Mailing List Archive

Hi there,

On Fri, 25 Mar 2022, Jean-Claude VERGEROLLE wrote:

> After an apt upgrade, clamav-daemon do not start
>
> System : debian buster 4.19.232-1
> clamav version : 0.103.5+dfsg-0+deb10u1 amd64
>
> I got this in the log /var/log/clamav/clamav.log
> ...
> ...
> Fri Mar 25 13:00:11 2022 -> ERROR: Unknown group clamav
>
> Can you help me ?

Yes. :)

I don't know what has changed nor why it has changed but it's a simple
problem with a simple fix. At a guess there will be something that
you did not tell us about what you've done, perhaps because you don't
know you've done it, but it's possible that the mistake wasn't yours.

Every process which runs on your system is 'owned' by what you can
think of as a 'user'. The user is not necessarily a person. Users
are just names like 'root' or 'ntp' or 'clamav' or 'Fred' or 'joe'.
For each name there's an associated, unique number. Each name also
belongs to a 'group'. Like a user, a group is just a name with an
associated unique number. These four values (user ID, numeric UID,
group ID, numeric group ID) are essential parts of the system which
implements permissions in Unix-like operating systems. Whenever you
use the '-l' option to the 'ls' command you'll see on the left of the
resulting table a lot of information about the permissions which the
system applies to these 'user' and 'group' IDs (and to 'other' IDs).

After the upgrade it appears that you are trying to start a process
with a group ID which is not valid, which likely means that

EITHER

(1) your configuration is telling the system to start the ClamAV
daemon process with different owner and group IDs from those which
were used last time you started it; at least the group ID does not
exist on your system and probably never has done

OR

(2) someone or something has recently deleted at least the group ID
'clamav' on your system.

With the information that you have given I can't tell which of the two
explanations is right, but it doesn't really matter. All you need to
do is find out what owner ID and group ID *should* be used for clamd
(the ClamAV daemon) on your system and EITHER change the configuration
file (probably something like /etc/clamav/clamd.conf) to have the
right user and group IDs OR create the user and group IDs if they've
somehow been deleted.

The ClamAV documentation will tell you what you need to change if the
change is needed in the clamd configuration file. If you need to
create a user or group ID, the operating system documentation for the
'useradd' and 'groupadd' commands should tell you what you need to know.

If you have backup copies of the configuration files you could compare
them with the new versions and it would immediately be obvious what if
anything has changed in the configuration.

You keep backups of all sorts of important stuff, right?

If you are still unsure what to do you can always remove and purge all
the ClamAV packages from your system and then re-install them which in
theory will give you a working setup. If it does not then perhaps the
Debian package maintainers have done something silly - in that case I
should expect to see a lot more messages like yours on this list soon. :/

--

73,
Ged.

_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Hello guys,
Thanks for the reply
The problem is solved.
the file /etc/group was on a 640 mode and the clamd process could not open it.
After changing the mode to 644, the process has started.

Regards

----- On 25 Mar, 2022, at 18:06, clamav-users <clamav-users@lists.clamav.net> wrote:

> Hi there,

> On Fri, 25 Mar 2022, Jean-Claude VERGEROLLE wrote:

> > After an apt upgrade, clamav-daemon do not start

> > System : debian buster 4.19.232-1
> > clamav version : 0.103.5+dfsg-0+deb10u1 amd64

> > I got this in the log /var/log/clamav/clamav.log
> > ...
> > ...
> > Fri Mar 25 13:00:11 2022 -> ERROR: Unknown group clamav

> > Can you help me ?

> Yes. :)

> I don't know what has changed nor why it has changed but it's a simple
> problem with a simple fix. At a guess there will be something that
> you did not tell us about what you've done, perhaps because you don't
> know you've done it, but it's possible that the mistake wasn't yours.

> Every process which runs on your system is 'owned' by what you can
> think of as a 'user'. The user is not necessarily a person. Users
> are just names like 'root' or 'ntp' or 'clamav' or 'Fred' or 'joe'.
> For each name there's an associated, unique number. Each name also
> belongs to a 'group'. Like a user, a group is just a name with an
> associated unique number. These four values (user ID, numeric UID,
> group ID, numeric group ID) are essential parts of the system which
> implements permissions in Unix-like operating systems. Whenever you
> use the '-l' option to the 'ls' command you'll see on the left of the
> resulting table a lot of information about the permissions which the
> system applies to these 'user' and 'group' IDs (and to 'other' IDs).

> After the upgrade it appears that you are trying to start a process
> with a group ID which is not valid, which likely means that

> EITHER

> (1) your configuration is telling the system to start the ClamAV
> daemon process with different owner and group IDs from those which
> were used last time you started it; at least the group ID does not
> exist on your system and probably never has done

> OR

> (2) someone or something has recently deleted at least the group ID
> 'clamav' on your system.

> With the information that you have given I can't tell which of the two
> explanations is right, but it doesn't really matter. All you need to
> do is find out what owner ID and group ID *should* be used for clamd
> (the ClamAV daemon) on your system and EITHER change the configuration
> file (probably something like /etc/clamav/clamd.conf) to have the
> right user and group IDs OR create the user and group IDs if they've
> somehow been deleted.

> The ClamAV documentation will tell you what you need to change if the
> change is needed in the clamd configuration file. If you need to
> create a user or group ID, the operating system documentation for the
> 'useradd' and 'groupadd' commands should tell you what you need to know.

> If you have backup copies of the configuration files you could compare
> them with the new versions and it would immediately be obvious what if
> anything has changed in the configuration.

> You keep backups of all sorts of important stuff, right?

> If you are still unsure what to do you can always remove and purge all
> the ClamAV packages from your system and then re-install them which in
> theory will give you a working setup. If it does not then perhaps the
> Debian package maintainers have done something silly - in that case I
> should expect to see a lot more messages like yours on this list soon. :/

> --

> 73,
> Ged.

> _______________________________________________

> clamav-users mailing list
> clamav-users@lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users

> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq

> http://www.clamav.net/contact.html#ml

--

L'exemplarité ne se délègue pas!

[ mailto: | Jean-Claude VERGEROLLE ]
Direction des systèmes d'information

05 40 00 68 24
[ http://www.u-bordeaux.fr/ ]