Sylvestre Taburet wrote:
> Oden Eriksson wrote:
>>>Changelog for -4mdk was:
>>>| * Mon Jun 03 2002 Buchan Milne <[EMAIL PROTECTED]> 2.2.4-4mdk
>>>| - More patch cleaning
>>>| - Antivirus support (optional at build time). Please test if you have
>>>
>>>one of
>>>
>>>| fprot, kaspersky,mks,symantec or trend. Sophos has been tested and
>>>
>>>builds
>>>
>>>| and works.
>>>| - Move all vfs objects to /usr/lib/samba/vfs
>>>
>>>Thus on-access scanning of files by samba. Infected files on the server
>>>are not accessible (plus you get a syslog entry), and infected files
>>>cannot be copied onto the server.
>>
>>Please _don't_ integrate this fluid feature into _samba_. I was about to
>>make a samba add-on rpm package of this AV feature some time ago, but I
>>hesitated... Please remove it from the samba package, it belongs to
>>contribs at its best...
>>
Note that there are no packages in Mandrake that actually contain the
feature. You have to rebuild the SRPM to actually get them (since you
need to have the virus scanner installed). The problem is that
samba-vscan needs to be compiled inside a compiled samba source tree.
If you can find a way to build samba-vscan, and have it work with samba,
we can do it this way.
No samba-vscan packages are in either cooker or contribs (the only one
we would possible be able to put there is samba-vscan-openav, but
probably not since it requires jre>1.2).
> Well you got a good point here... But as VFS will be part of samba, maybe
> we still can include a few "built in" plugins into samba, and then leave
> the rest in contribs? Actually, because most antivirus are commercial
> software, I tend to agree with you . WDYT Buchan?
The point of this was to make it easy for someone to get on-access
scanning, without having to recompile samba from source, losing all the
benefits of Mandrake RPMs (out-the-box windbind, nss_wins, ACLs etc).
Note that all the antivirus vfs modules will have their own package. The
only issue is that binaries need to be cleaned from the examples/VFS
tree (included in samba-doc), otherwise samba-doc has dependencies on
the scanner, if the RPMs were built with AV support (Currently I build
with no av support, and then with av support, using only the vscan RPM
from the 2nd build, this needs to be fixed).
Here is sample info on a samba-vscan package:
[bgmilne@bgmilne rpm]$ rpm -ql samba-vscan-sophos
/usr/lib/samba/vfs/vscan-sophos.so
[bgmilne@bgmilne rpm]$ rpm -qi samba-vscan-sophos
Name : samba-vscan-sophos Relocations: /usr
Version : 2.2.4 Vendor: MandrakeSoft
Release : 3mdk Build Date: Tue 28 May 2002
06:11:50 PM SAST
Install date: Tue 28 May 2002 06:36:39 PM SAST Build Host:
bgmilne.cae.co.za
Group : System/Servers Source RPM:
samba-2.2.4-3mdk.src.rpm
Size : 15724 License: GPL
Packager : Buchan Milne <[EMAIL PROTECTED]>
Summary : On-access virus scanning for samba using Sophos
Description :
A vfs-module for samba to implement on-access scanning using the
Sophos antivirus software (which must be installed to use this).
I really would like some people to try and get this to build vscan RPMs
for other scanners.
Please look at the spec file for samba for more info on how to get virus
scanning working:
# As if that weren't enough, we're going to try building with antivirus
# support as an option also
%define build_fprot 0
%define build_kaspersky 0
%define build_mks 0
%define build_openantivirus 0
%define build_sophos 0
%define build_symantec 0
%define build_trend 0
%{?_with_fprot: %{expand: %%define build_fprot 1}}
%{?_with_kaspersky: %{expand: %%define build_kaspersky 1}}
%{?_with_mks: %{expand: %%define build_mks 1}}
%{?_with_openav: %{expand: %%define build_openantivirus 1}}
%{?_with_sophos: %{expand: %%define build_sophos 1}}
%{?_with_symantec: %{expand: %%define build_symantec 1}}
%{?_with_trend: %{expand: %%define build_trend 1}}
%define vfsdir "examples/VFS"
%define vscandir "samba-vscan-%{vscanver}"
(--with options don't seem to work for some reason, maybe we're using
too many!).
You will see all the vscan package definitions are surrounded by
%if build_<scanner>
%endif.
So a normal build of the RPM delivers no vscan rpms, and doesn't need
any scanner installed.
Is there a better way of doing this?
--
|----------------Registered Linux User #182071-----------------|
Buchan Milne Mechanical Engineer, Network Manager
Cellphone * Work +27 82 472 2231 * +27 21 8828820x202
Stellenbosch Automotive Engineering http://www.cae.co.za
GPG Key http://ranger.dnsalias.com/bgmilne.asc
1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7
