So we have a fully functional file server and primary domain controller now. However, you may want to add some nice additional features to it, such as antivirus support to detect and quarantine viruses in real time.
Samba-vscan is a proof-of-concept module for Samba, which uses the VFS (virtual file system) features of Samba 2.2.x/3.0 to provide an on-access Samba anti-virus
. Samba-vscan currently supports several antivirus softwares, including ClamAV, which we will use as the backend antivirus engine.
We already discussed ClamAV installation and configuration in a previous document, so we won't dwell upon it now and I assume you already have a clamd daemon up and running on the file server itself or on another machine.
Compiling Samba-vscan requires the prior installation of the following packages:
As a preliminary step, we will also need to "make proto" the Samba port; therefore, go to the /usr/ports/obj/samba/w-samba-x.x.x-cups-ldap/samba-x.x.x/source/ directory and edit the autogen.sh file, by replacing the first lines after the initial comments with:
TESTAUTOHEADER="autoheader-2.61" TESTAUTOCONF="autoconf-2.61"
Then, still from within that directory, run:
# ./autogen.sh [ ... ] # ./configure [ ... ] # make proto [ ... ]
Now we are ready to download, extract and compile Samba-vscan:
# tar -zxvf samba-vscan-x.x.x.tar.gz [ ... ] # cd samba-vscan-x.x.x/ # env LDFLAGS=-L/usr/local/lib/ CPPFLAGS=-I/usr/local/include/ ./configure \ > --with-samba-source=/usr/ports/obj/samba/w-samba-x.x.x-cups-ldap/samba-x.x.x/source/ [ ... ] # gmake clamav [ ... ] # cp vscan-clamav.so /usr/local/lib/samba/vfs/ # cp clamav/vscan-clamav.conf /etc/samba/
The configuration file for Samba-vscan (with ClamAV support) is named /etc/samba/vscan-clamav.conf:
[samba-vscan] max file size = 10485760 verbose file logging = no scan on open = yes scan on close = yes deny access on error = no deny access on minor error = no send warning message = yes infected file action = nothing quarantine directory = /var/clamav/quarantine/ quarantine prefix = vir- max lru files entries = 100 lru file entry lifetime = 5 exclude file types = scan archives = yes clamd socket name = /var/clamav/clamd.sock libclamav max files in archive = 1000 libclamav max archived file size = 10485760 libclamav max recursion level = 5
The last step is updating Samba configuration to include antivirus support by adding the following lines in each section corresponding to a share you want to protect against viruses, or in the [global] section if you want to protect all of your shares.
vfs object = vscan-clamav
vscan-clamav: config-file = /etc/samba/vscan-clamav.conf
and reload Samba configuration:
# pkill -HUP smbd