summaryrefslogtreecommitdiff
path: root/docs/htmldocs/manpages/vfs_scannedonly.8.html
diff options
context:
space:
mode:
Diffstat (limited to 'docs/htmldocs/manpages/vfs_scannedonly.8.html')
-rw-r--r--docs/htmldocs/manpages/vfs_scannedonly.8.html90
1 files changed, 0 insertions, 90 deletions
diff --git a/docs/htmldocs/manpages/vfs_scannedonly.8.html b/docs/htmldocs/manpages/vfs_scannedonly.8.html
deleted file mode 100644
index f4a72bf3be..0000000000
--- a/docs/htmldocs/manpages/vfs_scannedonly.8.html
+++ /dev/null
@@ -1,90 +0,0 @@
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>vfs_scannedonly</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.75.2"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" title="vfs_scannedonly"><a name="vfs_scannedonly.8"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>vfs_scannedonly &#8212; Ensures that only files that have been scanned for viruses are
- visible and accessible to the end user.</p></div><div class="refsynopsisdiv" title="Synopsis"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="literal">vfs objects = scannedonly</code></p></div></div><div class="refsect1" title="DESCRIPTION"><a name="id266341"></a><h2>DESCRIPTION</h2><p>This VFS module is part of the
- <a class="citerefentry" href="samba.8.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(8)</span></a> suite.</p><p>The <code class="literal">vfs_scannedonly</code> VFS module ensures that
- only files that have been scanned for viruses are visible and accessible
- to the end user. If non-scanned files are found an anti-virus scanning
- daemon is notified. The anti-virus scanning daemon is not part of the
- Samba suite.
- </p><p>Scannedonly comes in two parts: a samba vfs module and (one or
- more) daemons. The daemon scans files. If a certain file is clean,
- a second file is created with prefix <code class="filename">.scanned:</code>.
- The Samba module simply looks if such a <code class="filename">.scanned:</code>
- file exists, and is newer than the pertinent file. If this is the case,
- the file is shown to the user. If this is not the case, the file is not
- returned in a directory listing (configurable), and cannot be opened
- (configurable). The Samba vfs module will notify the daemon to scan
- this file.
- </p><p>So what happens for the user in the default configuration. The
- first time a directory is listed, it shows files as 'file is being
- scanned for viruses, but after the first time all files are shown.
- There is a utility scannedonly_prescan that can help you to prescan
- all directories. When new files are written the daemon is notified
- immediately after the file is complete.
- </p><p>If a virus is found by the daemon, a file with a warning message
- is created in the directory of the user, a warning is sent to the logs,
- and the file is renamed to have prefix <code class="filename">.virus:</code>.
- Files with the <code class="filename">.virus:</code> prefix are never shown to
- the user and all access is denied.
- </p><p>This module is stackable.</p></div><div class="refsect1" title="CONFIGURATION"><a name="id266871"></a><h2>CONFIGURATION</h2><p><code class="literal">vfs_scannedonly</code> relies on a anti-virus scanning
- daemon that listens on the scannedonly socket (unix domain socket or UDP
- socket).
- </p></div><div class="refsect1" title="OPTIONS"><a name="id266886"></a><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">scannedonly:domain_socket = True </span></dt><dd><p>Whether to use a unix domain socket or not (false reverts
- to use udp)
- </p></dd><dt><span class="term">scannedonly:socketname = /var/lib/scannedonly/scan</span></dt><dd><p>The location of the unix domain socket to connect to</p></dd><dt><span class="term">scannedonly:portnum = 2020</span></dt><dd><p>The udp port number to connect to
- </p></dd><dt><span class="term">scannedonly:scanhost = localhost</span></dt><dd><p>
- When using UDP the host that runs the scanning daemon (this host
- needs access to the files!)
- </p></dd><dt><span class="term">scannedonly:show_special_files = True</span></dt><dd><p>
- Whether sockets, devices and fifo's (all not scanned for
- viruses) should be visible to the user
- </p></dd><dt><span class="term">scannedonly:rm_hidden_files_on_rmdir = True</span></dt><dd><p>
- Whether files that are not visible (<code class="filename">.scanned:</code>
- files, <code class="filename">.failed:</code> files and <code class="filename">.virus:
- </code> files) should be deleted if the user tries to remove
- the directory. If false, the user will get the "directory is not
- empty" error.
- </p></dd><dt><span class="term">scannedonly:hide_nonscanned_files = True</span></dt><dd><p>
- If false, all non-scanned files are visible in directory listings.
- If such files are found in a directory listing the scanning daemon
- is notified that scanning is required. Access to non-scanned files
- is still denied (see scannedonly:allow_nonscanned_files).
- </p></dd><dt><span class="term">scannedonly:scanning_message = is being scanned for
- viruses</span></dt><dd><p>
- If non-scanned files are hidden
- (if scannedonly:hide_nonscanned_files = True), a fake 0 byte file
- is shown. The filename is the original filename with the message
- as suffix.
- </p></dd><dt><span class="term">scannedonly:recheck_time_open = 50</span></dt><dd><p>
- If a non-scanned file is opened, the vfs module will wait
- recheck_tries_open times for recheck_time_open milliseconds for
- the scanning daemon to create a <code class="filename">.scanned:</code>
- file. For small files that are scanned by the daemon within the
- time (tries * time) the behavior will be just like on-access
- scanning.
- </p></dd><dt><span class="term">scannedonly:recheck_tries_open = 100</span></dt><dd><p>
- See recheck_time_open.
- </p></dd><dt><span class="term">scannedonly:recheck_time_readdir = 50</span></dt><dd><p>
- If a non-scanned file is in a directory listing the vfs module
- notifies the daemon (once for all files that need scanning in
- that directory), and waits recheck_tries_readdir times for
- recheck_time_readdir milliseconds. Only used when
- hide_nonscanned_files is false.
- </p></dd><dt><span class="term">scannedonly:recheck_tries_readdir = 20</span></dt><dd><p>
- See recheck_time_readdir.
- </p></dd><dt><span class="term">scannedonly:allow_nonscanned_files = False</span></dt><dd><p>
- Allow access to non-scanned files. The daemon is notified,
- however, and special files such as <code class="filename">.scanned:</code>
- files. <code class="filename">.virus:</code> files and
- <code class="filename">.failed:</code> files are not listed.
- </p></dd></dl></div></div><div class="refsect1" title="EXAMPLES"><a name="id265908"></a><h2>EXAMPLES</h2><p>Enable anti-virus scanning:</p><pre class="programlisting">
- <em class="parameter"><code>[homes]</code></em>
- <a class="link" href="smb.conf.5.html#VFSOBJECTS" target="_top">vfs objects = scannedonly</a>
- <a class="link" href="smb.conf.5.html#SCANNEDONLY:HIDE_NONSCANNED_FILES" target="_top">scannedonly:hide_nonscanned_files = False</a>
-</pre></div><div class="refsect1" title="CAVEATS"><a name="id265951"></a><h2>CAVEATS</h2><p>This is not true on-access scanning. However, it is very fast
- for files that have been scanned already.
- </p></div><div class="refsect1" title="VERSION"><a name="id265962"></a><h2>VERSION</h2><p>This man page is correct for version 3.6.0 of the Samba suite.
- </p></div><div class="refsect1" title="AUTHOR"><a name="id265972"></a><h2>AUTHOR</h2><p>The original Samba software and related utilities
- were created by Andrew Tridgell. Scannedonly was
- developed for Samba by Olivier Sessink. Samba is now developed
- by the Samba Team as an Open Source project similar
- to the way the Linux kernel is developed.</p></div></div></body></html>
generated by cgit v1.2.3 (git 2.39.1) at 2025-06-17 12:02:30 +0000