Keep current ClamAV configurations during upgrade?

Jul 19, 2019
13
2
43
Hi,

During the install of upgrades (initiated via the GUI), I get a questions about /etc/clamav/clamd.conf and /etc/clamav/freshclam.conf. The question is whether I want to keep the current configuration file, or install the new one (from ClamAV). What should I choose here? I would guess that the new file would be preferred since it may contain new parameters the ClamAV will use but will it break something down within the ProxMox config?

And how will this relate to /var/lib/pmg/templates/clamd.conf.in ?

Thanks a lot for any replies,

Jacco
 
  • Like
Reactions: aasami
The config-files relevant for PMG (postfix config, spamassassin config, clamav config) are handled by the templating system (they get written from the templates in /var/lib/pmg/templates (or if you override them the ones in /etc/pmg/templates).
This happens when you change some configuration in the GUI, run pmgconfig sync , or once per day via systemd-timer

Put shortly you should chose No, however if you don't PMG will reset the config to the one from the template eventually

the reference documentation has a chapter on the templates:
https://pmg.proxmox.com/pmg-docs/pmg-admin-guide.html#pmgconfig_template_engine
 
Sorry guys, for me there i no "NO" option, so based on what I'm reading from @Stoiko Ivanov we should "install the package maintainers version" and PMG templates will push whatever configuration is needed to it.
Agreed?
 

Attachments

  • 21.02.2023_10.35.57_REC.png
    21.02.2023_10.35.57_REC.png
    64.9 KB · Views: 18
"keep the currently installed version" is what I meant with No ...
 
No - pick - "keep the local version currently installed" ...
 
This method works reasonably well until you make modifications.
Normally updates apply the new template without being aware that you have made changes.
That means when a template changes that you have modified, there is no notification that there are changes which might affect your version.
For this reason, every time there is an update you should make sure to manually compare it with your changes and merge any relevant package maintainers modifications. This introduces additional work to stay up to date which is inconsistent with the normal apt update process (which asks which version you want to keep and offers the opportunity to merge changes during the update), and isn't very clear in the documentation. Important security changes may potentially be missed because there is no flagging of those changes during the update process.
 
That means when a template changes that you have modified, there is no notification that there are changes which might affect your version.
that's not true since quite a long while - the templates are handled by `ucf` and you should get asked what to do with the modified template (like you get asked for config-files that you have modified in a plain debian system).
Unless you run apt with noninteractive frontend - or some other option which suppresses the question.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!