HowtoForge

Samba + Clamd + Samba-Vscan On CentOS 5.2

Samba + Clamd + Samba-Vscan On CentOS 5.2

This is a howto on getting samba + clamav + samba-vscan to work on a CentOS 5.2 system.

1. First let's start by getting clamav installed and functioning.

You can either compile it yourself or use yum to install this via a repo. For this we will create a repo named dag.repo in /etc/yum.repos.d/. Add the following....

[dag]
name=Dag RPM Repository for Red Hat Enterprise Linux
baseurl=http://apt.sw.be/redhat/el$releasever/en/$basearch/dag/
gpgcheck=1
gpgkey=http://dag.wieers.com/packages/RPM-GPG-KEY.dag.txt
enabled=1

2. Install clamd and configure clamd:

yum install clamd.i386
vi /etc/clamd.conf

and change the socket to /var/run/clamav/clamd.sock.

3. Update clamd by running freshclam:

freshclam

4. If you are going through a proxy you can set this up by editing the file /etc/freshclam.conf.

5. Run

chkconfig clamd on

6. Run

service clamd start

7. Create a directory for quarantine. For example:

mkdir /virus

8. Perform a scan of shares and move infections to quarantine.

clamdscan --move=/virus/ /pathtoshares

9. Now we need to install the source code for samba.

10. Verify the current samba version that you have.

rpm -q samba
samba-3.0.28-1.el5_2.1

11. Get the source code for the version of samba that you are running. This can be done with wget.

wget http://mirror.cs.vt.edu/pub/CentOS/5/updates/SRPMS/samba-3.0.28-1.el5_2.1.src.rpm

12. Install via

rpm -ihv samba-3.0.28-1.el5_2.1.src.rpm

13. Extract the samba tar file in /usr/src/redhat/SOURCES:

cd /usr/src/redhat/SOURCES
tar xzvf samba-3-0.28.tar.gz

14. Run ./configure  and make proto in the samba source directory.

cd /usr/src/redhat/SOURCES/samba-3.0.28/sources
./configure
make proto

15. Get samba vscan release 0.3.6cBeta5 if you are using samba3.0.25 or later.

wget http://www.openantivirus.org/download/samba-vscan-0.3.6c-beta5.tar.gz

16. Extract the samba-vscan tarball.

tar xzvf samba-vscan-0.3.6c-beta5.tar.gz

17. Go to that directory.

cd /usr/src/redhat/SOURCES/samba-3.0.28/examples/VFS/samba-vscan-0.3.6c-beta5/

18. Make the backend for clamav:    

make clamav

19. Copy the vscan-clamav.so.    

cp vscan-clamav.so /usr/lib/samba/vfs/

20. Copy the vscan conf file to the samba dir.    

cp clamav/vscan-clamav.conf /etc/samba/

21. Edit /etc/samba/vscan-clamav.conf to your liking making sure that the clamd socket = /var/run/clamav/clamd.sock:

vi /etc/samba/vscan-clamav.conf
vfs object = vscan-clamav  vscan-clamav: config-file = /etc/samba/vscan-clamav.conf 

22. If everything works out, you should probably exclude samba from updating via the nightly yum. To do this just add

exclude=samba* 

to your /etc/yum.conf file.

Bo Lynch

Samba + Clamd + Samba-Vscan On CentOS 5.2