From 3fb359aa5698e393f37765ab279b5a4ba366f965 Mon Sep 17 00:00:00 2001 From: Olivier Sessink Date: Mon, 18 Jan 2010 11:40:33 +0100 Subject: s3-docs: Add man page for vfs_scannedonly. Fix bug #7028. --- docs-xml/manpages-3/vfs_scannedonly.8.xml | 243 ++++++++++++++++++++++++++++++ 1 file changed, 243 insertions(+) create mode 100644 docs-xml/manpages-3/vfs_scannedonly.8.xml (limited to 'docs-xml/manpages-3/vfs_scannedonly.8.xml') diff --git a/docs-xml/manpages-3/vfs_scannedonly.8.xml b/docs-xml/manpages-3/vfs_scannedonly.8.xml new file mode 100644 index 0000000000..1f72e93ba4 --- /dev/null +++ b/docs-xml/manpages-3/vfs_scannedonly.8.xml @@ -0,0 +1,243 @@ + + + + + + vfs_scannedonly + 8 + Samba + System Administration tools + 3.6 + + + + + vfs_scannedonly + Ensures that only files that have been scanned for viruses are + visible and accessible to the end user. + + + + + vfs objects = scannedonly + + + + + DESCRIPTION + + This VFS module is part of the + samba + 8 suite. + + The vfs_scannedonly VFS module ensures that + only files that have been scanned for viruses are visible and accessible + to the end user. If non-scanned files are found an anti-virus scanning + daemon is notified. The anti-virus scanning daemon is not part of the + Samba suite. + + + Scannedonly comes in two parts: a samba vfs module and (one or + more) daemons. The daemon scans files. If a certain file is clean, + a second file is created with prefix .scanned:. + The Samba module simply looks if such a .scanned: + file exists, and is newer than the pertinent file. If this is the case, + the file is shown to the user. If this is not the case, the file is not + returned in a directory listing (configurable), and cannot be opened + (configurable). The Samba vfs module will notify the daemon to scan + this file. + + + So what happens for the user in the default configuration. The + first time a directory is listed, it shows files as 'file is being + scanned for viruses, but after the first time all files are shown. + There is a utility scannedonly_prescan that can help you to prescan + all directories. When new files are written the daemon is notified + immediately after the file is complete. + + + If a virus is found by the daemon, a file with a warning message + is created in the directory of the user, a warning is sent to the logs, + and the file is renamed to have prefix .virus:. + Files with the .virus: prefix are never shown to + the user and all access is denied. + + + This module is stackable. + + + + + CONFIGURATION + + vfs_scannedonly relies on a anti-virus scanning + daemon that listens on the scannedonly socket (unix domain socket or UDP + socket). + + + + + OPTIONS + + + + scannedonly:domain_socket = True + + Whether to use a unix domain socket or not (false reverts + to use udp) + + + + + + scannedonly:socketname = /var/lib/scannedonly/scan + + The location of the unix domain socket to connect to + + + + + scannedonly:portnum = 2020 + + The udp port number to connect to + + + + scannedonly:scanhost = localhost + + + When using UDP the host that runs the scanning daemon (this host + needs access to the files!) + + + + scannedonly:show_special_files = True + + + Whether sockets, devices and fifo's (all not scanned for + viruses) should be visible to the user + + + + scannedonly:rm_hidden_files_on_rmdir = True + + + Whether files that are not visible (.scanned: + files, .failed: files and .virus: + files) should be deleted if the user tries to remove + the directory. If false, the user will get the "directory is not + empty" error. + + + + scannedonly:hide_nonscanned_files = True + + + If false, all non-scanned files are visible in directory listings. + If such files are found in a directory listing the scanning daemon + is notified that scanning is required. Access to non-scanned files + is still denied (see scannedonly:allow_nonscanned_files). + + + + scannedonly:scanning_message = is being scanned for + viruses + + + If non-scanned files are hidden + (if scannedonly:hide_nonscanned_files = True), a fake 0 byte file + is shown. The filename is the original filename with the message + as suffix. + + + + scannedonly:recheck_time_open = 50 + + + If a non-scanned file is opened, the vfs module will wait + recheck_tries_open times for recheck_time_open milliseconds for + the scanning daemon to create a .scanned: + file. For small files that are scanned by the daemon within the + time (tries * time) the behavior will be just like on-access + scanning. + + + + scannedonly:recheck_tries_open = 100 + + + See recheck_time_open. + + + + scannedonly:recheck_time_readdir = 50 + + + If a non-scanned file is in a directory listing the vfs module + notifies the daemon (once for all files that need scanning in + that directory), and waits recheck_tries_readdir times for + recheck_time_readdir milliseconds. Only used when + hide_nonscanned_files is false. + + + + scannedonly:recheck_tries_readdir = 20 + + + See recheck_time_readdir. + + + + scannedonly:allow_nonscanned_files = False + + + Allow access to non-scanned files. The daemon is notified, + however, and special files such as .scanned: + files. .virus: files and + .failed: files are not listed. + + + + + + + + + EXAMPLES + + Enable anti-virus scanning: + + + scannedonly + False + + + + + + CAVEATS + + This is not true on-access scanning. However, it is very fast + for files that have been scanned already. + + + + + VERSION + + This man page is correct for version 3.6.0 of the Samba suite. + + + + + AUTHOR + + The original Samba software and related utilities + were created by Andrew Tridgell. Scannedonly was + developed for Samba by Olivier Sessink. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed. + + + + -- cgit