Samba + Clamd + Samba-Vscan On CentOS 5.2

Submitted by blynch (Contact Author) (Forums) on Fri, 2008-11-28 17:01. :: CentOS | Samba | Security

Samba + Clamd + Samba-Vscan On CentOS 5.2

This is a howto on getting samba + clamav + samba-vscan to work on a CentOS 5.2 system.

1. First let's start by getting clamav installed and functioning.

You can either compile it yourself or use yum to install this via a repo. For this we will create a repo named dag.repo in /etc/yum.repos.d/. Add the following....

[dag]
name=Dag RPM Repository for Red Hat Enterprise Linux
baseurl=http://apt.sw.be/redhat/el$releasever/en/$basearch/dag/
gpgcheck=1
gpgkey=http://dag.wieers.com/packages/RPM-GPG-KEY.dag.txt
enabled=1

2. Install clamd and configure clamd:

yum install clamd.i386

vi /etc/clamd.conf

and change the socket to /var/run/clamav/clamd.sock.

3. Update clamd by running freshclam:

freshclam

4. If you are going through a proxy you can set this up by editing the file /etc/freshclam.conf.

5. Run

chkconfig clamd on

6. Run

service clamd start

7. Create a directory for quarantine. For example:

mkdir /virus

8. Perform a scan of shares and move infections to quarantine.

clamdscan --move=/virus/ /pathtoshares

9. Now we need to install the source code for samba.

10. Verify the current samba version that you have.

rpm -q samba
samba-3.0.28-1.el5_2.1

11. Get the source code for the version of samba that you are running. This can be done with wget.

wget http://mirror.cs.vt.edu/pub/CentOS/5/updates/SRPMS/samba-3.0.28-1.el5_2.1.src.rpm

12. Install via

rpm -ihv samba-3.0.28-1.el5_2.1.src.rpm

13. Extract the samba tar file in /usr/src/redhat/SOURCES:

cd /usr/src/redhat/SOURCES
tar xzvf samba-3-0.28.tar.gz

14. Run ./configure  and make proto in the samba source directory.

cd /usr/src/redhat/SOURCES/samba-3.0.28/sources
./configure
make proto

15. Get samba vscan release 0.3.6cBeta5 if you are using samba3.0.25 or later.

wget http://www.openantivirus.org/download/samba-vscan-0.3.6c-beta5.tar.gz

16. Extract the samba-vscan tarball.

tar xzvf samba-vscan-0.3.6c-beta5.tar.gz

17. Go to that directory.

cd /usr/src/redhat/SOURCES/samba-3.0.28/examples/VFS/samba-vscan-0.3.6c-beta5/

18. Make the backend for clamav:    

make clamav

19. Copy the vscan-clamav.so.    

cp vscan-clamav.so /usr/lib/samba/vfs/

20. Copy the vscan conf file to the samba dir.    

cp clamav/vscan-clamav.conf /etc/samba/

21. Edit /etc/samba/vscan-clamav.conf to your liking making sure that the clamd socket = /var/run/clamav/clamd.sock:

vi /etc/samba/vscan-clamav.conf

vfs object = vscan-clamav  vscan-clamav: config-file = /etc/samba/vscan-clamav.conf 

22. If everything works out, you should probably exclude samba from updating via the nightly yum. To do this just add 

exclude=samba*

to your /etc/yum.conf file.

Bo Lynch


Copyright © 2008 Bo Lynch
All Rights Reserved.
add comment | view as pdf view as pdf | Display a printer-friendly version of this page. print |
Please do not use the comment function to ask for help! If you need help, please use our forum.
Comments will be published after administrator approval.
RPM Packages
Submitted by anandx (registered user) on Mon, 2008-12-29 20:19.

What about packages from http://www.enterprisesamba.com ?

I remember reading that the packages have the vscan compiled in them.

reply | view as pdf view as pdf
outdated
Submitted by Davide (not registered) on Sat, 2008-11-29 09:36.
samba-vscan is an outdated software, the latest upgrade is at 2005!! there's an alternative?
reply | view as pdf view as pdf
Make Changes in DAG file to make it work
Submitted by Girish KG (not registered) on Sat, 2008-12-27 08:30.
[dag]
name=Dag RPM Repository for Red Hat Enterprise Linux
baseurl=http://apt.sw.be/redhat/el5/en/i386/dag/
gpgcheck=1
gpgkey=http://dag.wieers.com/packages/RPM-GPG-KEY.dag.txt
enabled=1
 
 
reply | view as pdf view as pdf