[Samba] Samba vscan VFS Module

Adam Tauno Williams adamtaunowilliams at gmail.com
Sun Jun 17 03:35:06 GMT 2007 

I'm trying to configure Samba's vscan on-access VFS module on a box with
a working CLAM installation.  [CLAM is merrily scanning mail on this box
via clamav-milter].

I've set this up before, but this time it seems to be giving me grief.  
If I remove the vscan-clamav module then everything works, and I can
open files.

When I try to open a file with the module enable I just get a file not
found or permission denied message.

In the SMB log for the workstation I get:
-----------------------------------------------
[2007/06/16 12:46:33, 4] smbd/open.c:open_file_ntcreate(1510)
  calling open_file with flags=0x0 flags2=0x0 mode=0664
[2007/06/16 12:46:33, 10] global/vscan-filetype.c:filetype_skipscan(171)
  Sorry, samba-vscan filetype support is not compiled in
[2007/06/16 12:46:33, 10]
global/vscan-fileaccesslog.c:lrufiles_must_be_checked(260)
  lookup '/srv/cifs/goldmine/dbvis.license'
[2007/06/16 12:46:33, 10]
global/vscan-fileaccesslog.c:lrufiles_search(97)
  search for '/srv/cifs/goldmine/dbvis.license' in lrufiles
[2007/06/16 12:46:33, 10]
global/vscan-fileaccesslog.c:lrufiles_search(115)
  file '/srv/cifs/goldmine/dbvis.license' not matched
[2007/06/16 12:46:33, 10]
global/vscan-fileaccesslog.c:lrufiles_must_be_checked(265)
  entry '/srv/cifs/goldmine/dbvis.license' not found
[2007/06/16 12:46:33, 10]
global/vscan-fileaccesslog.c:lrufiles_delete(229)
  file entry '/srv/cifs/goldmine/dbvis.license' should be deleted
[2007/06/16 12:46:33, 10]
global/vscan-fileaccesslog.c:lrufiles_search(97)
  search for '/srv/cifs/goldmine/dbvis.license' in lrufiles
[2007/06/16 12:46:33, 10]
global/vscan-fileaccesslog.c:lrufiles_search(115)
  file '/srv/cifs/goldmine/dbvis.license' not matched
[2007/06/16 12:46:33, 10] smbd/open.c:fd_open(55)
  fd_open: name dbvis.license, flags = 00 mode = 0664, fd = -1.
Permission denied
-------------------------------------------------

In /var/log/messages I get:
--------------------------------------------------
Jun 16 12:36:22 sardine smbd_vscan-clamav[26889]: samba-vscan
(vscan-clamav 0.3.6b) registered (Samba 3.0), (c) by Rainer Link,
OpenAntiVirus.org
Jun 16 12:36:22 sardine smbd_vscan-clamav[26889]: samba-vscan
(vscan-clamav 0.3.6b) connected (Samba 3.0), (c) by Rainer Link,
OpenAntiVirus.org
Jun 16 12:36:22 sardine smbd_vscan-clamav[26889]: INFO: connect to
service goldmine by user adam
Jun 16 12:36:59 sardine smbd_vscan-clamav[26863]: samba-vscan
(vscan-clamav 0.3.6b) registered (Samba 3.0), (c) by Rainer Link,
OpenAntiVirus.org
Jun 16 12:36:59 sardine smbd_vscan-clamav[26863]: samba-vscan
(vscan-clamav 0.3.6b) connected (Samba 3.0), (c) by Rainer Link,
OpenAntiVirus.org
Jun 16 12:36:59 sardine smbd_vscan-clamav[26863]: INFO: connect to
service goldmine by user adam
Jun 16 12:37:11 sardine smbd_vscan-clamav[26863]: ERROR:
file /srv/cifs/goldmine/dbvis.license not found, not readable or an
error occured
Jun 16 12:37:11 sardine smbd_vscan-clamav[26863]: ERROR: daemon failed
with a minor error - access to file dbvis.license denied
Jun 16 12:37:11 sardine smbd_vscan-clamav[26863]: ERROR:
file /srv/cifs/goldmine/dbvis.license not found, not readable or an
error occured
Jun 16 12:37:11 sardine smbd_vscan-clamav[26863]: ERROR: daemon failed
with a minor error - access to file dbvis.license denied
Jun 16 12:37:11 sardine smbd_vscan-clamav[26863]: ERROR:
file /srv/cifs/goldmine/dbvis.license not found, not readable or an
error occured
Jun 16 12:37:11 sardine smbd_vscan-clamav[26863]: ERROR: daemon failed
with a minor error - access to file dbvis.license denied
------------------------

The seeming "file not found" problem seems baffling to me - THE FILE
EXISTS!  I see it in Explorer, and I see it with ls.  If I remove the
vscan-clamav module then everything works, and I can open files.

Is the clamd daemon itself attempting to open the file, as the user
"vscan", rather then opening the file in the Samba process and just
using the daemon?

[goldmine]
        comment = Department Data Share
        path = /srv/cifs/goldmine
        valid users = @cis, at sales
        admin users = @cis
        force group = sales
        writeable = Yes 
        force create mode = 0660
        force directory mode = 0770
        guest ok = Yes
        vfs objects = vscan-clamav recycle
        vscan-clamav:config-file = /etc/samba/vscan-clamav.conf


In /etc/samba/vscan-clamav.conf the clamd socket name
= /var/lib/clamav/clamd-socket and I can see the daemon listening (and
mail miltering works) -
sardine:~ # fuser -u /var/lib/clamav/clamd-socket
/var/lib/clamav/clamd-socket: 11161(vscan)

-- 
Adam Tauno Williams, Network & Systems Administrator
Consultant - http://www.whitemiceconsulting.com
Developer - http://www.opengroupware.org

More information about the samba mailing list