How to create and configure scanning module of Bitdefender Security for Samba

Bitdefender Security for Samba enables organizations to deploy antivirus and antispyware protection for their Samba network shares running on Linux, FreeBSD and Solaris systems. Deployed and maintained centrally within the network, Security for Samba scans cross-platform data structures and file stores for malware, keeping network users safe from virus infection;
In order to create the Bitdefender for Samba scanning module you have to follow the next procedure:

Find out the samba version installed:

# smbd -V

A) For RPM-based distributions (and samba versions above 3.4.x, for older versions you may also use B section):

         1.  Download the corresponding samba RPM sources package (src.rpm) from an official ftp/http server

         2.  Unpack it:

# rpm -ivh samba-3.4.3-3.5.3.src.rpm

         3.  Go to /usr/src/packages/SPECS (Suse) or /usr/src/redhat/SPECS (other distributions) and build the sources:

# rpmbuild -bc samba.spec

If you receive any error running the previous command, please try:

# rpmbuild -bp samba.spec

         4.  Then go to sources directory in samba sources /usr/src/{packages,redhat}/BUILD/samba-{vers} directory:

# cd ../BUILD/samba-{vers}/source

for samba versions less than 3.4.x or

# cd ../BUILD/samba-{vers}/source3

for samba versions newer than 3.4.x

          5.  Create the necessary header files:

# ./configure && make headers

For samba versions newer than 3.4.x:

# ./configure && make pch

         6.  Create the Makefile:

# cd /opt/Bitdefender/share/src

If your samba version is newer then 3.3.x, you should replace the archive in /opt/Bitdefender/share/src with a newer one taken from http://unices.bitdefender.com/wp-content/uploads/2011/04/BitDefender-Samba-vfs.tar.gz

# wget http://unices.bitdefender.com/wp-content/uploads/2011/04/BitDefender-Samba-vfs.tar.gz

# tar xzvf Bitdefender-Samba-vfs.tar.gz

# cd Bitdefender-Samba-vfs

# ./configure --with-samba-source=/usr/src/packages/BUILD/samba-{vers}/

or

./configure --with-samba-source=/usr/src/redhat/BUILD/samba-{vers}/

depending on your configuration.

(./configure --help will show all the available options; however the above parameter is mandatory)

B) For other distributions:

         1.  Download the samba sources from the official download locations (e.g. http://www.samba.org/samba/ftp/old-versions/):

         2.  Unpack it:

# tar xzvf samba-3.4.2.tar.gz

         3.  Enter the samba sources directory and create the header files

# cd samba-3.4.2/source3

# ./configure && make pch

         4.  Afterwards, we'll have to proceed to the final step, creating the Makefile:

# cd /opt/Bitdefender/share/src

If your samba version is newer then 3.3.x, you should replace the archive in /opt/Bitdefender/share/src with a newer one taken from http://unices.bitdefender.com/wp-content/uploads/2011/04/BitDefender-Samba-vfs.tar.gz

# wget http://unices.bitdefender.com/wp-content/uploads/2011/04/BitDefender-Samba-vfs.tar.gz

# tar xzvf Bitdefender-Samba-vfs.tar.gz

# cd Bitdefender-Samba-vfs

# ./configure --with-samba-source=/root/samba-3.4.2

(./configure --help will show all the available options; however, the above parameter is mandatory)

We took /root/samba-3.4.2 directory as reference, supposing that we downloaded and unpacked the tarball in /root directory)

From now on the required steps are common for all distributions.

# make && make install

As a final step you may want to create a symlink from /vfs/bdvfs.so module to the location of your samba libraries, usually /usr/lib/samba/vfs

# ln -s /vfs/bdvfs.so /usr/lib/samba/vfs

If you didn't already put the module in that location using "--with-install-dir" option within "--configure" command above.

For Samba versions newer than 3.4.x ,the sym link should be created like this:


# ln -s /vfs/bdvfs3.so /usr/lib/samba/vfs

Samba VFS Module Configuration:

By default, the 'smb.conf' file in a pre-defined location (- '/etc/samba/smb.conf' for Linux and '/usr/local/etc/smb.conf' for FreeBSD).

You can override this default hard-coded search path by running the following command.

# bdsafe samba vfs confpath [newpath]

The newpath parameter must be the fully-qualified path to the 'smb.conf' file, not the directory in which the 'smb.conf' file is located (e.g. '/etc/smb.conf' not '/etc').

         NOTE: The Bitdefender Registry Service must be running in order to change the 'smb.conf' file location.

To find out detailed information on the status of the Bitdefender Samba VFS module, run this command.

# bdsafe samba vfs status [sharename]

If the optional 'sharename' parameter is specified, the information is displayed for that share only.

The Bitdefender Samba VFS module is activated/deactivated on a per-share basis. You can activate/deactivate it by running one of the the following commands:

# bdsafe samba vfs enable [sharename]

# bdsafe samba vfs disable [sharename]

At the same time, you can define a different set of actions to be taken for each share, based on malware type, by running one of the following commands:

# bdsafe samba vfs oninfected [sharename] [newacts]

# bdsafe samba vfs onsuspected [sharename] [newacts]

# bdsafe samba vfs onriskware [sharename] [newacts]

You can set the failure action for the Samba share specified by the 'sharename' parameter, by running the following command:

# bdsafe samba vfs failureaction [sharename] [newval]



Rate this article:

Submit