Whenever I try to execute a ClamAV scan on a file in many of my bin
directories, it fails with a
Can't open file or directory ERROR
message. I know it's possible to get ClamdScan to scan the bin
directory but I can't figure out how. Any suggestions?
$ clamdscan /bin/true
/bin/true: Can't open file or directory ERROR
----------- SCAN SUMMARY -----------
Infected files: 0
Total errors: 1
Time: 0.000 sec (0 m 0 s)
I can't find any differences between the AppArmor
configuration files on the machine where it works and on the machine where it doesn't. I did get it to scan with a workaround by adding:
/bin/** r,
to:
/etc/apparmor.d/local/usr.sbin.clamd
But this line isn't present on the other machine's local clamd
AppArmor
permissions file so I'm still confused and such a shot-gun solution of just saying ClamAV
can access everything in /bin
and below mainly because if this is the solution then I have to add /sbin
/usr/bin
and /usr/sbin
to AppArmor
as well, and that just seems counter-intuitive.
-rwxr-xr-x 1 root root 27184 Nov 8 07:49 /bin/true*
for the given executable anddrwxr-xr-x 2 root root 4096 Nov 7 15:11 bin/
for the directory. But I think it has to do with AppArmor.