So, lets arm our Samba to protect users from viruses hidden in the shared directories. In Ubuntu and other *nix distros, we can use free Clamav antivirus plugged in to Samba which is called clamav-scan. *nix distros usually provide ready-to-install binary of clamav-scan. But Ubuntu does not. So you must compile the plug in manually.
Enough for the intro, now we'll begin arming the Samba in Ubuntu (my Ubuntu version is 7.04 feisty fawn) . Don't be rush. You must follow test instruction before proceeding the next step.
1. Prepare package Clamav and supporting packages
apt-get install clamav arj unzoo lha clamav-freshclam clamav-daemon clamav-testfiles build-essential
You may also need build-essential package
Test: Please make sure that we can scan infected files.
clamscan -ir /usr/share/clamav-testfiles
We should see lines like the following:
----------- SCAN SUMMARY -----------
Known viruses: 266917
Engine version: 0.91.2
Scanned directories: 1
Scanned files: 7
Infected files: 6
Data scanned: 0.00 MB
Time: 3.762 sec (0 m 3 s)
2. Prepare packages to install clamav-scan into Samba
apt-get install dpkg-dev
apt-get source samba
apt-get build-dep samba
wget -c http://optusnet.dl.sourceforge.net/sourceforge/openantivirus/samba-vscan-0.3.6b.tar.bz2
3. Compiling
cd samba-3.0.24
./debian/rules configure-stamp
cd source
make proto
cd ../..
tar -jxvf samba-vscan-0.3.6b.tar.bz2 -C /usr/src
cd samba-vscan-0.3.6b
./configure --with-samba-source=/usr/src/samba-3.0.24/source
make && make install
Now the vscan-clamav module is ready to use
4. Configuring Samba to cooperate with vscan-clamav
mkdir /etc/samba/vfs-config
cp /usr/src/samba-vscan-0.3.6b/clamav/vscan-clamav.conf /etc/samba/vfs-config/
change some values in the /etc/../vfs-config/vscan-clamav.conf:
clamd socket name = /var/run/clamav/clamd.ctl
infected files action = quarantine
; By default, the quarantine directory is /tmp
; quarantine directory = /mnt/office-shared-files/.quarantine
Add some values in samba config file: /etc/samba/smb.conf. We may add this line under [global] configuration or specific directory configuration
vfs objects = vscan-clamav
vscan-clamav: config-file = /etc/samba/vfs-config/vscan-clamav.conf
5. We must recompile vscan-clamav if we upgrade our Samba. To lock Samba version from upgrading, we must do this:
echo samba hold | dpkg --set-selections
echo samba install | dpkg --set-selections
6. Now restart Samba
/etc/init.d/samba restart
7. See vscan-clamav in action
- Just copy /usr/share/clamav-testfiles to shared writable directory of Samba so it can be accessed by Windows users. The files inside are harmless to Windows but make clamav assume them as infected files.
- We can see that Samba has denied us from copying the file out. Instead we'll see the files has been moved to /tmp/var-*****.
- Later, we can see that Samba users can not copy infected files into the shared directory of Samba.
References:
- http://www.howtoforge.com/forums/showthread.php?t=3706
- http://www.grape-info.com/doc/linux/config/samba-vscan-0.3.6b-84.html
10 comments:
cd source
./make proto
cd ../..
ada yang salah tuh bosssssssss:
cd source
./make proto
-bash: ./make: No such file or directory
harusnya male proto
Trims, tapi harusnya make proto :D
tanya bos...
gue pake ubuntu 7.10 tapi waktu proses make nya banyak errornya,padahal udah gue ikuti petunjuk diatas........:
Compiling global/vscan-functions.c with -fPIC
In file included from /usr/src/sources/samba3-vscan-0.4.0-snapshot1/include/vscan-global.h:4,
from global/vscan-functions.c:15:
/usr/src/sources/samba-3.0.26a/source/include/includes.h:102:31: error: system/capability.h: No such file or directory
/usr/src/sources/samba-3.0.26a/source/include/includes.h:103:24: error: system/dir.h: No such file or directory
...................
...................
global/vscan-functions.c:203: warning: implicit declaration of function âinet_ptonâ
global/vscan-functions.c: In function âvscan_socket_endâ:
global/vscan-functions.c:251: warning: implicit declaration of function âcloseâ
make: *** [global/vscan-functions.po] Error 1
okto, coba kamu install build-essential deh. Setahu saya itu paket wajib setiap kita mau compile paket
Hey guys,
I'm having the same problem like Okto2005:
Compiling global/vscan-functions.c with -fPIC
In file included from /usr/src/sources/samba3-vscan-0.4.0-snapshot1/include/vscan-global.h:4,
from global/vscan-functions.c:15:
/usr/src/sources/samba-3.0.26a/source/include/includes.h:102:31: error: system/capability.h: No such file or directory
/usr/src/sources/samba-3.0.26a/source/include/includes.h:103:24: error: system/dir.h: No such file or directory
...................
I saw, Ichsan posted a reply, but unfortunately I speak only English and German :)
Can anybody help and translate it to Engish? Thanks!
If you have problem like Okto2005 did, try to apt-get install lib6-dev. The dir.h file belongs to libc6-dev package.
Actually, if you want to compile things, at least you should apt-get install build-essential. Sorry that I didn't include this package.
But, thanks for reminding me. I've just updated the list of required packages.
After instaling libc6-dev, it still doesn't work.
Bartosz, may be your Ubuntu is newer then mine. I haven't checked with the latest Ubuntu yet
kalau samba nya udah keinstall gimana bos ?
install samba nya pake apt-get install samba
ada petunjuk ???
Hi there,
I have used this before with ubuntu 8.04 but it doesn't work with 10.04
At part 3 I get the following error:
:~/samba-3.4.7~dfsg# ./debian/rules configure-stamp
make: *** No rule to make target `configure-stamp'. Stop.
Any suggestions?
Post a Comment