Hi, I have a server running Debian 8. I set it up with the howto: The Perfect Server - Debian 8 Jessie (Apache2, BIND, Dovecot, ISPConfig 3) and it worked flawlessly for about 7 months now. last night my mail stopped working. the mail.warn log shows that it must be something with Amavis and Postifx, it shows many entries like the following: Code: Jul 20 16:46:17 rincewind amavis[2922]: (02922-06) (!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (All attempts (1) failed connecting to /var/run/clamav/clamd.ctl) at (eval 99) line 613.\n Jul 20 16:46:17 rincewind amavis[2922]: (02922-06) (!)WARN: all primary virus scanners failed, considering backups Jul 20 16:46:31 rincewind amavis[2922]: (02922-07) (!)connect to /var/run/clamav/clamd.ctl failed, attempt #1: Can't connect to a UNIX socket /var/run/clamav/clamd.ctl: No such file or directory Jul 20 16:46:32 rincewind amavis[2922]: (02922-07) (!)connect to /var/run/clamav/clamd.ctl failed, attempt #1: Can't connect to a UNIX socket /var/run/clamav/clamd.ctl: No such file or directory Jul 20 16:46:32 rincewind amavis[2922]: (02922-07) (!)ClamAV-clamd: All attempts (1) failed connecting to /var/run/clamav/clamd.ctl, retrying (2) Jul 20 16:46:38 rincewind amavis[2922]: (02922-07) (!)connect to /var/run/clamav/clamd.ctl failed, attempt #1: Can't connect to a UNIX socket /var/run/clamav/clamd.ctl: No such file or directory Jul 20 16:46:38 rincewind amavis[2922]: (02922-07) (!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (All attempts (1) failed connecting to /var/run/clamav/clamd.ctl) at (eval 99) line 613.\n Jul 20 16:46:38 rincewind amavis[2922]: (02922-07) (!)WARN: all primary virus scanners failed, considering backups I checked if clamav-daemon was running with service clamav-daemon status, which gave me: Code: ● clamav-daemon.service - Clam AntiVirus userspace daemon Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled) Active: failed (Result: start-limit) since Wed 2016-07-20 16:18:04 CEST; 44min ago Docs: man:clamd(8) man:clamd.conf(5) http://www.clamav.net/lang/en/doc/ Process: 2580 ExecStart=/usr/sbin/clamd --foreground=true (code=exited, status=1/FAILURE) Main PID: 2580 (code=exited, status=1/FAILURE) Jul 20 16:18:04 rincewind clamd[2580]: ERROR: Parse error at line 11: Unknown option AllowSupplementaryGroups Jul 20 16:18:04 rincewind clamd[2580]: ERROR: Can't open/parse the config file /etc/clamav/clamd.conf Jul 20 16:18:04 rincewind systemd[1]: clamav-daemon.service: main process exited, code=exited, status=1/FAILURE Jul 20 16:18:04 rincewind systemd[1]: Unit clamav-daemon.service entered failed state. Jul 20 16:18:04 rincewind systemd[1]: clamav-daemon.service start request repeated too quickly, refusing to start. Jul 20 16:18:04 rincewind systemd[1]: Failed to start Clam AntiVirus userspace daemon. Does anyone have an idea, of how I can fix this?
Edit the /etc/clamav/clamd.conf file and add a # in front of the AllowSupplementaryGroups line. Then restart the clamav-daemon.
Thanks Till, this seems to have done the trick! Do you know, how this could happen? After all, the server was running smoothly the last 7 months and this problem never occured before. Could the cause be an "aptitude update && aptitude safe-upgrade"?
Yes, this is an issue which is also present in the Debian bug database. The maintainer of the Debian ClamAV package has removed the support for the AllowSupplementaryGroups (which was required before this update) in a way that ClamAV failed (instead of just ignoring the now obsolete option). But such issues are very rare, so dont worry and keep updating your server.
You bet! I'm not going to stop updating my servers because of something like this Again: Thanks! you saved my day yesterday
