vfs modules in samba

These days i am doing the samba vfs modules here is my note about it

 

About vfs modules in the samba:

There are several vfs modules i have checked out:audit, extd_audit,default_quota,recycle,shadow_copy,vscan-clamav

Audit,extd_autit: Just write some audit log the /var/log/messages to record who did what

recycle: it can create a recycle folder for the specific share folder we can set the path and name of the recycle folder.

when we use recycle vfs objects to the specific share folder and if we delete the files under the share folder they will be moved to the recycle folder instead of being deleted.

in the smb.conf we should add the recycle vfs object to the share folder for example:
vfs object=recycle
recycle:repositary=.delete/%U
recycle:keeptree=yes
recycle:directory_mode=0777

 

default_quota:  we can set a default quota for a user with root account.in the smb.conf we should specify the uid of the user we want to set default quota for. for example:
        vfs objects = default_quota
        dequota_quota:uid = 501

shadow_copy: we can see the previous snapshot with this vfs module in xp(i don't know it does not work in windows7)

vscan-clamav: anti-virus module for samba. we should modify the source code of vscan-clamav.
 in vscan-clamav.c:254
change "pstrcpy(filepath, handle->conn->connectpath);" to "pstrcpy(filepath,handle->conn->origpath);"
the connnectpath contains nothing so it doesnot work and we should use origpath which contains the full file path such as /root/test

 

Here i also give my smb.conf and clamd.conf and vscan-clamav.conf

 

smb.conf:

[global] workgroup = MYGROUP server string = Samba Server Version %v log level = 2 syslog = 0 log file = /root/samba.log debug timestamp = yes [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No [root] path = /root public= yes writeable= yes browseable = yes directory mode= 0777 vfs objects = vscan-clamav recycle recycle:repository=.deleted/%U recycle:keeptree = yes recycle:directory_mode=0777 vscan-clamav:config-file=/etc/samba/vscan-clamav.conf guest ok = yes [home] path = /home public= yes writeable= yes browseable = yes directory mode= 0777 guest ok = yes vfs objects = recycle extd_audit recycle:repository=.deleted/%U recycle:keeptree = yes recycle:directory_mode=0777 [ext1] path = /mnt/ext1 public= yes writeable= yes browseable = yes directory mode= 0777 vfs objects = default_quota default_quota:uid=501 default_quota:no_limit=no guest ok = yes [shadow_share] comment = Shadow Copy Enabled Share path = /data/shadow_share vfs objects = shadow_copy writeable = yes browseable = yes public= yes directory mode= 0777

 

clamd.conf:

i Just modify the following record:

LogFile /tmp/clamd.log LogVerbose yes LocalSocket /root/clamd.socket

 

about vscan-clamav.conf

# # /etc/samba/vscan-clamav.conf # [samba-vscan] ; run-time configuration for vscan-samba using ; clamd ; all options are set to default values ; do not scan files larger than X bytes. If set to 0 (default), ; this feature is disable (i.e. all files are scanned) max file size = 10485760 ; log all file access (yes/no). If set to yes, every access will ; be logged. If set to no (default), only access to infected files ; will be logged verbose file logging = no ; if set to yes (default), a file will be scanned while opening scan on open = yes ; if set to yes, a file will be scanned while closing (default is yes) scan on close = yes ; if communication to clamd fails, should access to file denied? ; (default: yes) deny access on error = no ; if daemon failes with a minor error (corruption, etc.), ; should access to file denied? ; (default: yes) deny access on minor error = no ; send a warning message via Windows Messenger service ; when virus is found? ; (default: yes) send warning message = yes ; what to do with an infected file ; quarantine: try to move to quantine directory ; delete: delete infected file ; nothing: do nothing (default) infected file action = quarantine ; where to put infected files - you really want to change this! quarantine directory = /opt/clamav/quarantine ; prefix for files in quarantine quarantine prefix = vir- ; as Windows tries to open a file multiple time in a (very) short time ; of period, samba-vscan use a last recently used file mechanism to avoid ; multiple scans of a file. This setting specified the maximum number of ; elements of the last recently used file list. (default: 100) max lru files entries = 100 ; an entry is invalidad after lru file entry lifetime (in seconds). ; (Default: 5) lru file entry lifetime = 5 ; exclude files from being scanned based on the MIME-type! Semi-colon ; seperated list (default: empty list). Use this with care! exclude file types = ; socket name of clamd (default: /var/run/clamd). Setting will be ignored if ; libclamav is used clamd socket name = /root/clamd.socket ; limits, if vscan-clamav was build for using the clamav library (libclamav) ; instead of clamd ; maximum number of files in archive (default: 1000) libclamav max files in archive = 1000 ; maximum archived file size, in bytes (default: 10 MB) libclamav max archived file size = 5242880 ; maximum recursion level (default: 5) libclamav max recursion level = 5

 

 

About clamd install and complier

download samba-3.0.33.tar.gz, samba-vscan-0.3.6c-beta5.tar.gz

tar zxvf samba-3.0.33.tar.gz

tar zxvf samba-vscan-0.3.6c-beta5.tar.gz

 

mv samba-vscan-0.3.6c-beta5 samba-3.0.33/examples/VFS/

cd samba-3.0.33/source

./configure

make proto

cd samba-3.0.33/examples/VFS/samba-vscan-0.3.6c-beta5

./configure

make clamav

cp vscan-clamav.so /usr/lib/samba/vfs