在Debian 下Samba-Vscan安裝步驟

以 apt-get 正常安裝samba 與 clamav。
我是安裝samba 3.0.24版,而clamav是0.93.1

1. 如已安裝samba,查詢原本server所安裝的 samba 版本
# dpkg -l “samba*”
ii samba 3.0.24-6etch10 a LanManager-like file and printer server fo
un samba-client (no description available)
ii samba-common 3.0.24-6etch10 Samba common files used by both the server a
pn samba-dbg (no description available)
pn samba-doc (no description available)
pn samba-doc-ja (no description available)
pn samba-doc-pdf (no description available)
un samba-tng-comm (no description available)

2. 將所需source code download後放置在 /usr/src 目錄下
samba3-vscan-0.4.0-snapshot1 主程式 ( http://www.openantivirus.org/projects.php )
samba-3.0.24.tar.gz samba 原始檔 ( http://samba.org )
(因為安裝的是samba的binary code 但是samba-vscan的編譯仍需要samba source code提供一些函式庫。)

cd /usr/src (裝在/usr/src下)
#tar zxvf samba-3.0.24.tar.gz
#tar zxvf samba3-vscan-0.4.0-snapshot1.tar.gz

3. 安裝編譯samba
# mv samba3-vscan-0.4.0-snapshot1 samba-3.0.24/examples/VFS
# cd samba-3.0.24/source/
# ./configure && make headers

4. 安裝編譯samba-vscan
# cd ../examples/VFS/samba3-vscan-0.4.0-snapshot1
# ./configure && make

5. 設定
# cp vscan-clamav.so /usr/lib/samba/vfs
# cp clamav/vscan-clamav.conf /etc/samba

# cp /etc/samba/vscan-clamav.conf /etc/samba/vscan-clamav.conf.bak
# vi /etc/samba/vscan-clamav.conf

38行 infected file action = nothing 修改成--> infected file action = delete
65行 clamd socket name = /var/run/clamd 修改成--> clamd socket name = /tmp/clamd
#此設定的路徑要和 /etc/clamav/clamd.conf 裡LocalSocket路徑一樣

6. 修改 smb.conf
# cp /etc/samba/smb.conf /etc/samba/smb.conf.bak
# vi /etc/samba/smb.conf
在 [global] 區段中，加入兩行
vfs object = vscan-clamav
vscan-clamav: config-file = /etc/samba/vscan-clamav.conf
會針對全部分享的目錄掃毒，
也可只放在要掃毒的分享目錄中，只針對其一也行

7. 重新啟動 samba 完成

設定檔 vscan-clamav.conf，可做微調，

; do not scan files larger than X bytes. If set to 0 (default),
; this feature is disable (i.e. all files are scanned)
max file size = 5242880 //檔案超過5M就不進行掃毒程序

; if set to yes (default), a file will be scanned while opening
scan on open = no //網芳的檔案開啟時不進行掃毒程序

; if set to yes, a file will be scanned while closing (default is yes)
scan on close = yes //網芳的檔案關閉時進行掃毒程序

如此就不會造成開啟檔案時延遲的等待時間。

參考及引用文件
http://moto.debian.org.tw/viewtopic.php?p=40933&sid=f9f76ec75766356e4611e97c54ac87a8
http://www.xspace.idv.tw/bo_blog/post/109.htm