作者 主題: samba3.23c+clamav問題已爬文過(已解決)  (閱讀 8375 次)

0 會員 與 1 訪客 正在閱讀本文。

moveboy

  • 活潑的大學生
  • ***
  • 文章數: 227
    • 檢視個人資料
我是用rpm安裝clamav-0.91.2-1+clamav-server-0.91.2-1作業系統是
fc6!clamd跟freshclam都很正常運作了
但是在smb.conf的global
理設上
vfs object = vscan-clamav
vscan-clamav:config-file = /etc/samba/vscan-clamav.conf
卻出現錯誤訊息
有照去作設定了!
還是這樣說可以幫我看一下嗎?我的設定那裡出問題了?
[samba-vscan]
; run-time configuration for vscan-samba using
; clamd
; all options are set to default values

; do not scan files larger than X bytes. If set to 0 (default),
; this feature is disable (i.e. all files are scanned)
max file size = 0

; log all file access (yes/no). If set to yes, every access will
; be logged. If set to no (default), only access to infected files
; will be logged
verbose file logging = no

; if set to yes (default), a file will be scanned while opening
scan on open = yes
; if set to yes, a file will be scanned while closing (default is yes)
scan on close = yes

; if communication to clamd fails, should access to file denied?
; (default: yes)
deny access on error = yes

; if daemon files with a minor error (corruption, etc.),
; should access to file denied?
; (default: yes)
deny access on minor error = yes

; send a warning message via Windows Messenger service
; when virus is found?
; (default: yes)
send warning message = yes

; what to do with an infected file
; quarantine: try to move to quantine directory
; delete:     delete infected file
; nothing:    do nothing (default)
infected file action = quarantine

; where to put infected files - you really want to change this!
quarantine directory  = /quarantine

; prefix for files in quarantine
quarantine prefix = vir-

; as Windows tries to open a file multiple time in a (very) short time
; of period, samba-vscan use a last recently used file mechanism to avoid
; multiple scans of a file. This setting specified the maximum number of
; elements of the last recently used file list. (default: 100)
max lru files entries = 100

; an entry is invalidad after lru file entry lifetime (in seconds).
; (Default: 5)
lru file entry lifetime = 5

; exclude files from being scanned based on the MIME-type! Semi-colon
; seperated list (default: empty list). Use this with care!
exclude file types =


; socket name of clamd (default: /var/run/clamd). Setting will be ignored if
; libclamav is used
clamd socket name = /var/run/clamd

; limits, if vscan-clamav was build for using the clamav library (libclamav)
; instead of clamd

; maximum number of files in archive (default: 1000)
libclamav max files in archive = 1000

; maximum archived file size, in bytes (default: 10 MB)
libclamav max archived file size = 10485760

; maximum recursion level (default: 5)
libclamav max recursion level = 5




Aug 30 14:16:22 localhost smbd[28979]:   Can't find a vfs module [vscan-clamav]
Aug 30 14:16:22 localhost smbd[28979]: [2007/08/30 14:16:22, 0] smbd/vfs.c:smbd_vfs_init(337)
Aug 30 14:16:22 localhost smbd[28979]:   smbd_vfs_init: vfs_init_custom failed for vscan-clamav
Aug 30 14:16:22 localhost smbd[28979]: [2007/08/30 14:16:22, 0] smbd/service.c:make_connection_snum(786)
Aug 30 14:16:22 localhost smbd[28979]:   vfs_init failed for service IPC$
Aug 30 14:16:22 localhost kernel: ata1: spurious interrupt (irq_stat 0x4 active_tag -84148995 sactive 0x3)
Aug 30 14:16:23 localhost last message repeated 2 times
不知道那裡設錯了!
請指點一下迷津!

Darkhero

  • 酷!學園 學長們
  • 俺是博士!
  • *****
  • 文章數: 3728
  • 性別: 男
    • 檢視個人資料
    • ㄚ凱隨手紀
samba3.23c+clamav問題已爬文過(已解決)
« 回覆 #1 於: 2007-08-30 15:23 »
引用
Aug 30 14:16:22 localhost smbd[28979]: Can't find a vfs module [vscan-clamav]


看樣子你似乎沒有裝上 samba-clamav 的 vfs 模組?

以 Mandriva 2007.1 來說,需要安裝 samba-vscan-clamav 這個套件才會有相關的模組的樣子喔....
希望我們的討論是為了把問題解決,而不是爭論誰對誰錯.
『灌水才是重點,發文只是順便』
『我寧可讓不會釣魚的工程師餓死,也不想讓會餓死的工程師去攪沉公司....』
Blog: http://blog.darkhero.net/
秘密基地: http://www.darkhero.net/comic/
目前服務的網站: http://www.libook.com.tw/

moveboy

  • 活潑的大學生
  • ***
  • 文章數: 227
    • 檢視個人資料
samba3.23c+clamav問題已爬文過(已解決)
« 回覆 #2 於: 2007-08-30 15:27 »
引述: "Darkhero"
引用
Aug 30 14:16:22 localhost smbd[28979]: Can't find a vfs module [vscan-clamav]


看樣子你似乎沒有裝上 samba-clamav 的 vfs 模組?

以 Mandriva 2007.1 來說,需要安裝 samba-vscan-clamav 這個套件才會有相關的模組的樣子喔....

可是我有照
http://apt.nc.hcc.edu.tw/web/student_server_FC5/appendix.html#samba_vscan去作阿
wget http://nchc.dl.sourceforge.net/sourceforge/openantivirus/samba-vscan-0.3.6b.tar.bz2
tar jxvf samba-vscan-0.3.6b.tar.bz2
mv samba-vscan-0.3.6b samba-3.0.23/examples/VFS
cd samba-3.0.23/source
./configure && make headers

cd ../examples/VFS/samba-vscan-0.3.6b
./configure && make

cp vscan-clamav.so /usr/lib/samba/vfs
cp clamav/vscan-clamav.conf /etc/samba

cp /etc/samba/vscan-clamav.conf /etc/samba/vscan-clamav.conf.bak
vi /etc/samba/vscan-clamav.conf

moveboy

  • 活潑的大學生
  • ***
  • 文章數: 227
    • 檢視個人資料
samba3.23c+clamav問題已爬文過(已解決)
« 回覆 #3 於: 2007-08-30 15:36 »
引述: "Darkhero"
引用
Aug 30 14:16:22 localhost smbd[28979]: Can't find a vfs module [vscan-clamav]


看樣子你似乎沒有裝上 samba-clamav 的 vfs 模組?

以 Mandriva 2007.1 來說,需要安裝 samba-vscan-clamav 這個套件才會有相關的模組的樣子喔....

證據如下:
cd /usr/lib/samba/vfs
[root@localhost vfs]# ls
vscan-clamav.so

paulso

  • 俺是博士!
  • *****
  • 文章數: 1966
    • 檢視個人資料
samba3.23c+clamav問題已爬文過(已解決)
« 回覆 #4 於: 2007-08-30 17:48 »
我剛才安裝, 成功

使用 tarball 版 Clamav, rpm 版 samba 3.0.23c (CentOS4)

cd /usr/local/src/
wget ftp://ftp.ring.gr.jp/pub/net/samba/old-versions/samba-3.0.23c.tar.gz
wget http://nchc.dl.sourceforge.net/sourceforge/openantivirus/samba-vscan-0.3.6b.tar.bz2
bzip2 -d samba-vscan-0.3.6b.tar.bz2
tar xvf samba-vscan-0.3.6b.tar
tar zxvf samba-3.0.23c.tar.gz
cd samba-3.0.23c/sources
./configure
make headers
cd ..
cp -ra ../samba-vscan-0.3.6b examples/VFS
cd examples/VFS/samba-vscan-0.3.6b/
./configure
make
cp vscan-clamav.so /usr/lib/samba/vfs
cp ./clamav/vscan-clamav.conf /etc/samba

vi /etc/samba/smb.conf

// put at [global]

vfs object = vscan-clamav
vscan-oav: config-file = /etc/samba/vscan-clamav.conf

vi /etc/samba/vscan-clamav.conf

// according ~clamav/etc/clamd.conf 's "LocalSocket"
clamd socket name = /tmp/clamd.socket

chen@com

  • 可愛的小學生
  • *
  • 文章數: 2
    • 檢視個人資料
samba3.23c+clamav問題已爬文過(已解決)
« 回覆 #5 於: 2007-08-31 09:55 »
建议还是花点银子选择专门的samba防护吧,用这个组合不太好,我用过一段时间太慢了,最后关闭了。

moveboy

  • 活潑的大學生
  • ***
  • 文章數: 227
    • 檢視個人資料
samba3.23c+clamav問題已爬文過(已解決)
« 回覆 #6 於: 2007-09-06 16:49 »
引述: "paulso"
我剛才安裝, 成功

使用 tarball 版 Clamav, rpm 版 samba 3.0.23c (CentOS4)

cd /usr/local/src/
wget ftp://ftp.ring.gr.jp/pub/net/samba/old-versions/samba-3.0.23c.tar.gz
wget http://nchc.dl.sourceforge.net/sourceforge/openantivirus/samba-vscan-0.3.6b.tar.bz2
bzip2 -d samba-vscan-0.3.6b.tar.bz2
tar xvf samba-vscan-0.3.6b.tar
tar zxvf samba-3.0.23c.tar.gz
cd samba-3.0.23c/sources
./configure
make headers
cd ..
cp -ra ../samba-vscan-0.3.6b examples/VFS
cd examples/VFS/samba-vscan-0.3.6b/
./configure
make
cp vscan-clamav.so /usr/lib/samba/vfs
cp ./clamav/vscan-clamav.conf /etc/samba

vi /etc/samba/smb.conf

// put at [global]

vfs object = vscan-clamav
vscan-oav: config-file = /etc/samba/vscan-clamav.conf

vi /etc/samba/vscan-clamav.conf

// according ~clamav/etc/clamd.conf 's "LocalSocket"
clamd socket name = /tmp/clamd.socket



現在才回覆真不好意思
可是我照您的辦法去裝也是這樣說
真是有夠氣的為啥我就是裝不好
就已經試過好幾種辦法了
怎麼弄都弄不好說
也是用clamav tar去安裝成功了阿
但是只要照您上面作法去作就是不行
會出現錯誤訊息
 Can't find a vfs module [vscan-clamav]
Sep  6 16:47:18 localhost smbd[12274]: [2007/09/06 16:47:18, 0] smbd/vfs.c:smbd_vfs_init(337)
Sep  6 16:47:18 localhost smbd[12274]:   smbd_vfs_init: vfs_init_custom failed for vscan-clamav
Sep  6 16:47:18 localhost kernel: ata1: spurious interrupt (irq_stat 0x4 active_tag -84148995 sactive 0x3)
Sep  6 16:47:18 localhost smbd[12274]: [2007/09/06 16:47:18, 0] smbd/service.c:make_connection_snum(786)
Sep  6 16:47:18 localhost smbd[12274]:   vfs_init failed for service IPC$
Sep  6 16:47:18 localhost smbd[12275]: [2007/09/06 16:47:18, 0] smbd/vfs.c:vfs_

hankce

  • 懷疑的國中生
  • **
  • 文章數: 61
    • 檢視個人資料
分享一下..samba clamav..tarball安裝..
« 回覆 #7 於: 2007-09-14 21:39 »
用原始碼安裝的,作業系統是slackware 11
建議都用source code安裝唷..通常是版本問題..
用原始碼安裝的,作業系統是slackware 11

samba-3.0.23c.tar.gz
samba-vscan-0.3.5-beta1
#wget http://us4.samba.org/samba/ftp/old-versions/samba-3.0.23c.tar.gz
#wget http://www.openantivirus.org/snapshots/samba-vscan-0.3.5-beta1.tar.bz2
安裝samba
#/extp/src/samba/
#tar -zxf samba-3.0.23c.tar.gz
#cd samba-3.0.23c/source/
#./configure --prefix=/usr/local/samba --enable-vfs
#make proto
#make
#make install
#cd ..
安裝vscan
#tar -zxvf samba-vscan-0.3.5-beta1.tar.gz
samba-vscan-0.3.5-beta1到Samba 原始碼下的 example/VFS/ 資料夾,
#mv samba-vscan-0.3.5-beta1 /path/to/samba-source/example/VFS/
#mv samba-vscan-0.3.5-beta1 /extp/src/SAMBA/samba-3.0.23c/examples/VFS/
#cd samba-vscan-0.3.5-beta1
#./configure \
#  --prefix=/usr/local/samba/samba-vscan \
#  --with-samba-version=../../../source/include/version.h
# make clamav
(***** 不用執行make install *****)
把 vscan-clamav.so 和 vscran-clamav.conf 複到 Samba Server 下
cp vscan-clamav.so /usr/local/samba/lib/vfs
cp clamav/vscan-clamav.conf /usr/local/samba/lib

設定 vscan-scan
cd /usr/local/samba/lib
vi vscan-clamav.conf
   max file size = 0      #掃瞄檔案的SIZE上限,"0"是沒有限制
   verbose file logging = no   #如果"yes"所有存取也會記錄下如果是"no",
                 #只會存取感染了的檔案
   scan on open = yes      #開機是否掃瞄
   scan on close = yes      #關機是否掃瞄
   deny access on error = yes   #如果和clamd 連接錯誤
               #是否不能存取那些被保護的檔案
   deny access on minor error= yes   #如果和daemon files發生錯誤,
               #是否不能存取那些被保護的檔案
   send warning message = yes   #是否發出"警告popup視窗"給windows
   infected file action=quarantine   #怎樣去處理被感染的檔案:
               #quarantine: 嘗試移動去隔離區
               #如果移動不成功將會刪除
               #delete 刪除被感染的檔案
               #nothing: 不做任何動作   
   quarantine directory = /tmp/clamav/quarantine
               # 隔離區的位置
   quarantine prefix =vir-      # 被移動去隔離區的檔案加上字首
   max lru files entries = 100
   lru file entry lifetime = 5
   exclude file types =
   clamd socket name = /usr/local/clamav/var/run/clamav.sock    
               # sock位置
   libclamav max files in archive = 1000
   libclamav max archived file size = 10 * 1048576   
   libclamav max recursion level = 5   

clamav 安裝
下載http://sourceforge.net/project/showfiles.php?group_id=86638&package_id=90197
# groupadd clamav
# useradd -g clamav -s /bin/false clamav
# ./configure -prefix=/usr/local/clamav
# make
# make check
# make install
請在/usr/local/clamav/etc/clamd.conf修改以下的設定
# Comment or remove the line below.
# Example
^^^一定要comment 這句
LocalSocket  /usr/local/clamav/var/run/clamav.sock
(這個設定的路徑一定要和vscan-clamad.conf 裏的clamd socket name相同)
smb.conf修改以下的設定
############適用於utf8 必需使用putty#####
dos charser = cp950
display charset = UTF8
unixcharser=UTF8
########################################
例如想在"public"裏在實時掃瞄電腦病毒
[public]
    comment = virus-protected /public directory
    path = /public
    vfs object = vscan-clamav
    vscan-clamav: config-file = /path/to/vscan-clamav.conf
    writeable = yes
    browseable = yes
    guest ok = yes
之後嘗試在windows client下寫入檔案

paulso

  • 俺是博士!
  • *****
  • 文章數: 1966
    • 檢視個人資料
samba3.23c+clamav問題已爬文過(已解決)
« 回覆 #8 於: 2007-09-17 16:45 »
你的 samba 是什麼 version
我試過 samba 2.2.x 是不能的
samba 3 應該沒問題

moveboy

  • 活潑的大學生
  • ***
  • 文章數: 227
    • 檢視個人資料
samba3.23c+clamav問題已爬文過(已解決)
« 回覆 #9 於: 2007-09-17 16:50 »
引述: "paulso"
你的 samba 是什麼 version
我試過 samba 2.2.x 是不能的
samba 3 應該沒問題

請教paulso
版主我已經解決問題了!
但是有發現掃毒速度實在太慢了
我有嘗試更改掃毒檔案大小的設定值卻發現
好像沒辦法設定說掃到的檔案大於2mb不掃的設定說
因為開資料夾或檔案過大都會發現實在太慢了說!

shen36930

  • 懷疑的國中生
  • **
  • 文章數: 64
    • 檢視個人資料
回覆: samba3.23c+clamav問題已爬文過(已解決)
« 回覆 #10 於: 2009-05-08 14:46 »
vi /etc/samba/vscan-clamav.conf

[samba-vscan]
; run-time configuration for vscan-samba using
; clamd
; all options are set to default values

; do not scan files larger than X bytes. If set to 0 (default),
; this feature is disable (i.e. all files are scanned)
max file size = 2097152
« 上次編輯: 2009-05-08 15:21 由 shen36930 »