Samba + Clamd + Samba-Vscan On CentOS 5.2

This is a howto on getting samba + clamav + samba-vscan to work on a CentOS 5.2 system.

1. First let's start by getting clamav installed and functioning.

You can either compile it yourself or use yum to install this via a repo. For this we will create a repo named dag.repo in /etc/yum.repos.d/. Add the following....

[dag]
name=Dag RPM Repository for Red Hat Enterprise Linux
baseurl=http://apt.sw.be/redhat/el$releasever/en/$basearch/dag/
gpgcheck=1
gpgkey=http://dag.wieers.com/packages/RPM-GPG-KEY.dag.txt
enabled=1

2. Install clamd and configure clamd:

yum install clamd.i386

vi /etc/clamd.conf

and change the socket to /var/run/clamav/clamd.sock.

3. Update clamd by running freshclam:

freshclam

4. If you are going through a proxy you can set this up by editing the file /etc/freshclam.conf.

5. Run

chkconfig clamd on

6. Run

service clamd start

7. Create a directory for quarantine. For example:

mkdir /virus

8. Perform a scan of shares and move infections to quarantine.

clamdscan --move=/virus/ /pathtoshares

9. Now we need to install the source code for samba.

10. Verify the current samba version that you have.

rpm -q samba
samba-3.0.28-1.el5_2.1

11. Get the source code for the version of samba that you are running. This can be done with wget.

wget http://mirror.cs.vt.edu/pub/CentOS/5/updates/SRPMS/samba-3.0.28-1.el5_2.1.src.rpm

12. Install via

rpm -ihv samba-3.0.28-1.el5_2.1.src.rpm

13. Extract the samba tar file in /usr/src/redhat/SOURCES:

cd /usr/src/redhat/SOURCES
tar xzvf samba-3-0.28.tar.gz

14. Run ./configure  and make proto in the samba source directory.

cd /usr/src/redhat/SOURCES/samba-3.0.28/sources
./configure
make proto

15. Get samba vscan release 0.3.6cBeta5 if you are using samba3.0.25 or later.

wget http://www.openantivirus.org/download/samba-vscan-0.3.6c-beta5.tar.gz

16. Extract the samba-vscan tarball.

tar xzvf samba-vscan-0.3.6c-beta5.tar.gz

17. Go to that directory.

cd /usr/src/redhat/SOURCES/samba-3.0.28/examples/VFS/samba-vscan-0.3.6c-beta5/

18. Make the backend for clamav:    

make clamav

19. Copy the vscan-clamav.so.    

cp vscan-clamav.so /usr/lib/samba/vfs/

20. Copy the vscan conf file to the samba dir.    

cp clamav/vscan-clamav.conf /etc/samba/

21. Edit /etc/samba/vscan-clamav.conf to your liking making sure that the clamd socket = /var/run/clamav/clamd.sock:

vi /etc/samba/vscan-clamav.conf

vfs object = vscan-clamav  vscan-clamav: config-file = /etc/samba/vscan-clamav.conf 

22. If everything works out, you should probably exclude samba from updating via the nightly yum. To do this just add

exclude=samba* 

to your /etc/yum.conf file.

Bo Lynch

Share this page:

4 Comment(s)

Add comment

Comments

From: Davide

samba-vscan is an outdated software, the latest upgrade is at 2005!! there's an alternative?

From: Girish KG

[dag]
name=Dag RPM Repository for Red Hat Enterprise Linux
baseurl=http://apt.sw.be/redhat/el5/en/i386/dag/
gpgcheck=1
gpgkey=http://dag.wieers.com/packages/RPM-GPG-KEY.dag.txt
enabled=1
 
 

From:

lease

I have problems with this tutorial .. I'm using version 5.5 and samba samba-3.0.33-3.29.el5_5.src.rpm investment of version 0.28.

First, he accuses descompatação error in the package .. informing

Warning: The user mockbuild does not exist - using root
warning: group mockbuild does not exist - using root

Then, in step 17. Go to That directory.

cd / usr/src/redhat/SOURCES/samba-3.0.33/examples/VFS/samba-vscan-0.3.6c-beta5 /

-Bash: cd: / usr/src/redhat/SOURCES/samba-3.0.33/examples/VFS/samba-vscan-0.3.6c-beta5 /: File or directory not found river


make clamav

Then, in step 1. Make the backend for clamav:

make clamav

Could you help me ..

Thanks,

Thiago

From:

What about packages from http://www.enterprisesamba.com ?

I remember reading that the packages have the vscan compiled in them.