/[gentoo]/xml/htdocs/doc/en/quick-samba-howto.xml
Gentoo

Diff of /xml/htdocs/doc/en/quick-samba-howto.xml

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.15 Revision 1.16
1<?xml version='1.0' encoding='UTF-8'?> 1<?xml version='1.0' encoding='UTF-8'?>
2<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/quick-samba-howto.xml,v 1.15 2004/12/21 18:12:19 neysx Exp $ --> 2<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/quick-samba-howto.xml,v 1.16 2005/02/07 19:02:37 swift Exp $ -->
3<!DOCTYPE guide SYSTEM "/dtd/guide.dtd"> 3<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
4<guide link="quick-samba-howto.xml"> 4<guide link="quick-samba-howto.xml">
5<title>Gentoo Samba3/CUPS/Clam AV HOWTO</title> 5<title>Gentoo Samba3/CUPS/ClamAV HOWTO</title>
6<author title="Author"> 6<author title="Author">
7 <mail link="daff at dword dot org">Andreas "daff" Ntaflos</mail> 7 <mail link="daff at dword dot org">Andreas "daff" Ntaflos</mail>
8</author> 8</author>
9<author title="Author"> 9<author title="Author">
10 <mail link="joshua@sungentoo.homeunix.com">Joshua Preston</mail> 10 <mail link="joshua@sungentoo.homeunix.com">Joshua Preston</mail>
18 18
19<!-- The content of this document is licensed under the CC-BY-SA license --> 19<!-- The content of this document is licensed under the CC-BY-SA license -->
20<!-- See http://creativecommons.org/licenses/by-sa/1.0 --> 20<!-- See http://creativecommons.org/licenses/by-sa/1.0 -->
21<license/> 21<license/>
22 22
23<version>1.10</version> 23<version>1.11</version>
24<date>2004-12-21</date> 24<date>2005-02-07</date>
25 25
26<chapter> 26<chapter>
27<title>Introduction to this HOWTO</title> 27<title>Introduction to this HOWTO</title>
28<section> 28<section>
29<title>Purpose</title> 29<title>Purpose</title>
107</p> 107</p>
108 108
109<ul> 109<ul>
110 <li>On the Samba server: 110 <li>On the Samba server:
111 <ul> 111 <ul>
112 <li>Install and configure CLAM-AV</li> 112 <li>Install and configure ClamAV</li>
113 <li>Install and configure Samba</li> 113 <li>Install and configure Samba</li>
114 <li>Install and configure CUPS</li> 114 <li>Install and configure CUPS</li>
115 <li>Adding the printer to CUPS</li> 115 <li>Adding the printer to CUPS</li>
116 <li>Adding the PS drivers for the Windows clients</li> 116 <li>Adding the PS drivers for the Windows clients</li>
117 </ul> 117 </ul>
176Before emerging anything, take a look at the various USE flags 176Before emerging anything, take a look at the various USE flags
177available to Samba. 177available to Samba.
178</p> 178</p>
179 179
180<pre caption="Samba uses the following USE Variables:"> 180<pre caption="Samba uses the following USE Variables:">
181kerberos mysql xml acl cups ldap pam readline python oav 181kerberos mysql xml acl cups ldap pam readline python oav libclamav
182</pre> 182</pre>
183 183
184<p> 184<p>
185Depending on the network topology and the specific requirements of 185Depending on the network topology and the specific requirements of
186the server, the USE flags outlined below will define what to include or 186the server, the USE flags outlined below will define what to include or
274 Provides on-access scanning of Samba shares with FRISK F-Prot 274 Provides on-access scanning of Samba shares with FRISK F-Prot
275 Daemon, Kaspersky AntiVirus, OpenAntiVirus.org ScannerDaemon, Sophos Sweep 275 Daemon, Kaspersky AntiVirus, OpenAntiVirus.org ScannerDaemon, Sophos Sweep
276 (SAVI), Symantec CarrierScan, and Trend Micro (VSAPI). 276 (SAVI), Symantec CarrierScan, and Trend Micro (VSAPI).
277 </ti> 277 </ti>
278</tr> 278</tr>
279<tr>
280 <th><b>libclamav</b></th>
281 <ti>
282 Enable ClamAV as virus scanner.
283 </ti>
284</tr>
279</table> 285</table>
280 286
281<p> 287<p>
282A couple of things worth mentioning about the USE flags and different 288A couple of things worth mentioning about the USE flags and different
283Samba functions include: 289Samba functions include:
327<ul> 333<ul>
328 <li>oav</li> 334 <li>oav</li>
329 <li>cups</li> 335 <li>cups</li>
330 <li>readline</li> 336 <li>readline</li>
331 <li>pam</li> 337 <li>pam</li>
338 <li>libclamav</li>
332</ul> 339</ul>
333 340
334<p> 341<p>
335To optimize performance, size and the time of the build, the 342To optimize performance, size and the time of the build, the
336USE flags are specifically included or excluded. 343USE flags are specifically included or excluded.
337</p> 344</p>
338 345
339<pre caption="Emerge Samba"> 346<pre caption="Emerge Samba">
340<comment>(Note the USE flags!)</comment> 347<comment>(Note the USE flags!)</comment>
341# <i>USE=&quot;oav readline cups pam -python -ldap -kerberos -xml -acl -mysql&quot; emerge net-fs/samba</i> 348# <i>USE=&quot;oav readline cups pam -python -ldap -kerberos -xml -acl -mysql libclamav&quot; emerge net-fs/samba</i>
342</pre> 349</pre>
343 350
344<note> 351<note>
345The following archs will need to add <e>~</e> to their <e>KEYWORDS</e>: x86, 352The following archs will need to add <e>~</e> to their <e>KEYWORDS</e>: x86,
346ppc, sparc, hppa, ia64 and alpha 353ppc, sparc, hppa, ia64 and alpha
351</p> 358</p>
352 359
353</body> 360</body>
354</section> 361</section>
355<section> 362<section>
356<title>Emerging Clam AV</title> 363<title>Emerging ClamAV</title>
357<body> 364<body>
358 365
359<p> 366<p>
360Because the <e>oav</e> USE flag only provides an interface to allow on access 367Because the <e>oav</e> USE flag only provides an interface to allow on access
361virus scanning, the actual virus scanner must be emerged. The scanner 368virus scanning, the actual virus scanner must be emerged. The scanner
362used in this HOWTO is Clam AV. 369used in this HOWTO is ClamAV.
363</p> 370</p>
364 371
365<pre caption="Emerge clam-av"> 372<pre caption="Emerge Clamav">
366# <i>emerge app-antivirus/clamav</i> 373# <i>emerge app-antivirus/clamav</i>
367</pre> 374</pre>
368 375
369</body> 376</body>
370</section> 377</section>
446<comment># We now will implement the on access virus scanner. 453<comment># We now will implement the on access virus scanner.
447# NOTE: By putting this in our [Global] section, we enable 454# NOTE: By putting this in our [Global] section, we enable
448# scanning of ALL shares, you could optionally move 455# scanning of ALL shares, you could optionally move
449# these to a specific share and only scan it.</comment> 456# these to a specific share and only scan it.</comment>
450 457
451<comment># For Samba 3.x</comment> 458<comment># For Samba 3.x. This enables ClamAV on access scanning.</comment>
452vfs object = vscan-clamav 459vfs object = vscan-clamav
453vscan-clamav: config-file = /etc/samba/vscan-clamav.conf 460vscan-clamav: config-file = /etc/samba/vscan-clamav.conf
454
455<comment># For Samba 2.2.x</comment>
456vfs object = /usr/lib/samba/vfs/vscan-clamav.so
457vfs options = config-file = /etc/samba/vscan-clamav.conf
458 461
459<comment># Now we setup our print drivers information!</comment> 462<comment># Now we setup our print drivers information!</comment>
460[print$] 463[print$]
461comment = Printer Drivers 464comment = Printer Drivers
462path = /etc/samba/printer <comment># this path holds the driver structure</comment> 465path = /etc/samba/printer <comment># this path holds the driver structure</comment>
515printer user, like <c>printeruser</c> or <c>printer</c> or 518printer user, like <c>printeruser</c> or <c>printer</c> or
516<c>printme</c> or whatever. It doesn't hurt and it will certainly 519<c>printme</c> or whatever. It doesn't hurt and it will certainly
517protect you from a lot of problems. 520protect you from a lot of problems.
518</warn> 521</warn>
519 522
523<warn>
524Turning on ClamAV on access scanning in the <c>[global]</c> section will slow
525down the performance of your Samba server dramatically.
526</warn>
527
520<p> 528<p>
521Now create the directories required for the minimum configuration of 529Now create the directories required for the minimum configuration of
522Samba to share the installed printer throughout the network. 530Samba to share the installed printer throughout the network.
523</p> 531</p>
524 532
558</pre> 566</pre>
559 567
560</body> 568</body>
561</section> 569</section>
562<section> 570<section>
563<title>Configuring Clam AV</title> 571<title>Configuring ClamAV</title>
564<body> 572<body>
565 573
566<p> 574<p>
567The configuration file specified to be used in <path>smb.conf</path> is 575The configuration file specified to be used in <path>smb.conf</path> is
568<path>/etc/samba/vscan-clamav.conf</path>. While these options are set 576<path>/etc/samba/vscan-clamav.conf</path>. While these options are set
624<comment>; an entry is invalidated after lru file entry lifetime (in seconds). 632<comment>; an entry is invalidated after lru file entry lifetime (in seconds).
625; (Default: 5)</comment> 633; (Default: 5)</comment>
626lru file entry lifetime = 5 634lru file entry lifetime = 5
627 635
628<comment>; socket name of clamd (default: /var/run/clamd)</comment> 636<comment>; socket name of clamd (default: /var/run/clamd)</comment>
629clamd socket name = /var/run/clamd 637clamd socket name = /tmp/clamd
638
639<comment>; port number the ScannerDaemon listens on</comment>
640oav port = 8127
630</pre> 641</pre>
631 642
632<p> 643<p>
633It is generally a good idea to start the virus scanner immediately. Add 644It is generally a good idea to start the virus scanner immediately. Add
634it to the <e>default</e> runlevel and then start the <c>clamd</c> service immediately. 645it to the <e>default</e> runlevel and then start the <c>clamd</c> service
646immediately. The service has two processes: freshclam keeps the virus definition
647database up to date while clamd is the actual anti-virus daemon. First you may
648want to set the paths of the logfiles so that it fits your needs.
649</p>
650
651<pre caption="Checking the location of the logfiles">
652# <i>vim /etc/clamd.conf</i>
653<comment>(Check the line "LogFile /var/log/clamd.log")</comment>
654# <i>vim /etc/freshclam.conf</i>
655<comment>(Check the line "UpdateLogFile /var/log/freshclam.log")</comment>
656# <i>vim /etc/conf.d/clamd</i>
657<comment>(Set "START_CLAMD=yes" and "START_FRESHCLAM=yes")</comment>
658</pre>
659
660<p>
661Now fire up the virus scanner.
635</p> 662</p>
636 663
637<pre caption="Add clamd to bootup and start it"> 664<pre caption="Add clamd to bootup and start it">
638# <i>rc-update add clamd default</i> 665# <i>rc-update add clamd default</i>
639# <i>/etc/init.d/clamd start</i> 666# <i>/etc/init.d/clamd start</i>

Legend:
Removed from v.1.15  
changed lines
  Added in v.1.16

  ViewVC Help
Powered by ViewVC 1.1.20