usr/sbin/clamd
> --foreground=true
>
> 3. clamd complains that it needs to run as root:
>
> Sep 3 16:33:50 ub18test clamd[55172]: ScanOnAccess: fanotify_init
> failed: Operation not permitted
> Sep 3 16:33:50 ub18test clamd[55172]: ScanOnAccess: clamd must be
> started by root
>
> --Jeff
>
>
> _______________________________________________
>
> clamav-users mailing list
> clamav-users at lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
More information about the clamav-users
mailing list