Beware of breaking ClamAV-daemon when you update Debian

Post by **dpeca** » Wed Jun 29, 2016 1:31 pm

After update Debian 8.5, clamav-daemon has failed to start on all servers.

root@mail:~# service clamav-daemon status
[x] clamav-daemon.service - Clam AntiVirus userspace daemon
   Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled)
   Active: failed (Result: start-limit) since Wed 2016-06-29 14:53:19 CEST; 17s ago
     Docs: man:clamd(8)
           man:clamd.conf(5)
           http://www.clamav.net/lang/en/doc/
  Process: 29660 ExecStart=/usr/sbin/clamd --foreground=true (code=exited, status=1/FAILURE)
 Main PID: 29660 (code=exited, status=1/FAILURE)

Jun 29 14:53:19 my.server.host systemd[1]: Started Clam AntiVirus userspace daemon.
Jun 29 14:53:19 my.server.host clamd[29660]: ERROR: Parse error at line 11: Unknown option AllowSupplementaryGroups
Jun 29 14:53:19 my.server.host clamd[29660]: ERROR: Can't open/parse the config file /etc/clamav/clamd.conf
Jun 29 14:53:19 my.server.host systemd[1]: clamav-daemon.service: main process exited, code=exited, status=1/FAILURE
Jun 29 14:53:19 my.server.host systemd[1]: Unit clamav-daemon.service entered failed state.
Jun 29 14:53:19 my.server.host systemd[1]: Starting Clam AntiVirus userspace daemon...
Jun 29 14:53:19 my.server.host systemd[1]: clamav-daemon.service start request repeated too quickly, refusing to start.
Jun 29 14:53:19 my.server.host systemd[1]: Failed to start Clam AntiVirus userspace daemon.

I edited /etc/clamav/clamd.conf and comment

Code: Select all

# AllowSupplementaryGroups

Also, fix permissions:

Code: Select all

chown -R clamav:clamav /var/run/clamav

At the end, start clamav:

Code: Select all

service clamav-daemon start

Not sure if commenting 'AllowSupplementaryGroups' will break something other, but I don't see other option right now.
I searched the net, nobody knows what is a substitution for this option.
If someone has better idea, please reply.

Rayman · Post by **Rayman** » Thu Aug 11, 2016 12:06 pm

For reference: https://bugs.debian.org/cgi-bin/bugrepo ... bug=826406

Post by **dpeca** » Fri Aug 12, 2016 4:10 pm

He said they fixed this bug on 06 Jun.
I noticed a bug on 29 Jun, with freshly updated and latest Debian.
I'm confused :)

However, they 'fixed' a bug by ignoring option, so, there is no better solution obviously.

Post by **dpeca** » Mon Aug 15, 2016 2:40 am

Freshly installed Debian, updated, and bug is still there.

# apt-get upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

# cat /etc/debian_version
8.5

# service clamav-daemon status
...
Aug 15 02:55:50 mail.****.rs clamd[1780]: ERROR: Parse error at line 11: Unknown option AllowSupplementaryGroups
Aug 15 02:55:50 mail.****.rs clamd[1780]: ERROR: Can't open/parse the config file /etc/clamav/clamd.conf

Mavashi · Post by **Mavashi** » Sun Aug 21, 2016 1:33 am

Thank you very much! I've recovered my clamav by commenting this AllowSupplementaryGroups.

baijianpeng · Post by **baijianpeng** » Tue Sep 27, 2016 3:34 pm

dpeca wrote: I edited /etc/clamav/clamd.conf and comment
Code: Select all
# AllowSupplementaryGroups

Today I also have problem: my clamav will not run!

After I used your trick ( I just set AllowSupplementaryGroups to "no" ), clamd runs properly!

Thank you.

Vesta Control Panel - Forum