| View previous topic :: View next topic |
| Author |
Message |
Robert S
Guru
Joined: 15 Aug 2004
Posts: 463
Location: Canberra Australia
|
 Posted: Fri May 26, 2006 1:40 pm Post subject: Samba vscan-clamav segfaults [SOLVED] |
 |
|
I recently discovered that samba installed with vscan-clamv doesn't actually work. It didn't detect or quarantine viruses as it should. I tried recompiling it with the libclamav USE flag. Now when I try to access a folder containing a virus in Windows it (Win) freezes. I tried accessing an infected test file from a mounted shared folder on another Gentoo pc and got an "I/O error" message. I got the following message in /var/log/messages:
| Quote: | | May 26 23:24:10 mycomputer smbd[16793]: segfault at 00002b2b595876b0 rip 00002b2b595876b0 rsp 00005555557fd7d1 error 15 |
Some relevant information:
Samba version: 3.0.22
/etc/samba/smb.conf:
| Quote: | # Global parameters
[global]
workgroup = WORKGROUP
netbios name = MYCOMPUTER
server string = Samba Server
encrypt passwords = Yes
smb passwd file = /etc/samba/private/smbpasswd
log file = /var/log/samba.log
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
lock dir = /var/lock/samba
printing = cups
printcap name = cups
load printers = yes
time server = yes
dos filetimes = yes
fake directory create times = yes
dos filetime resolution = yes
delete readonly = yes
vfs object = vscan-clamav
vscan-clamav: config-file = /etc/samba/vscan-clamav.conf
[homes]
comment = Home Directories
path = /home/%S/.documents
valid users = %S
read only = No
browseable = No
writeable = Yes
|
/etc/samba/vscan-clamav.conf
| Quote: |
[samba-vscan]
max file size = 10000000
verbose file logging = no
scan on open = yes
scan on close = yes
deny access on error = yes
deny access on minor error = yes
send warning message = yes
#infected file action = delete
infected file action = quarantine
quarantine directory = /var/clam/samba
quarantine prefix = vir-
max lru files entries = 100
lru file entry lifetime = 5
clamd socket name = /var/run/clamav/clamd.sock
|
# equery uses samba
| Quote: |
[ Searching for packages matching samba... ]
[ Colour Code : set unset ]
[ Legend : Left column (U) - USE flags from make.conf ]
[ : Right column (I) - USE flags packages was installed with ]
[ Found these USE variables for net-fs/samba-3.0.22 ]
U I
+ + acl : Adds support for Access Control Lists
- - async : Enables asynchronous input/output
- - automount : Enables automount support
+ + cups : Add support for CUPS (Common Unix Printing System)
- - doc : Adds extra documentation (API, Javadoc, etc)
- - examples : Install example source code
- - kerberos : Adds kerberos support
- - ldap : Adds LDAP support (Lightweight Directory Access Protocol)
- - ldapsam : Enables samba 2.2 ldap support (default passwd backend: ldapsam_compat)
+ + libclamav : Enables clamav libraries, without needing to use the daemon
- - mysql : Adds mySQL Database support
+ + oav : Enables support for anti-virus from the openantivirus.org project
+ + pam : Adds support PAM (Pluggable Authentication Modules) - DANGEROUS to arbitrarily flip
- - postgres : Adds support for the postgresql database
+ + python : Adds support/bindings for the Python language
- - quotas : Enables support for user quotas
+ + readline : Enables support for libreadline, a GNU line-editing library that almost everyone wants
- - selinux : !!internal use only!! Security Enhanced Linux support, this must be set by the selinux profile or breakage will occur
- - swat : Enables support for swat configuration gui
- - syslog : Enables support for syslog
- - winbind : Enables support for the winbind auth daemon
+ + xml : Add support for XML files
- - xml2 : Check/Support flag for XML library (version 2) (deprecated, use xml)
|
Can anybody enlighten me?
Last edited by Robert S on Fri May 26, 2006 10:34 pm; edited 1 time in total |
|
| Back to top |
|
 |
Robert S
Guru
Joined: 15 Aug 2004
Posts: 463
Location: Canberra Australia
|
| Posted: Fri May 26, 2006 10:34 pm Post subject: |
|
|
Fixed by disbling the libclamav USE flag (I used the time-honoured technique of RTFM):
| Quote: | # equery uses samba
[ Searching for packages matching samba... ]
[ Colour Code : set unset ]
[ Legend : Left column (U) - USE flags from make.conf ]
[ : Right column (I) - USE flags packages was installed with ]
[ Found these USE variables for net-fs/samba-3.0.22 ]
U I
+ + acl : Adds support for Access Control Lists
- - async : Enables asynchronous input/output
- - automount : Enables automount support
+ + cups : Add support for CUPS (Common Unix Printing System)
+ + doc : Adds extra documentation (API, Javadoc, etc)
- - examples : Install example source code
- - kerberos : Adds kerberos support
- - ldap : Adds LDAP support (Lightweight Directory Access Protocol)
- - ldapsam : Enables samba 2.2 ldap support (default passwd backend: ldapsam_compat)
- - libclamav : Enables clamav libraries, without needing to use the daemon
- - mysql : Adds mySQL Database support
+ + oav : Enables support for anti-virus from the openantivirus.org project
+ + pam : Adds support PAM (Pluggable Authentication Modules) - DANGEROUS to arbitrarily flip
- - postgres : Adds support for the postgresql database
+ + python : Adds support/bindings for the Python language
- - quotas : Enables support for user quotas
+ + readline : Enables support for libreadline, a GNU line-editing library that almost everyone wants
- - selinux : !!internal use only!! Security Enhanced Linux support, this must be set by the selinux profile or breakage will occur
- - swat : Enables support for swat configuration gui
- - syslog : Enables support for syslog
- - winbind : Enables support for the winbind auth daemon
- - xml : Add support for XML files
- - xml2 : Check/Support flag for XML library (version 2) (deprecated, use xml)
|
I've also managed to hugely speed up filesharing by putting the lines | Quote: | vfs object = vscan-clamav
vscan-clamav: config-file = /etc/samba/vscan-clamav.conf |
into the individual shares that I want scanned.
A few things in the doc have changed since I first set this up. Maybe the two lines above should be put into a share in the Doc to avoid these problems.
There is a discussion about the libclamav option at http://marc.theaimsgroup.com/?t=108550773300004&r=1&w=2. Looks like the advice is: don't becuase of performance issues. |
|
| Back to top |
|
|
norvalk
n00b
Joined: 21 Feb 2003
Posts: 49
Location: Ljubljana, Slovenia
|
| Posted: Tue May 30, 2006 1:08 pm Post subject: |
|
|
is libclamav-related "issue" somehow related to changes mentioned
here?
_________________
litera scripta manet |
|
| Back to top |
|
|
Robert S
Guru
Joined: 15 Aug 2004
Posts: 463
Location: Canberra Australia
|
| Posted: Tue May 30, 2006 9:44 pm Post subject: |
|
|
Don't know. My version reports itself as "samba-vscan (vscan-clamav 0.3.6b) registered (Samba 3.0), (c) by Rainer Link, OpenAntiVirus.
org" and has done for the last month (the duration of logs that I keep). Its been working fine for a long time, until I compiled it with the libclamav USE flag. Looks like libclamav still needs a bit of work. |
|
| Back to top |
|
|
|
Networking & Security
