[ZendTo] Debian Buster, apparmor and clamd
Kevin Miller
kevin.miller at juneau.org
Tue Sep 24 23:34:44 BST 2019
I have a zendto installed on Debian Stretch (on a VM) which works fine. I cloned it, updated zendto to 5.21-2 Production, and everything was fine. I then upgraded Stretch to Buster. After that, things went south. I'm seeing an AppArmor issue. The following is from the syslog:
Sep 24 13:46:27 fileshare2 kernel: [ 723.420159] audit: type=1400 audit(1569361587.454:13): apparmor="DENIED" operation="getattr" info="Failed name lookup - disconnected path" error=-13 profile="/usr/sbin/clamd" name="var/zendto/incoming/phpeuAoDV" pid=528 comm="clamd" requested_mask="r" denied_mask="r" fsuid=112 ouid=33
I disabled AppArmor, rebooted, and everything worked as advertised. FWIW, AppArmor isn't running on the host with Debian Stretch.
One thing that stands out in the error message is:
name="var/zendto/incoming/phpeuAoDV
Note the lack of leading / character in the filename. I suspect that's the issue but I don't know what's passing the file path without the leading forward slash.
I did add in the /var/zendto tree to the AppArmor configuration as below.
root at fileshare2:/etc/apparmor.d/local# cat usr.sbin.clamd
# Site-specific additions and overrides for usr.sbin.clamd.
# For more details, please see /etc/apparmor.d/local/README.
/var/zendto/** r,
I know Julian is laid up - hoping someone else here's already solved the problem...
...Kevin
--
Kevin Miller
Network/email Administrator, CBJ MIS Dept.
155 South Seward Street
Juneau, Alaska 99801
Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: 307357
More information about the ZendTo
mailing list