Plugin ClamAV - AllowSupplementaryGroups true

  • Hi...
    Yesterday i'd fixed a problem on a server where the clamav-milter didn't start.
    The problem was the parameter


    AllowSupplementaryGroups true

    In the documentation the parameter is only allowed if the daemon is running under root


    AllowSupplementaryGroups BOOL

    Initialize supplementary group access (clamd must be started by root).
    Default: no

    I think this should be fixed in the next version

  • Ref: Clamav


  • @TheCry

    The AllowSupplementaryGroup is no longer supported by latest ClamAV daemon and this issue has been already addressed.

    CHANGELOG from ClamAV plugin v1.3.0 was:

    • Enhancement: Automatically initialize ClamAV databases
    • Enhancement: Automatically install distribution packages
    • Fixed: Delay restart of ClamAV services on i-MSCP upgrade/reconfiguration
    • Fixed: Don't raise error on plugin uninstallation if clamav-milter configuration file is missing (package removed)
    • Fixed: Stop and disable ClamAV services on plugin deactivation
    • Fixed: Quote any metacharacter in clamav-milter option regexp
    • Removed: `AllowSupplementaryGroups` configuration parameter (no supported by clamav-milter version ≥ 0.99.2)
    • Removed: Support for i-MSCP 1.3.x Serie

    As you can see, the plugin no longer handles the AllowSupplementaryGroups parameter. Clamav version under Stretch is 0.99.2.

    1. root@stretch:~# clamd --version
    2. ClamAV 0.99.2

    My thinking is that @web4you was affected by the bug (deprecated parameter not removed) and that scenario must not be handled by our plugin. That is a pure administration task which must be addressed by the administrator itself, as part of the distribution upgrade process. As he say himself in his first post:

    After my nearly perfect upgrade to Debian 9.1 and I-MSCP 1.5.1 ...

    On a fresh Debian 9.1/Stretch install, there is no such problem. Upgrading a system is not just about running APT ;) It is also about checking for possible changes to do in service configuration files, here ClamAV. An administrator should be able to address such upgrade issue without asking us.