我是安裝samba 3.0.24版,而clamav是0.93.1
1. 如已安裝samba,查詢原本server所安裝的 samba 版本
# dpkg -l “samba*”
ii samba 3.0.24-6etch10 a LanManager-like file and printer server fo
un samba-client
ii samba-common 3.0.24-6etch10 Samba common files used by both the server a
pn samba-dbg
pn samba-doc
pn samba-doc-ja
pn samba-doc-pdf
un samba-tng-comm
2. 將所需source code download後放置在 /usr/src 目錄下
samba3-vscan-0.4.0-snapshot1 主程式 ( http://www.openantivirus.org/projects.php )
samba-3.0.24.tar.gz samba 原始檔 ( http://samba.org )
(因為安裝的是samba的binary code 但是samba-vscan的編譯仍需要samba source code提供一些函式庫。)
cd /usr/src (裝在/usr/src下)
#tar zxvf samba-3.0.24.tar.gz
#tar zxvf samba3-vscan-0.4.0-snapshot1.tar.gz
3. 安裝編譯samba
# mv samba3-vscan-0.4.0-snapshot1 samba-3.0.24/examples/VFS
# cd samba-3.0.24/source/
# ./configure && make headers
4. 安裝編譯samba-vscan
# cd ../examples/VFS/samba3-vscan-0.4.0-snapshot1
# ./configure && make
5. 設定
# cp vscan-clamav.so /usr/lib/samba/vfs
# cp clamav/vscan-clamav.conf /etc/samba
# cp /etc/samba/vscan-clamav.conf /etc/samba/vscan-clamav.conf.bak
# vi /etc/samba/vscan-clamav.conf
38行 infected file action = nothing 修改成--> infected file action = delete
65行 clamd socket name = /var/run/clamd 修改成--> clamd socket name = /tmp/clamd
#此設定的路徑要和 /etc/clamav/clamd.conf 裡LocalSocket路徑一樣
6. 修改 smb.conf
# cp /etc/samba/smb.conf /etc/samba/smb.conf.bak
# vi /etc/samba/smb.conf
在 [global] 區段中,加入兩行
vfs object = vscan-clamav
vscan-clamav: config-file = /etc/samba/vscan-clamav.conf
會針對全部分享的目錄掃毒,
也可只放在要掃毒的分享目錄中,只針對其一也行
7. 重新啟動 samba 完成
設定檔 vscan-clamav.conf,可做微調,
; do not scan files larger than X bytes. If set to 0 (default),
; this feature is disable (i.e. all files are scanned)
max file size = 5242880 //檔案超過5M就不進行掃毒程序
; if set to yes (default), a file will be scanned while opening
scan on open = no //網芳的檔案開啟時不進行掃毒程序
; if set to yes, a file will be scanned while closing (default is yes)
scan on close = yes //網芳的檔案關閉時進行掃毒程序
如此就不會造成開啟檔案時延遲的等待時間。
參考及引用文件
http://moto.debian.org.tw/viewtopic.php?p=40933&sid=f9f76ec75766356e4611e97c54ac87a8
http://www.xspace.idv.tw/bo_blog/post/109.htm