I just upgraded my Debian Jessie server with ispconfig3.0.5 and now I'm getting the warnings below in Mail Warn Log. It appears that clamav updated to 0.99.2 I was asked if I wanted to keep my existing clamd.conf so I chose Yes. The /etc/clamav/clamd.conf.ucf-dist file doesn't have AllowSupplementaryGroups And that led me to this: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=826406 Is that what's causing the messages below? What should I do other than comment the AllowSupplementaryGroups line? Jun 5 17:12:56 s1 amavis[961]: (00961-01) (!)connect to /var/run/clamav/clamd.ctl failed, attempt #1: Can't connect to a UNIX socket /var/run/clamav/clamd.ctl: No such file or directory Jun 5 17:12:57 s1 amavis[961]: (00961-01) (!)connect to /var/run/clamav/clamd.ctl failed, attempt #1: Can't connect to a UNIX socket /var/run/clamav/clamd.ctl: No such file or directory Jun 5 17:12:57 s1 amavis[961]: (00961-01) (!)ClamAV-clamd: All attempts (1) failed connecting to /var/run/clamav/clamd.ctl, retrying (2) Jun 5 17:13:03 s1 amavis[961]: (00961-01) (!)connect to /var/run/clamav/clamd.ctl failed, attempt #1: Can't connect to a UNIX socket /var/run/clamav/clamd.ctl: No such file or directory Jun 5 17:13:03 s1 amavis[961]: (00961-01) (!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (All attempts (1) failed connecting to /var/run/clamav/clamd.ctl) at (eval 99) line 613.\n Jun 5 17:13:03 s1 amavis[961]: (00961-01) (!)WARN: all primary virus scanners failed, considering backups
Hi Till, It appears that AllowSupplementaryGroups was removed from clamav 0.99.2 and clamav 0.99.2 fails to start if this option is present in /etc/clamav/clamd.conf This is not very good clamav upgrade behavior in my opinion but it's not Ispconfig's fault. I think clamav should just issue a warning and ignore AllowSupplementaryGroups I commented out the AllowSupplementaryGroups line. The server has now been running overnight with no errors as far as I can tell. The question I would like to find an answer to is exactly what AllowSupplementaryGroups does or did and whether removing it will cause any future issues with my server. Perhaps it is simply not required in clamav 0.99.2 in which case the best answer when doing an upgrade would be to tell clamav to use its new configuration file instead of keeping the old one. If you keep the old one with the AllowSupplementaryGroups option in it, clamav fails.
justinsane, Thank you for your post. I just opened a thread with a similar problem and then was doing more searching and found this. Commented out AllowSupplementaryGroups and clamav at least starts. Running this server on Jessie os, my other 2 mail servers running on Wheezy do not seem to have this problem. Are you running Jessie os? Update: Never mind. It appears my other 2 Wheezy servers are still running 0.99 and not 0.99.2
Hi, Yes I'm running Jessie. The problem occurs only on Jessie. I also have a Wheezy server. On Wheezy clamav is giving a warning that it's outdated but no upgrade is being offered. Let's hope the clamav maintainer does something about this before Wheezy gets the 0.99.2 upgrade. This is very poor clamav upgrade behavior in my opinion. Upgrades should not ask whether a config file should be replaced. The person doing the upgrade may not even be the same person who installed the server so how would they know the correct answer?
Comment out that line, if you dont get amavis connect errors, then it's fine. The line was originally added there by ClamAV, not ispconfig. Clamav worked fine with amavisd for many years, then ClamAV decided about a year ago to not accept requests from additional users that have correct permissions and group memberships anymore which made it necessary to set this line to yes. And now, a minor ClamAV version later, they decided to fail when the config of their own software contains a line which it required before. I won't call that professional. Removing outdated settings is ok off course, but this should be just a notice in the log to remind the admin to clean up the config file and never be a fatal failure. The worst thing is, many users might not have noticed at all that their antivirus fails now or at least it is much slower as amavis will use its fallback to clamscan instead of clamdscan.
Same problem. Debian 8. I have /etc/clamav/clamd.conf but not /etc/clamav/clamd.conf.ucf-dis Should I create a blank file and add "AllowSupplementaryGroups=yes" ? Or should I put it in the existing /etc/clamav/clamd.conf file?
