| 1 |
nightmorph 08/05/02 04:46:22 |
| 2 |
|
| 3 |
Modified: quick-samba-howto.xml |
| 4 |
Log: |
| 5 |
Now it's just a CUPS/Samba guide, as the samba patches that allowed integration with ClamAV were dropped some time ago, as they don't work/are not maintained. bug 219799 |
| 6 |
|
| 7 |
Revision Changes Path |
| 8 |
1.40 xml/htdocs/doc/en/quick-samba-howto.xml |
| 9 |
|
| 10 |
file : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/quick-samba-howto.xml?rev=1.40&view=markup |
| 11 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/quick-samba-howto.xml?rev=1.40&content-type=text/plain |
| 12 |
diff : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/quick-samba-howto.xml?r1=1.39&r2=1.40 |
| 13 |
|
| 14 |
Index: quick-samba-howto.xml |
| 15 |
=================================================================== |
| 16 |
RCS file: /var/cvsroot/gentoo/xml/htdocs/doc/en/quick-samba-howto.xml,v |
| 17 |
retrieving revision 1.39 |
| 18 |
retrieving revision 1.40 |
| 19 |
diff -u -r1.39 -r1.40 |
| 20 |
--- quick-samba-howto.xml 20 Dec 2007 19:13:21 -0000 1.39 |
| 21 |
+++ quick-samba-howto.xml 2 May 2008 04:46:22 -0000 1.40 |
| 22 |
@@ -1,10 +1,10 @@ |
| 23 |
<?xml version='1.0' encoding='UTF-8'?> |
| 24 |
-<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/quick-samba-howto.xml,v 1.39 2007/12/20 19:13:21 swift Exp $ --> |
| 25 |
+<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/quick-samba-howto.xml,v 1.40 2008/05/02 04:46:22 nightmorph Exp $ --> |
| 26 |
<!DOCTYPE guide SYSTEM "/dtd/guide.dtd"> |
| 27 |
|
| 28 |
<guide link="/doc/en/quick-samba-howto.xml"> |
| 29 |
|
| 30 |
-<title>Gentoo Samba3/CUPS/ClamAV HOWTO</title> |
| 31 |
+<title>Gentoo Samba3/CUPS HOWTO</title> |
| 32 |
|
| 33 |
<author title="Author"> |
| 34 |
Andreas "daff" Ntaflos <!--daff at dword dot org--> |
| 35 |
@@ -17,17 +17,16 @@ |
| 36 |
</author> |
| 37 |
|
| 38 |
<abstract> |
| 39 |
-Setup, install and configure a Samba Server under Gentoo that shares files, |
| 40 |
-printers without the need to install drivers and provides automatic virus |
| 41 |
-scanning. |
| 42 |
+Setup, install and configure a Samba server under Gentoo that shares files and |
| 43 |
+printers without the need to install drivers. |
| 44 |
</abstract> |
| 45 |
|
| 46 |
<!-- The content of this document is licensed under the CC-BY-SA license --> |
| 47 |
<!-- See http://creativecommons.org/licenses/by-sa/2.5 --> |
| 48 |
<license/> |
| 49 |
|
| 50 |
-<version>1.24</version> |
| 51 |
-<date>2007-12-20</date> |
| 52 |
+<version>1.25</version> |
| 53 |
+<date>2008-05-01</date> |
| 54 |
|
| 55 |
<chapter> |
| 56 |
<title>Introduction to this HOWTO</title> |
| 57 |
@@ -52,7 +51,7 @@ |
| 58 |
This HOWTO originally started not as a HOWTO, but as a FAQ. It was intended to |
| 59 |
explore the functionality and power of the Gentoo system, portage and the |
| 60 |
flexibility of USE flags. Like so many other projects, it was quickly discovered |
| 61 |
-what was missing in the Gentoo realm: there weren't any Samba HOWTO's catered |
| 62 |
+what was missing in the Gentoo realm: there weren't any Samba HOWTOs catered |
| 63 |
for Gentoo users. These users are more demanding than most; they require |
| 64 |
performance, flexibility and customization. This does not however imply that |
| 65 |
this HOWTO was not intended for other distributions; rather that it was designed |
| 66 |
@@ -61,9 +60,7 @@ |
| 67 |
|
| 68 |
<p> |
| 69 |
This HOWTO will describe how to share files and printers between Windows PCs and |
| 70 |
-*nix PCs. It will also demonstrate the use of the VFS (Virtual File System) |
| 71 |
-feature of Samba to incorporate automatic virus protection. As a finale, it will |
| 72 |
-show you how to mount and manipulate shares. |
| 73 |
+*nix PCs. It will also show you how to mount and manipulate shares. |
| 74 |
</p> |
| 75 |
|
| 76 |
<p> |
| 77 |
@@ -113,7 +110,6 @@ |
| 78 |
<ul> |
| 79 |
<li>On the Samba server: |
| 80 |
<ul> |
| 81 |
- <li>Install and configure ClamAV</li> |
| 82 |
<li>Install and configure Samba</li> |
| 83 |
<li>Install and configure CUPS</li> |
| 84 |
<li>Adding the printer to CUPS</li> |
| 85 |
@@ -147,24 +143,20 @@ |
| 86 |
|
| 87 |
<ul> |
| 88 |
<li>net-fs/samba</li> |
| 89 |
- <li>app-antivirus/clamav</li> |
| 90 |
<li>net-print/cups</li> |
| 91 |
<li>net-print/foomatic</li> |
| 92 |
<li>net-print/hplip (if you have an HP printer)</li> |
| 93 |
<li>A kernel of sorts (2.6)</li> |
| 94 |
- <li>A printer (PS or non-PS, maybe not TOO new or fancy)</li> |
| 95 |
+ <li>A printer (PS or non-PS)</li> |
| 96 |
<li> |
| 97 |
A working network (home/office/etc) consisting of more than one machine) |
| 98 |
</li> |
| 99 |
</ul> |
| 100 |
|
| 101 |
<p> |
| 102 |
-The main package we use here is net-fs/samba, however, you will need a kernel |
| 103 |
-with cifs support enabled in order to mount a samba or windows share from |
| 104 |
+The main package we use here is <c>net-fs/samba</c>, however, you will need a |
| 105 |
+kernel with CIFS support enabled in order to mount a Samba or Windows share from |
| 106 |
another computer. CUPS will be emerged if it is not already. |
| 107 |
-app-antivirus/clamav will be used also, but others should be easily adapted to |
| 108 |
-work with Samba. Gentoo's samba ebuild supports all kinds of virus scanning |
| 109 |
-technologies, such as Sophos, FProt, Fsav, Trend, Icap, Nai, ... |
| 110 |
</p> |
| 111 |
|
| 112 |
</body> |
| 113 |
@@ -183,7 +175,7 @@ |
| 114 |
</p> |
| 115 |
|
| 116 |
<pre caption="Samba uses the following USE Variables:"> |
| 117 |
-kerberos acl cups ldap pam readline python oav winbind |
| 118 |
+kerberos acl cups ldap pam readline python winbind |
| 119 |
</pre> |
| 120 |
|
| 121 |
<p> |
| 122 |
@@ -256,14 +248,6 @@ |
| 123 |
</ti> |
| 124 |
</tr> |
| 125 |
<tr> |
| 126 |
- <th><b>oav</b></th> |
| 127 |
- <ti> |
| 128 |
- Provides on-access scanning of Samba shares with FRISK F-Prot Daemon, |
| 129 |
- Kaspersky AntiVirus, OpenAntiVirus.org ScannerDaemon, Sophos Sweep (SAVI), |
| 130 |
- Symantec CarrierScan, and Trend Micro (VSAPI). |
| 131 |
- </ti> |
| 132 |
-</tr> |
| 133 |
-<tr> |
| 134 |
<th><b>winbind</b></th> |
| 135 |
<ti> |
| 136 |
Winbind allows for a unified logon within a Samba environment. It uses a |
| 137 |
@@ -318,7 +302,6 @@ |
| 138 |
</p> |
| 139 |
|
| 140 |
<ul> |
| 141 |
- <li>oav</li> |
| 142 |
<li>cups</li> |
| 143 |
<li>readline</li> |
| 144 |
<li>pam</li> |
| 145 |
@@ -330,7 +313,7 @@ |
| 146 |
</p> |
| 147 |
|
| 148 |
<pre caption="Emerge Samba"> |
| 149 |
-# <i>echo "net-fs/samba oav readline cups pam" >> /etc/portage/package.use</i> |
| 150 |
+# <i>echo "net-fs/samba readline cups pam" >> /etc/portage/package.use</i> |
| 151 |
# <i>emerge net-fs/samba</i> |
| 152 |
</pre> |
| 153 |
|
| 154 |
@@ -341,22 +324,6 @@ |
| 155 |
</body> |
| 156 |
</section> |
| 157 |
<section> |
| 158 |
-<title>Emerging ClamAV</title> |
| 159 |
-<body> |
| 160 |
- |
| 161 |
-<p> |
| 162 |
-Because the <e>oav</e> USE flag only provides an interface to allow on access |
| 163 |
-virus scanning, the actual virus scanner must be emerged. The scanner used in |
| 164 |
-this HOWTO is ClamAV. |
| 165 |
-</p> |
| 166 |
- |
| 167 |
-<pre caption="Emerge Clamav"> |
| 168 |
-# <i>emerge app-antivirus/clamav</i> |
| 169 |
-</pre> |
| 170 |
- |
| 171 |
-</body> |
| 172 |
-</section> |
| 173 |
-<section> |
| 174 |
<title>Emerging foomatic</title> |
| 175 |
<body> |
| 176 |
|
| 177 |
@@ -429,14 +396,6 @@ |
| 178 |
security = share |
| 179 |
<comment># No passwords, so we're going to use a guest account!</comment> |
| 180 |
guest ok = yes |
| 181 |
-<comment># We now will implement the on access virus scanner. |
| 182 |
-# NOTE: By putting this in our [Global] section, we enable |
| 183 |
-# scanning of ALL shares, you could optionally move |
| 184 |
-# these to a specific share and only scan it.</comment> |
| 185 |
- |
| 186 |
-<comment># For Samba 3.x. This enables ClamAV on access scanning.</comment> |
| 187 |
-vfs object = vscan-clamav |
| 188 |
-vscan-clamav: config-file = /etc/samba/vscan-clamav.conf |
| 189 |
|
| 190 |
<comment># Now we setup our print drivers information!</comment> |
| 191 |
[print$] |
| 192 |
@@ -498,11 +457,6 @@ |
| 193 |
from a lot of problems. |
| 194 |
</warn> |
| 195 |
|
| 196 |
-<warn> |
| 197 |
-Turning on ClamAV on access scanning in the <c>[global]</c> section will slow |
| 198 |
-down the performance of your Samba server dramatically. |
| 199 |
-</warn> |
| 200 |
- |
| 201 |
<p> |
| 202 |
Now create the directories required for the minimum configuration of Samba to |
| 203 |
share the installed printer throughout the network. |
| 204 |
@@ -546,107 +500,6 @@ |
| 205 |
</body> |
| 206 |
</section> |
| 207 |
<section> |
| 208 |
-<title>Configuring ClamAV</title> |
| 209 |
-<body> |
| 210 |
- |
| 211 |
-<p> |
| 212 |
-The configuration file specified to be used in <path>smb.conf</path> is |
| 213 |
-<path>/etc/samba/vscan-clamav.conf</path>. While these options are set to the |
| 214 |
-defaults, the infected file action may need to be changed. |
| 215 |
-</p> |
| 216 |
- |
| 217 |
-<pre caption="/etc/samba/vscan-clamav.conf"> |
| 218 |
-[samba-vscan] |
| 219 |
-<comment>; run-time configuration for vscan-samba using |
| 220 |
-; clamd |
| 221 |
-; all options are set to default values</comment> |
| 222 |
- |
| 223 |
-<comment>; do not scan files larger than X bytes. If set to 0 (default), |
| 224 |
-; this feature is disable (i.e. all files are scanned)</comment> |
| 225 |
-max file size = 0 |
| 226 |
- |
| 227 |
-<comment>; log all file access (yes/no). If set to yes, every access will |
| 228 |
-; be logged. If set to no (default), only access to infected files |
| 229 |
-; will be logged</comment> |
| 230 |
-verbose file logging = no |
| 231 |
- |
| 232 |
-<comment>; if set to yes (default), a file will be scanned while opening</comment> |
| 233 |
-scan on open = yes |
| 234 |
-<comment>; if set to yes, a file will be scanned while closing (default is yes)</comment> |
| 235 |
-scan on close = yes |
| 236 |
- |
| 237 |
-<comment>; if communication to clamd fails, should access to file denied? |
| 238 |
-; (default: yes)</comment> |
| 239 |
-deny access on error = yes |
| 240 |
- |
| 241 |
-<comment>; if daemon fails with a minor error (corruption, etc.), |
| 242 |
-; should access to file denied? |
| 243 |
-; (default: yes)</comment> |
| 244 |
-deny access on minor error = yes |
| 245 |
- |
| 246 |
-<comment>; send a warning message via Windows Messenger service |
| 247 |
-; when virus is found? |
| 248 |
-; (default: yes)</comment> |
| 249 |
-send warning message = yes |
| 250 |
- |
| 251 |
-<comment>; what to do with an infected file |
| 252 |
-; quarantine: try to move to quantine directory; delete it if moving fails |
| 253 |
-; delete: delete infected file |
| 254 |
-; nothing: do nothing</comment> |
| 255 |
-infected file action = <comment>delete</comment> |
| 256 |
- |
| 257 |
-<comment>; where to put infected files - you really want to change this! |
| 258 |
-; it has to be on the same physical device as the share!</comment> |
| 259 |
-quarantine directory = /tmp |
| 260 |
-<comment>; prefix for files in quarantine</comment> |
| 261 |
-quarantine prefix = vir- |
| 262 |
- |
| 263 |
-<comment>; as Windows tries to open a file multiple time in a (very) short time |
| 264 |
-; of period, samba-vscan use a last recently used file mechanism to avoid |
| 265 |
-; multiple scans of a file. This setting specified the maximum number of |
| 266 |
-; elements of the last recently used file list. (default: 100)</comment> |
| 267 |
-max lru files entries = 100 |
| 268 |
- |
| 269 |
-<comment>; an entry is invalidated after lru file entry lifetime (in seconds). |
| 270 |
-; (Default: 5)</comment> |
| 271 |
-lru file entry lifetime = 5 |
| 272 |
- |
| 273 |
-<comment>; socket name of clamd (default: /var/run/clamd)</comment> |
| 274 |
-clamd socket name = /tmp/clamd |
| 275 |
- |
| 276 |
-<comment>; port number the ScannerDaemon listens on</comment> |
| 277 |
-oav port = 8127 |
| 278 |
-</pre> |
| 279 |
- |
| 280 |
-<p> |
| 281 |
-It is generally a good idea to start the virus scanner immediately. Add it to |
| 282 |
-the <e>default</e> runlevel and then start the <c>clamd</c> service immediately. |
| 283 |
-The service has two processes: freshclam keeps the virus definition database up |
| 284 |
-to date while clamd is the actual anti-virus daemon. First you may want to set |
| 285 |
-the paths of the logfiles so that it fits your needs. |
| 286 |
-</p> |
| 287 |
- |
| 288 |
-<pre caption="Checking the location of the logfiles"> |
| 289 |
-# <i>vim /etc/clamd.conf</i> |
| 290 |
-<comment>(Check the line "LogFile /var/log/clamd.log")</comment> |
| 291 |
-# <i>vim /etc/freshclam.conf</i> |
| 292 |
-<comment>(Check the line "UpdateLogFile /var/log/freshclam.log")</comment> |
| 293 |
-# <i>vim /etc/conf.d/clamd</i> |
| 294 |
-<comment>(Set "START_CLAMD=yes" and "START_FRESHCLAM=yes")</comment> |
| 295 |
-</pre> |
| 296 |
- |
| 297 |
-<p> |
| 298 |
-Now fire up the virus scanner. |
| 299 |
-</p> |
| 300 |
- |
| 301 |
-<pre caption="Add clamd to bootup and start it"> |
| 302 |
-# <i>rc-update add clamd default</i> |
| 303 |
-# <i>/etc/init.d/clamd start</i> |
| 304 |
-</pre> |
| 305 |
- |
| 306 |
-</body> |
| 307 |
-</section> |
| 308 |
-<section> |
| 309 |
<title>Configuring CUPS</title> |
| 310 |
<body> |
| 311 |
|
| 312 |
@@ -1006,7 +859,7 @@ |
| 313 |
</note> |
| 314 |
|
| 315 |
<p> |
| 316 |
-Now is time to configure our kernel to support cifs. Since I'm assuming |
| 317 |
+Now is time to configure our kernel to support CIFS. Since I'm assuming |
| 318 |
we've all compiled at least one kernel, we'll need to make sure we have all the |
| 319 |
right options selected in our kernel. For simplicity's sake, make it a module |
| 320 |
for ease of use. It is the author's opinion that kernel modules are a good thing |
| 321 |
@@ -1070,7 +923,7 @@ |
| 322 |
|
| 323 |
<p> |
| 324 |
That should be it. You should now have a successful printing enviroment that is |
| 325 |
-friendly to both Windows and *nix as well as a fully virus-free working share! |
| 326 |
+friendly to both Windows and *nix as well as a working share! |
| 327 |
</p> |
| 328 |
|
| 329 |
</body> |
| 330 |
|
| 331 |
|
| 332 |
|
| 333 |
-- |
| 334 |
gentoo-doc-cvs@l.g.o mailing list |
Archives