Comment 3 for bug 1930393

To clarify: I acknowledge and confirm that the first debconf dialog does tell you indeed that it won't work automatically out of the box. But in effect it does.

$ clamdscan --fdpass eicar.com
/tmp/eicar.com: Win.Test.EICAR_HDB-1 FOUND

----------- SCAN SUMMARY -----------
Infected files: 1
Time: 0.005 sec (0 m 0 s)
Start Date: 2021:06:04 11:21:37
End Date: 2021:06:04 11:21:37

After fresh install and reboot on a fresh 20.04 server VM here. And since those dialogs are not shown upon install, it makes it difficult for users to know they're there (there's a catch 22 in that you need to run dpkg-reconfigure to be told you need to run dpkg-reconfigure).

Even then, accepting the defaults in dpkg-reconfigure does leave clamd vulnerable.

See also https://github.com/extremeshok/clamav-unofficial-sigs/blob/master/guides/ubuntu-debian.md
instructions for installing and using clamav-unofficial-sigs on Ubuntu (there is an outdated package by the same name in the Ubuntu repos) which tells you how to install clamav, but doesn't mention running dpkg-reconfigure clamav-daemon, let alone fixing the permissions of the socket.