Context Navigation

vfs_scannedonly.8@ 620

Visit:

Last change on this file since 620 was 620, checked in by Herwig Bauernfeind, 14 years ago
Samba 3.5: Update trunk to 3.5.11
File size: 6.0 KB

Rev	Line
[596]	1	'\" t
[429]	2	.\" Title: vfs_scannedonly
	3	.\" Author: [see the "AUTHOR" section]
[596]	4	.\" Generator: DocBook XSL Stylesheets v1.75.2 <http://docbook.sf.net/>
[620]	5	.\" Date: 08/02/2011
[429]	6	.\" Manual: System Administration tools
	7	.\" Source: Samba 3.5
	8	.\" Language: English
	9	.\"
[620]	10	.TH "VFS_SCANNEDONLY" "8" "08/02/2011" "Samba 3\&.5" "System Administration tools"
[429]	11	.\" -----------------------------------------------------------------
	12	.\" * set default formatting
	13	.\" -----------------------------------------------------------------
	14	.\" disable hyphenation
	15	.nh
	16	.\" disable justification (adjust text to left margin only)
	17	.ad l
	18	.\" -----------------------------------------------------------------
	19	.\" * MAIN CONTENT STARTS HERE *
	20	.\" -----------------------------------------------------------------
[596]	21	.SH "NAME"
[429]	22	vfs_scannedonly \- Ensures that only files that have been scanned for viruses are visible and accessible to the end user\&.
[596]	23	.SH "SYNOPSIS"
[429]	24	.HP \w'\ 'u
[596]	25	vfs objects = scannedonly
[429]	26	.SH "DESCRIPTION"
	27	.PP
	28	This VFS module is part of the
	29	\fBsamba\fR(8)
	30	suite\&.
	31	.PP
	32	The
[596]	33	vfs_scannedonly
[429]	34	VFS module ensures that only files that have been scanned for viruses are visible and accessible to the end user\&. If non\-scanned files are found an anti\-virus scanning daemon is notified\&. The anti\-virus scanning daemon is not part of the Samba suite\&.
	35	.PP
	36	Scannedonly comes in two parts: a samba vfs module and (one or more) daemons\&. The daemon scans files\&. If a certain file is clean, a second file is created with prefix
[596]	37	\&.scanned:\&. The Samba module simply looks if such a
	38	\&.scanned:
[429]	39	file exists, and is newer than the pertinent file\&. If this is the case, the file is shown to the user\&. If this is not the case, the file is not returned in a directory listing (configurable), and cannot be opened (configurable)\&. The Samba vfs module will notify the daemon to scan this file\&.
	40	.PP
	41	So what happens for the user in the default configuration\&. The first time a directory is listed, it shows files as \'file is being scanned for viruses, but after the first time all files are shown\&. There is a utility scannedonly_prescan that can help you to prescan all directories\&. When new files are written the daemon is notified immediately after the file is complete\&.
	42	.PP
	43	If a virus is found by the daemon, a file with a warning message is created in the directory of the user, a warning is sent to the logs, and the file is renamed to have prefix
[596]	44	\&.virus:\&. Files with the
	45	\&.virus:
[429]	46	prefix are never shown to the user and all access is denied\&.
	47	.PP
	48	This module is stackable\&.
	49	.SH "CONFIGURATION"
	50	.PP
[596]	51	vfs_scannedonly
[429]	52	relies on a anti\-virus scanning daemon that listens on the scannedonly socket (unix domain socket or UDP socket)\&.
	53	.SH "OPTIONS"
	54	.PP
	55	scannedonly:domain_socket = True
	56	.RS 4
	57	Whether to use a unix domain socket or not (false reverts to use udp)
	58	.RE
	59	.PP
	60	scannedonly:socketname = /var/lib/scannedonly/scan
	61	.RS 4
	62	The location of the unix domain socket to connect to
	63	.RE
	64	.PP
	65	scannedonly:portnum = 2020
	66	.RS 4
	67	The udp port number to connect to
	68	.RE
	69	.PP
	70	scannedonly:scanhost = localhost
	71	.RS 4
	72	When using UDP the host that runs the scanning daemon (this host needs access to the files!)
	73	.RE
	74	.PP
	75	scannedonly:show_special_files = True
	76	.RS 4
	77	Whether sockets, devices and fifo\'s (all not scanned for viruses) should be visible to the user
	78	.RE
	79	.PP
	80	scannedonly:rm_hidden_files_on_rmdir = True
	81	.RS 4
[596]	82	Whether files that are not visible (\&.scanned:
[429]	83	files,
[596]	84	\&.failed:
[429]	85	files and
[596]	86	\&.virus:
[429]	87	files) should be deleted if the user tries to remove the directory\&. If false, the user will get the "directory is not empty" error\&.
	88	.RE
	89	.PP
	90	scannedonly:hide_nonscanned_files = True
	91	.RS 4
	92	If false, all non\-scanned files are visible in directory listings\&. If such files are found in a directory listing the scanning daemon is notified that scanning is required\&. Access to non\-scanned files is still denied (see scannedonly:allow_nonscanned_files)\&.
	93	.RE
	94	.PP
	95	scannedonly:scanning_message = is being scanned for viruses
	96	.RS 4
	97	If non\-scanned files are hidden (if scannedonly:hide_nonscanned_files = True), a fake 0 byte file is shown\&. The filename is the original filename with the message as suffix\&.
	98	.RE
	99	.PP
	100	scannedonly:recheck_time_open = 50
	101	.RS 4
	102	If a non\-scanned file is opened, the vfs module will wait recheck_tries_open times for recheck_time_open milliseconds for the scanning daemon to create a
[596]	103	\&.scanned:
[429]	104	file\&. For small files that are scanned by the daemon within the time (tries * time) the behavior will be just like on\-access scanning\&.
	105	.RE
	106	.PP
	107	scannedonly:recheck_tries_open = 100
	108	.RS 4
	109	See recheck_time_open\&.
	110	.RE
	111	.PP