apparmor denies freshclam access to /var/run/samba/gencache.tdb

Please try adding:

deny /var/run/samba/gencache.tdb

to the freshclam apparmor profile. That will stop it being logged. The profile is:

/etc/apparmor.d/usr.bin.freshclam

or ...

deny /var/run/samba/gencache.tdb mrwkl,

This bug was fixed in the package clamav - 0.95+dfsg-2ubuntu1

---------------
clamav (0.95+dfsg-2ubuntu1) jaunty; urgency=low

  * Merge from debian unstable, remaining changes (LP: #354015):
    - Drop build-dep on electric-fence (in Universe) and run make test on all
      archs since arch specific test failures with electric-fence are not a
      problem
    - Add apparmor profiles for clamd and freshclam along with maintainer
      script changes
  * Update apparmor profile to allow access to usr-tmp for klamav
    (LP: #310737)
  * Update apparmor profile to not log samba related denails (LP: #346397)
  * Move apparmor from recommends to suggests - we don't want to cause it to
    be installed if it has been removed

clamav (0.95+dfsg-2) unstable; urgency=low

  [ Michael Tautschnig ]
  * Improved debconf questions
  * Added Homepage: control field
  * Another watch file fix to rank upstreams rc lower than releases.
  * Even more /var/run-on-tmpfs fixes (closes: #521606).
  * Ignore failing test suite on alpha, ia64, sparc (bugs filed against
    glibc).

  [ Stephen Gran ]
  * Lots of option handling fixups for clamav-milter (closes: #521668).
  * Remove new .cld files on removal of freshclam
  * Eliminate unnecessary ucf version check
  * Try to preseed clamav-milter.conf with options from clamd.conf where
    possible
  * package new clamdtop utility (closes: #521658)

clamav (0.95+dfsg-1) unstable; urgency=low

  [ Michael Tautschnig ]
  * New upstream version, fixes:
    - License incompatibility with libgmp (closes: #512776)
    - wrong claim about all interception message methods (closes: #438455)
    - clamdscan fails to connect to clamd (closes: #515798)
    - clamav-milter dies after email scanning (sparc64) (closes: #339590)
    - VERSION reports wrong database version (closes: #323803)
    - memory footprint skyrockets (closes: #420391)
    - Virus not detected in RAR-archive inside email (closes: #484642)
    - clamav-milter ignores whitelist file (closes: #520353)
    - clamav-milter won't start when both local and tcp socket are in use
      (closes: #505852)
    - ERROR: Can't find any clamd server (closes: #435007)
    - clamd: random SIGABRT (closes: #512720)
  * Removed configure options that aren't supported anymore (--with-sendmail,
    --with-tcpwrappers, --with-dns)
  * Bumped Standards-Version to 3.8.1 (added mkdir calls to ensure
    /var/run/clamav exists)
  * Configure with --with-system-tommath to use Debian's libtommath-dev
    instead of the bundled one.
  * Updated *Depends (dropped essential packages and removed versions where
    etch already satisfies the dependencies).
  * SONAME bump: libclamav5 -> libclamav6
  * Build-Depend on libltdl3-dev to avoid using the bundled libltdl, but still
    get support for runtime loading (nonfree) unrar code if the user so
    decides.
  * Fixed watch file to deal with new versioning schema (+dfsg).
  * Run make check unless nocheck is in DEB_BUILD_OPTIONS
  * Changed Section of clamav-dbg to debug.
  * Override lintian error stating that libclamav6 statically links to zlib
    (lintian is right, libclamav6 does indeed duplicate parts of the zlib
    code, but there ...

Accepted into intrepid-proposed; please test and give feedback here. Please see https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

Intrepid Ibex reached end-of-life on 30 April 2010 so I am closing the
report. The bug has been fixed in newer releases of Ubuntu.