Howto Install Samba Plus Support Clamav

Hanya mendokumentasikan tutorial dari Pak Arief Yudhawarman

Fedora Core 3 : Howto Install samba plus support clamav.

A. CLAMAV

Preparing
———
Clamav need zlib newer than package's zlib from FC3.
# cd /usr/local/src
# tar zxf zlib-1.2.3.tar.gz
# ./configure –prefix=/usr/local/zlib
# make && make install

adduser
———
# groupadd clamav
# useradd -g clamav -d /var/lib/clamav -s /bin/false -c 'ClamAV Antivirus Daemon' clamav

Configuring & Installing
————————
# cd /usr/local/src
# tar zxf clamav-0.88.tar.gz
# cd /usr/local/src/clamav-0.88
# ./configure –prefix=/usr/local/clamav –disable-clamuko –with-dbdir=/var/lib/clamav –with-zlib=/usr/local/zlib/
# make && make check && make install && make clean

Symbolic link
————-
# mkdir /var/run/clamav
# chown clamav.clamav /var/run/clamav
# cd /etc/
# ln -s /usr/local/clamav/etc/ clamav
# cd /usr/local/sbin/
# for i in /usr/local/clamav/sbin/*; do j=`basename $i`; ln -s $i $j; done
# cd /usr/local/bin
# for i in /usr/local/clamav/bin/*; do j=`basename $i`; ln -s $i $j; done
# cd /usr/local/lib
# for i in /usr/local/clamav/lib/*; do if [ -f $i ]; then j=`basename $i`; ln -s $i $j; fi; done
# cd /usr/local/include
# for i in /usr/local/clamav/include/*; do j=`basename $i`; ln -s $i $j; done

Man Path
——–
Just edit /etc/man.config and add this line:
MANPATH /usr/local/clamav/man

Edit clamd.conf & freshclam.conf

B. SAMBA

# cd /usr/local/src
# tar zxf /SRC/samba-3.0.21b.tar.gz
# cd samba-3.0.21b/source/
# ./autogen.sh
# ./configure –prefix=/usr/local/samba –with-smbmount –with-winbind
# make proto

B.1 SAMBA-VSCAN

B.1.2 Filetype support

FC3 already support filetype so these steps no needed
Supporting filetype (libmagic)
# cd /usr/local/src/
# tar zxvf /SRC/file-4.16.tar.gz
# cd file-4.16/
# ./configure –prefix=/usr/local/file && make && make check && make install
# echo '/usr/local/lib/' >> /etc/ld.so.conf
# ldconfig

# cd /usr/local/src
# tar jxf /SRC/samba-vscan-0.3.6b.tar.bz2
# cd samba-vscan-0.3.6b
# ./configure –with-samba-source=/usr/local/src/samba-3.0.21b/source/ –with-samba-version=3 –with-filetype
# make clamav
Do this when samba is already configured.
# cp vscan-clamav.so /etc/samba

# make
# make install

Configuring samba
—————–
# ln -s /usr/local/samba/lib/ /etc/samba
# cd /etc/samba

Edit smb.conf & vscan-clamav.conf

/etc/samba/smb.conf:

[temp]
comment = Temporary file space
path = /home/data/tmp
vfs object = vscan-clamav
vscan-clamav: config-file = /etc/samba/vscan-clamav.conf
read only = no
public = yes

/etc/samba/vscan-clamav.conf:
[samba-vscan]
max file size = 5000000
verbose file logging = no
scan on open = yes
scan on close = yes
deny access on error = yes
deny access on minor error = yes
send warning message = yes
infected file action = delete
quarantine directory = /tmp
quarantine prefix = vir-
max lru files entries = 100
lru file entry lifetime = 20
# these filetype below will not been scanned
# this's just a real example, add some wheen in need.
exclude file types = application/vnd.rn-realmedia;application/x-arc;application/x-archive;application/x-arj;application/x-awk;application/x-bittorrent;application/x-bzip2;application/x-compress;application/x-cpio;application/x-dbf;application/x-dbm;application/x-dv
clamd socket name = /var/run/clamav/clamd.sock
libclamav max files in archive = 1000
libclamav max archived file size = 10485760
libclamav max recursion level = 5
# cd /usr/local/bin/
# for i in /usr/local/samba/bin/*; do if [ -f $i ]; then j=`basename $i`; ln -s $i $j; fi; done
# cd /usr/local/include/
# for i in /usr/local/samba/include/*; do if [ -f $i ]; then j=`basename $i`; ln -s $i $j; fi; done
# cd /usr/local/sbin/
# for i in /usr/local/samba/sbin/*; do if [ -f $i ]; then j=`basename $i`; ln -s $i $j; fi; done

Man Path
——–
Just edit /etc/man.config and add this line: MANPATH /usr/local/samba/man

Library needed to mount smbfs
—————————
# cd /usr/local/lib
# ln -s /usr/local/samba/lib/libsmbclient.so libsmbclient.so
# ln -s /usr/local/samba/lib/libmsrpc.so libmsrpc.o
# cp /usr/local/src/samba-3.0.21b/source/bin/libsmbsharemodes.so /usr/local/lib
# cp /usr/local/src/samba-3.0.21b/source/nsswitch/libnss_winbind.so /usr/local/lib
# cp /usr/local/src/samba-3.0.21b/source/nsswitch/libnss_wins.so /usr/local/lib
# cd /lib/
# ln -sf /usr/local/lib/libnss_winbind.so libnss_winbind.so
# ln -sf /usr/local/lib/libnss_wins.so libnss_wins.so
# echo /usr/local/lib >> /etc/ld.so.conf
# ldconfig
# mkdir /var/log/samba

Start Samba
# mnbd -D && smbd -D

Make directory contains sample virus on folder Public & do some test to copy
the viruses into folder docs.

Install (Add/Remove) Software using local repository (FC5)

Hanya mendokumentasikan Step-step bagimana cara menginstall (Add/Remove) Software using local repository di Fedora Core 5,

Referensi: fedora core 5 – Add Remove Software ( Yum – Pirot – Local Repository )

First, Local Repository

I create my local repository in folder "/var/www/html/yum/base". In this folder I copy:

* the entire first CD of fc5,
* the 2,3,4,5 CD I copy only the ".rpm" files to "/var/www/html/yum/base/Fedora/RPMS"

Second, yum configuration in folder "/etc/yum.repos.d"

I create this file "fedora-core.repo" and inside it fill in :

* [Local-Install]
* name=Fedora Core $releasever – $basearch
* baseurl=file:///var/www/html/yum/base
* enabled=1
* gpgcheck=1
* gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora file:///etc/pki/rpm-gpg/RPM-GPG-KEY

and check the others file with name like "fedora-******.repo" and inside it change :

* …
* enabled=0 #disable it…!
* …

and NOW I can install (Add/Remove) Software using local repository.

Linux keyboard shortcuts – 2.0

There are several keyboard shortcuts in Linux. Learning them can make your life a lot easier! This tuXfile discusses mainly command line shortcuts, but some X Window System shortcuts are also included.

Author: Nana Långstedt < nana.langstedt at gmail.com >
tuXfile created: 1 February 2002
Last modified: 10 December 2005

  • Virtual terminals

Ctrl + Alt + F1
Switch to the first virtual terminal. In Linux, you can have several virtual terminals at the same time. The default is 6.

Ctrl + Alt + Fn
Switch to the nth virtual terminal. Because the number of virtual terminals is 6 by default, n = 1…6.

tty
Typing the tty command tells you what virtual terminal you're currently working in.

Ctrl + Alt + F7
Switch to the GUI. If you have X Window System running, it runs in the seventh virtual terminal by default. If X isn't running, this terminal is empty.

  • X Window System

Ctrl + Alt + +
Switch to the next resolution in the X Window System. This works if you've configured more than one resolution for your X server. Note that you must use the + in your numpad.

Ctrl + Alt + –
Switch to the previous X resolution. Use the – in your numpad.

MiddleMouseButton
Paste the highlighted text. You can highlight the text with your left mouse button (or with some other highlighting method, depending on the application you're using), and then press the middle mouse button to paste. This is the traditional way of copying and pasting in the X Window System, but it may not work in some X applications.

If you have a two-button mouse, pressing both of the buttons at the same time has the same effect as pressing the middle one. If it doesn't, you must enable 3-mouse-button emulation.

This works also in text terminals if you enable the gpm service.

Ctrl + Alt + Backspace
Kill the X server. Use this if X crashes and you can't exit it normally. If you've configured your X Window System to start automatically at bootup, this restarts the server and throws you back to the graphical login screen.

  • Command line – input

Home or Ctrl + a
Move the cursor to the beginning of the current line.

End or Ctrl + e
Move the cursor to the end of the current line.

Alt + b
Move the cursor to the beginning of the current or previous word. Note that while this works in virtual terminals, it may not work in all graphical terminal emulators, because many graphical applications already use this as a menu shortcut by default.

Alt + f
Move the cursor to the end of the next word. Again, like with all shortcuts that use Alt as the modifier, this may not work in all graphical terminal emulators.

Tab
Autocomplete commands and file names. Type the first letter(s) of a command, directory or file name, press Tab and the rest is completed automatically! If there are more commands starting with the same letters, the shell completes as much as it can and beeps. If you then press Tab again, it shows you all the alternatives.

This shortcut is really helpful and saves a lot of typing! It even works at the lilo prompt and in some X applications.

Ctrl + u
Erase the current line.

Ctrl + k
Delete the line from the position of the cursor to the end of the line.

Ctrl + w
Delete the word before the cursor.

  • Command line – output

Shift + PageUp
Scroll terminal output up.

Shift + PageDown
Scroll terminal output down.

clear
The clear command clears all previously executed commands and their output from the current terminal.

Ctrl + l
Does exactly the same as typing the clear command.

reset
If you mess up your terminal, use the reset command. For example, if you try to cat a binary file, the terminal starts showing weird characters. Note that you may not be able to see the command when you're typing it.

  • Command line – history

history
When you type the history command, you'll see a list of the commands you executed previously.

ArrowUp or Ctrl + p
Scroll up in the history and edit the previously executed commands. To execute them, press Enter like you normally do.

ArrowDown or Ctrl + n
Scroll down in the history and edit the next commands.

Ctrl + r
Find the last command that contained the letters you're typing. For example, if you want to find out the last action you did to a file called "file42.txt", you'll press Ctrl + r and start typing the file name. Or, if you want to find out the last parameters you gave to the "cp" command, you'll press Ctrl + r and type in "cp".

  • Command line – misc

Ctrl + c
Kill the current process.

Ctrl + z
Send the current process to background. This is useful if you have a program running, and you need the terminal for awhile but don't want to exit the program completely. Then just send it to background with Ctrl+z, do whatever you want, and type the command fg to get the process back.

Ctrl + d
Log out from the current terminal. If you use this in a terminal emulator under X, this usually shuts down the terminal emulator after logging you out.

Ctrl + Alt + Del
Reboot the system. You can change this behavior by editing /etc/inittab if you want the system to shut down instead of rebooting.

The powerful bash wildcards – 2.0

Without these cool little things called shell wildcards, working on the Linux command line is pretty painful. So make sure you put the wildcards into good use!

Author: Nana Långstedt < nana.langstedt at gmail.com >
tuXfile created: 20 December 2001
Last modified: 22 September 2005

"What are shell wildcards"
 
Wildcards are a shell feature that makes the command line much more powerful than any GUI file managers. You see, if you want to select a big group of files in a graphical file manager, you usually have to select them with your mouse. This may seem simple, but in some cases it can be very frustrating. For example, suppose you have a directory with a huge amount of all kinds of files and subdirectories, and you decide to move all the HTML files, that have the word "linux" somewhere in the middle of their names, from that big directory into another directory. What's a simple way to do this? If the directory contains a huge amount of differently named HTML files, your task is everything but simple!

In the Linux CLI that task is just as simple to perform as moving only one HTML file, and it's so easy because of the shell wildcards. Wildcards are special characters that allow you to select filenames that match certain patterns of characters. This helps you to select even a big group of files with typing just a few characters, and in most cases it's easier than selecting the files with a mouse.

Here's a list of the most commonly used wildcards in bash:

Wildcard Matches
* zero or more characters
? exactly one character
[abcde] exactly one character listed
[a-e] exactly one character in the given range
[!abcde] any character that is not listed
[!a-e] any character that is not in the given range
{debian,linux} exactly one entire word in the options given

You can use wildcards with any command that accepts file names as arguments.

 

Wildcard examples

Let's have a few examples. Probably the * character is already familiar to you, because it's widely used in many other places, too, not just in Linux. For example, the following removes every file from the current directory:
$ rm *

The following command moves all the HTML files, that have the word "linux" in their names, from the working directory into a directory named dir1:
$ mv *linux*.html dir1

See, I told you that moving multiple files can be just as simple as moving only one file!

The following displays all files that begin with d and end with .txt:
$ less d*.txt

The following command removes all files whose names begin with junk., followed by exactly three characters:
$ rm junk.???

With this command you list all files or directories whose names begin with hda, followed by exactly one numeral:
$ ls hda[0-9]

This lists all files or directories beginning with hda, followed by exactly two numerals:
$ ls hda[0-9][0-9]

The following lists all files or directories whose name starts with either hd or sd, followed by any single character between a and c:
$ ls {hd,sd}[a-c]

This command copies all files, that begin with an uppercase letter, to directory dir2:
$ cp [A-Z]* dir2

This deletes all files that don't end with c, e, h or g:
$ rm *[!cehg]

The humble Linux cheat sheet

A small Linux cheat sheet, introducing the very basic and very essential commands for surviving at the Linux CLI.

Moving around in the file system
Command Action
pwd "Print working directory" – show what dir you're in.
ls List the contents of a dir.
ls -l List the contents of a dir and show additional info of the files.
ls -a List all files, including hidden files.
cd Change directory.
cd .. Go to the parent directory.
Examining files
Command Action
file Determine the type of a file.
cat Concatenate a file.
less View text files and paginate them if needed.
Manipulating files and directories
Command Action
cp Copy a file.
cp -i Copy a file and ask before overwriting.
cp -r Copy a directory with its contents.
mv Move or rename a file.
mv -i Move or rename a file and ask before overwriting.
rm Remove a file.
rm -r Remove a directory with its contents.
rm -i Ask before removing a file. Good to use with the -r option.
mkdir Make a directory.
rmdir Remove an empty directory.

Redirecting standard input and output – 2.0

Many CLI programs use a feature called input/output redirection. This powerful feature allows you to "glue" simple commands together in order to construct more complex commands.

Author: Nana Långstedt < nana.langstedt at gmail.com >
tuXfile created: 20 December 2001
Last modified: 22 September 2005

  • Standard output

Many Linux commands print their output to screen. For example, ls does this when it lists the contents of a directory: you see the output, the directory listing, on your screen. cat does the same: it concatenates a file and sends the results to your screen, and thus you can see the file's contents. But the screen isn't the only place where the commands can print their output because you can redirect the output of several commands to files, devices, and even to the input of other commands.

The CLI programs that display their results do so usually by sending the results to standard output, or stdout for short. By default, standard output directs its contents to the screen, as you've seen with the ls and cat commands. But if you want to direct the output to somewhere else, you can use the > character. For example, to redirect the output to a file, you can use the > character like this:
$ ls > dir_listing.txt

The above redirects the output of the ls command to a file called dir_listing.txt. Because the output is redirected to a file, you don't see any results of ls on your screen.

Each time you repeat the above command, the file dir_listing.txt is overwritten with the results of the ls command. If you want to append the new results to the file instead of rewriting it, you can use >> instead:
$ ls >> dir_listing.txt

Each time you repeat the above command, the new output of ls is added at the end of the dir_listing.txt file instead of overwriting the file.

The following adds the contents of File1 at the end of File2:
$ cat File1 >> File2

Like I told you before, files aren't the only places where you can redirect the standard output. You can redirect it to devices, too:
$ cat sound.wav > /dev/audio

As you saw, in the above example the cat command concatenates a file named sound.wav and the results are sent to a device called /dev/audio. What's the fun here, then? /dev/audio is the audio device, and when you send there the contents of a sound file, that file is played. So if your sound is properly configured, the above command plays the file sound.wav!

  • Standard input

Many commands accept input from standard input, or stdin for short. By default, standard input reads information from your keyboard, but just like standard output, it can be redirected. Let's examine this a bit.

We can use a little program called tac when experimenting. tac reads standard input and then displays it to you with all the lines reversed (compare tac to cat). You can first see how tac works when it reads the input from your keyboard. Just give the command tac and type a few lines of text, using Enter for starting new lines. Then press Ctrl+D when you're done. See how tac then displays the text with all the lines reversed?

me@puter: ~$ tac
totally
stupid useless random
text
text
stupid useless random
totally
me@puter: ~$

When used like this, tac is pretty useless. But you can redirect the input so that tac gets it from a file instead of the keyboard. You can do it with the < character, like this:
$ tac < list_az.txt

In the example above tac reads the input from a file called list_az.txt and sends the results to standard output. Because the output isn't redirected anywhere, it's displayed on your screen, where you see the lines of lines_az.txt in reverse order.

You can also redirect both a command's input and output:
$ tac < list_az.txt > list_za.txt

The above does the same thing as the previous command, but in this case the results aren't displayed on your screen. Because the output is redirected, the results are written to a file called list_za.txt which then contains the same lines as list_az.txt but in reverse order.

  • Piping

So far, we've examined redirecting the input and output of programs. But things are getting even better: you can actually take the output of one program and send it to another as the input. This is called piping. With pipes, you can "glue" multiple commands together in a powerful way. The following is maybe one of the most common ways of using pipes:
$ ls | less

In the example above, the standard output of ls is sent to less. This is especially useful if a directory has so much contents that they all don't fit on your screen when you do ls. When you send the results of the ls command to less, you can scroll the directory listing. With this handy "| less" thing you can scroll the output of any command.

You can use pipes with many commands, but one of the most common and useful ones is grep. grep is a program that examines every line of the standard input it gets and searches for a specified pattern of characters. Then it sends to standard output every line that contains those characters.

For example, suppose we have a text file called applist.txt and we want to find out what lines of it contain the word "desktop". It's easy with pipes. We list the contents of the file applist.txt and send the results to grep, which then filters all lines containing the desired word "desktop", and displays those lines on your screen:
$ cat applist.txt | grep desktop

Note that grep is, like many Linux commands, case sensitive. This means that the above matches only "desktop", not "Desktop" or "DESKTOP". With the -i option the search is case insensitive:
$ cat applist.txt | grep -i desktop

What if you'd like to scroll the output of grep? Well, because grep sends its results to standard output, you can just pipe them to less:
$ cat applist.txt | grep -i desktop | less

Of course you can redirect the output of grep to a file, if you want:
$ cat applist.txt | grep -i desktop > desktop.txt

Input/output redirection is a very useful feature, and when you get more familiar with the CLI and learn more commands, you'll start to appreciate this powerful feature more and more.