nightmorph 08/05/02 04:46:22 Modified: quick-samba-howto.xml Log: Now it's just a CUPS/Samba guide, as the samba patches that allowed integration with ClamAV were dropped some time ago, as they don't work/are not maintained. bug 219799
Revision Changes Path 1.40 xml/htdocs/doc/en/quick-samba-howto.xml file : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/quick-samba-howto.xml?rev=1.40&view=markup plain: http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/quick-samba-howto.xml?rev=1.40&content-type=text/plain diff : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/quick-samba-howto.xml?r1=1.39&r2=1.40 Index: quick-samba-howto.xml =================================================================== RCS file: /var/cvsroot/gentoo/xml/htdocs/doc/en/quick-samba-howto.xml,v retrieving revision 1.39 retrieving revision 1.40 diff -u -r1.39 -r1.40 --- quick-samba-howto.xml 20 Dec 2007 19:13:21 -0000 1.39 +++ quick-samba-howto.xml 2 May 2008 04:46:22 -0000 1.40 @@ -1,10 +1,10 @@ <?xml version='1.0' encoding='UTF-8'?> -<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/quick-samba-howto.xml,v 1.39 2007/12/20 19:13:21 swift Exp $ --> +<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/quick-samba-howto.xml,v 1.40 2008/05/02 04:46:22 nightmorph Exp $ --> <!DOCTYPE guide SYSTEM "/dtd/guide.dtd"> <guide link="/doc/en/quick-samba-howto.xml"> -<title>Gentoo Samba3/CUPS/ClamAV HOWTO</title> +<title>Gentoo Samba3/CUPS HOWTO</title> <author title="Author"> Andreas "daff" Ntaflos <!--daff at dword dot org--> @@ -17,17 +17,16 @@ </author> <abstract> -Setup, install and configure a Samba Server under Gentoo that shares files, -printers without the need to install drivers and provides automatic virus -scanning. +Setup, install and configure a Samba server under Gentoo that shares files and +printers without the need to install drivers. </abstract> <!-- The content of this document is licensed under the CC-BY-SA license --> <!-- See http://creativecommons.org/licenses/by-sa/2.5 --> <license/> -<version>1.24</version> -<date>2007-12-20</date> +<version>1.25</version> +<date>2008-05-01</date> <chapter> <title>Introduction to this HOWTO</title> @@ -52,7 +51,7 @@ This HOWTO originally started not as a HOWTO, but as a FAQ. It was intended to explore the functionality and power of the Gentoo system, portage and the flexibility of USE flags. Like so many other projects, it was quickly discovered -what was missing in the Gentoo realm: there weren't any Samba HOWTO's catered +what was missing in the Gentoo realm: there weren't any Samba HOWTOs catered for Gentoo users. These users are more demanding than most; they require performance, flexibility and customization. This does not however imply that this HOWTO was not intended for other distributions; rather that it was designed @@ -61,9 +60,7 @@ <p> This HOWTO will describe how to share files and printers between Windows PCs and -*nix PCs. It will also demonstrate the use of the VFS (Virtual File System) -feature of Samba to incorporate automatic virus protection. As a finale, it will -show you how to mount and manipulate shares. +*nix PCs. It will also show you how to mount and manipulate shares. </p> <p> @@ -113,7 +110,6 @@ <ul> <li>On the Samba server: <ul> - <li>Install and configure ClamAV</li> <li>Install and configure Samba</li> <li>Install and configure CUPS</li> <li>Adding the printer to CUPS</li> @@ -147,24 +143,20 @@ <ul> <li>net-fs/samba</li> - <li>app-antivirus/clamav</li> <li>net-print/cups</li> <li>net-print/foomatic</li> <li>net-print/hplip (if you have an HP printer)</li> <li>A kernel of sorts (2.6)</li> - <li>A printer (PS or non-PS, maybe not TOO new or fancy)</li> + <li>A printer (PS or non-PS)</li> <li> A working network (home/office/etc) consisting of more than one machine) </li> </ul> <p> -The main package we use here is net-fs/samba, however, you will need a kernel -with cifs support enabled in order to mount a samba or windows share from +The main package we use here is <c>net-fs/samba</c>, however, you will need a +kernel with CIFS support enabled in order to mount a Samba or Windows share from another computer. CUPS will be emerged if it is not already. -app-antivirus/clamav will be used also, but others should be easily adapted to -work with Samba. Gentoo's samba ebuild supports all kinds of virus scanning -technologies, such as Sophos, FProt, Fsav, Trend, Icap, Nai, ... </p> </body> @@ -183,7 +175,7 @@ </p> <pre caption="Samba uses the following USE Variables:"> -kerberos acl cups ldap pam readline python oav winbind +kerberos acl cups ldap pam readline python winbind </pre> <p> @@ -256,14 +248,6 @@ </ti> </tr> <tr> - <th><b>oav</b></th> - <ti> - Provides on-access scanning of Samba shares with FRISK F-Prot Daemon, - Kaspersky AntiVirus, OpenAntiVirus.org ScannerDaemon, Sophos Sweep (SAVI), - Symantec CarrierScan, and Trend Micro (VSAPI). - </ti> -</tr> -<tr> <th><b>winbind</b></th> <ti> Winbind allows for a unified logon within a Samba environment. It uses a @@ -318,7 +302,6 @@ </p> <ul> - <li>oav</li> <li>cups</li> <li>readline</li> <li>pam</li> @@ -330,7 +313,7 @@ </p> <pre caption="Emerge Samba"> -# <i>echo "net-fs/samba oav readline cups pam" >> /etc/portage/package.use</i> +# <i>echo "net-fs/samba readline cups pam" >> /etc/portage/package.use</i> # <i>emerge net-fs/samba</i> </pre> @@ -341,22 +324,6 @@ </body> </section> <section> -<title>Emerging ClamAV</title> -<body> - -<p> -Because the <e>oav</e> USE flag only provides an interface to allow on access -virus scanning, the actual virus scanner must be emerged. The scanner used in -this HOWTO is ClamAV. -</p> - -<pre caption="Emerge Clamav"> -# <i>emerge app-antivirus/clamav</i> -</pre> - -</body> -</section> -<section> <title>Emerging foomatic</title> <body> @@ -429,14 +396,6 @@ security = share <comment># No passwords, so we're going to use a guest account!</comment> guest ok = yes -<comment># We now will implement the on access virus scanner. -# NOTE: By putting this in our [Global] section, we enable -# scanning of ALL shares, you could optionally move -# these to a specific share and only scan it.</comment> - -<comment># For Samba 3.x. This enables ClamAV on access scanning.</comment> -vfs object = vscan-clamav -vscan-clamav: config-file = /etc/samba/vscan-clamav.conf <comment># Now we setup our print drivers information!</comment> [print$] @@ -498,11 +457,6 @@ from a lot of problems. </warn> -<warn> -Turning on ClamAV on access scanning in the <c>[global]</c> section will slow -down the performance of your Samba server dramatically. -</warn> - <p> Now create the directories required for the minimum configuration of Samba to share the installed printer throughout the network. @@ -546,107 +500,6 @@ </body> </section> <section> -<title>Configuring ClamAV</title> -<body> - -<p> -The configuration file specified to be used in <path>smb.conf</path> is -<path>/etc/samba/vscan-clamav.conf</path>. While these options are set to the -defaults, the infected file action may need to be changed. -</p> - -<pre caption="/etc/samba/vscan-clamav.conf"> -[samba-vscan] -<comment>; run-time configuration for vscan-samba using -; clamd -; all options are set to default values</comment> - -<comment>; do not scan files larger than X bytes. If set to 0 (default), -; this feature is disable (i.e. all files are scanned)</comment> -max file size = 0 - -<comment>; log all file access (yes/no). If set to yes, every access will -; be logged. If set to no (default), only access to infected files -; will be logged</comment> -verbose file logging = no - -<comment>; if set to yes (default), a file will be scanned while opening</comment> -scan on open = yes -<comment>; if set to yes, a file will be scanned while closing (default is yes)</comment> -scan on close = yes - -<comment>; if communication to clamd fails, should access to file denied? -; (default: yes)</comment> -deny access on error = yes - -<comment>; if daemon fails with a minor error (corruption, etc.), -; should access to file denied? -; (default: yes)</comment> -deny access on minor error = yes - -<comment>; send a warning message via Windows Messenger service -; when virus is found? -; (default: yes)</comment> -send warning message = yes - -<comment>; what to do with an infected file -; quarantine: try to move to quantine directory; delete it if moving fails -; delete: delete infected file -; nothing: do nothing</comment> -infected file action = <comment>delete</comment> - -<comment>; where to put infected files - you really want to change this! -; it has to be on the same physical device as the share!</comment> -quarantine directory = /tmp -<comment>; prefix for files in quarantine</comment> -quarantine prefix = vir- - -<comment>; as Windows tries to open a file multiple time in a (very) short time -; of period, samba-vscan use a last recently used file mechanism to avoid -; multiple scans of a file. This setting specified the maximum number of -; elements of the last recently used file list. (default: 100)</comment> -max lru files entries = 100 - -<comment>; an entry is invalidated after lru file entry lifetime (in seconds). -; (Default: 5)</comment> -lru file entry lifetime = 5 - -<comment>; socket name of clamd (default: /var/run/clamd)</comment> -clamd socket name = /tmp/clamd - -<comment>; port number the ScannerDaemon listens on</comment> -oav port = 8127 -</pre> - -<p> -It is generally a good idea to start the virus scanner immediately. Add it to -the <e>default</e> runlevel and then start the <c>clamd</c> service immediately. -The service has two processes: freshclam keeps the virus definition database up -to date while clamd is the actual anti-virus daemon. First you may want to set -the paths of the logfiles so that it fits your needs. -</p> - -<pre caption="Checking the location of the logfiles"> -# <i>vim /etc/clamd.conf</i> -<comment>(Check the line "LogFile /var/log/clamd.log")</comment> -# <i>vim /etc/freshclam.conf</i> -<comment>(Check the line "UpdateLogFile /var/log/freshclam.log")</comment> -# <i>vim /etc/conf.d/clamd</i> -<comment>(Set "START_CLAMD=yes" and "START_FRESHCLAM=yes")</comment> -</pre> - -<p> -Now fire up the virus scanner. -</p> - -<pre caption="Add clamd to bootup and start it"> -# <i>rc-update add clamd default</i> -# <i>/etc/init.d/clamd start</i> -</pre> - -</body> -</section> -<section> <title>Configuring CUPS</title> <body> @@ -1006,7 +859,7 @@ </note> <p> -Now is time to configure our kernel to support cifs. Since I'm assuming +Now is time to configure our kernel to support CIFS. Since I'm assuming we've all compiled at least one kernel, we'll need to make sure we have all the right options selected in our kernel. For simplicity's sake, make it a module for ease of use. It is the author's opinion that kernel modules are a good thing @@ -1070,7 +923,7 @@ <p> That should be it. You should now have a successful printing enviroment that is -friendly to both Windows and *nix as well as a fully virus-free working share! +friendly to both Windows and *nix as well as a working share! </p> </body> -- [email protected] mailing list
