Hi there, On Fri, 25 Mar 2022, Jean-Claude VERGEROLLE wrote:
After an apt upgrade, clamav-daemon do not start System : debian buster 4.19.232-1 clamav version : 0.103.5+dfsg-0+deb10u1 amd64 I got this in the log /var/log/clamav/clamav.log ... ... Fri Mar 25 13:00:11 2022 -> ERROR: Unknown group clamav Can you help me ?
Yes. :) I don't know what has changed nor why it has changed but it's a simple problem with a simple fix. At a guess there will be something that you did not tell us about what you've done, perhaps because you don't know you've done it, but it's possible that the mistake wasn't yours. Every process which runs on your system is 'owned' by what you can think of as a 'user'. The user is not necessarily a person. Users are just names like 'root' or 'ntp' or 'clamav' or 'Fred' or 'joe'. For each name there's an associated, unique number. Each name also belongs to a 'group'. Like a user, a group is just a name with an associated unique number. These four values (user ID, numeric UID, group ID, numeric group ID) are essential parts of the system which implements permissions in Unix-like operating systems. Whenever you use the '-l' option to the 'ls' command you'll see on the left of the resulting table a lot of information about the permissions which the system applies to these 'user' and 'group' IDs (and to 'other' IDs). After the upgrade it appears that you are trying to start a process with a group ID which is not valid, which likely means that EITHER (1) your configuration is telling the system to start the ClamAV daemon process with different owner and group IDs from those which were used last time you started it; at least the group ID does not exist on your system and probably never has done OR (2) someone or something has recently deleted at least the group ID 'clamav' on your system. With the information that you have given I can't tell which of the two explanations is right, but it doesn't really matter. All you need to do is find out what owner ID and group ID *should* be used for clamd (the ClamAV daemon) on your system and EITHER change the configuration file (probably something like /etc/clamav/clamd.conf) to have the right user and group IDs OR create the user and group IDs if they've somehow been deleted. The ClamAV documentation will tell you what you need to change if the change is needed in the clamd configuration file. If you need to create a user or group ID, the operating system documentation for the 'useradd' and 'groupadd' commands should tell you what you need to know. If you have backup copies of the configuration files you could compare them with the new versions and it would immediately be obvious what if anything has changed in the configuration. You keep backups of all sorts of important stuff, right? If you are still unsure what to do you can always remove and purge all the ClamAV packages from your system and then re-install them which in theory will give you a working setup. If it does not then perhaps the Debian package maintainers have done something silly - in that case I should expect to see a lot more messages like yours on this list soon. :/ -- 73, Ged. _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
