Samba + Clamd + Samba-Vscan On CentOS 5.2
This is a howto on getting samba + clamav + samba-vscan to work on a CentOS 5.2 system.
1. First let's start by getting clamav installed and functioning.
You can either compile it yourself or use yum to install this via a repo. For this we will create a repo named dag.repo in /etc/yum.repos.d/. Add the following....
[dag] name=Dag RPM Repository for Red Hat Enterprise Linux baseurl=http://apt.sw.be/redhat/el$releasever/en/$basearch/dag/ gpgcheck=1 gpgkey=http://dag.wieers.com/packages/RPM-GPG-KEY.dag.txt enabled=1
2. Install clamd and configure clamd:
yum install clamd.i386
vi /etc/clamd.conf
and change the socket to /var/run/clamav/clamd.sock.
3. Update clamd by running freshclam:
freshclam
4. If you are going through a proxy you can set this up by editing the file /etc/freshclam.conf.
5. Run
chkconfig clamd on
6. Run
service clamd start
7. Create a directory for quarantine. For example:
mkdir /virus
8. Perform a scan of shares and move infections to quarantine.
clamdscan --move=/virus/ /pathtoshares
9. Now we need to install the source code for samba.
10. Verify the current samba version that you have.
rpm -q samba
samba-3.0.28-1.el5_2.1
11. Get the source code for the version of samba that you are running. This can be done with wget.
wget http://mirror.cs.vt.edu/pub/CentOS/5/updates/SRPMS/samba-3.0.28-1.el5_2.1.src.rpm
12. Install via
rpm -ihv samba-3.0.28-1.el5_2.1.src.rpm
13. Extract the samba tar file in /usr/src/redhat/SOURCES:
cd /usr/src/redhat/SOURCES
tar xzvf samba-3-0.28.tar.gz
14. Run ./configure and make proto in the samba source directory.
cd /usr/src/redhat/SOURCES/samba-3.0.28/sources
./configure
make proto
15. Get samba vscan release 0.3.6cBeta5 if you are using samba3.0.25 or later.
wget http://www.openantivirus.org/download/samba-vscan-0.3.6c-beta5.tar.gz
16. Extract the samba-vscan tarball.
tar xzvf samba-vscan-0.3.6c-beta5.tar.gz
17. Go to that directory.
cd /usr/src/redhat/SOURCES/samba-3.0.28/examples/VFS/samba-vscan-0.3.6c-beta5/
18. Make the backend for clamav:
make clamav
19. Copy the vscan-clamav.so.
cp vscan-clamav.so /usr/lib/samba/vfs/
20. Copy the vscan conf file to the samba dir.
cp clamav/vscan-clamav.conf /etc/samba/
21. Edit /etc/samba/vscan-clamav.conf to your liking making sure that the clamd socket = /var/run/clamav/clamd.sock:
vi /etc/samba/vscan-clamav.conf
vfs object = vscan-clamav vscan-clamav: config-file = /etc/samba/vscan-clamav.conf
22. If everything works out, you should probably exclude samba from updating via the nightly yum. To do this just add
exclude=samba*
to your /etc/yum.conf file.
Bo Lynch