Project

General

Profile

Tâche #13586

Distribution EOLE - Scénario #13756: Assistance aux utilisateurs (45-47)

Signaler le problème "antivirus en temps réel" à Samba

Added by Emmanuel GARETTE over 5 years ago. Updated over 5 years ago.

Status:
Fermé
Priority:
Normal
Assigned To:
Start date:
10/12/2015
Due date:
% Done:

100%

Estimated time:
4.00 h
Spent time:
Remaining (hours):
0.0

Related issues

Related to eole-fichier - Demande #12454: Impossible d'accéder au répertoire IntegrDom avec son chemin réseau Horus/Scribe Classée sans suite
Related to Distribution EOLE - Tâche #16861: Anomalie Clamav avec activation temps réel sur SMB Reporté 01/05/2015

History

#1 Updated by Emmanuel GARETTE over 5 years ago

  • Status changed from Nouveau to En cours

#3 Updated by Emmanuel GARETTE over 5 years ago

  • % Done changed from 0 to 20
  • Remaining (hours) changed from 4.0 to 3.0

Mail envoyé : https://lists.samba.org/archive/samba/2015-October/195035.html

J'attends maintenant les retours.

#5 Updated by Klaas TJEBBES over 5 years ago

Pour reproduire avec un eolebase :

apt-eole install eole-fichier-common eole-fichier-common-pkg

/etc/samba/smb.conf :

# Global parameters
[global]
        # configuration du serveur
        netbios name = srvbase25
        workgroup = dombase25
        server string = aca
        wins support = yes
        dns proxy = no
        domain master = no
        os level = 99
        unix extensions = no
        nt acl support = yes
        wide links = yes
        oplocks = no
        level2 oplocks = no
        vfs objects = scannedonly
        scannedonly:allow_nonscanned_files=True
        store dos attributes = no

## partages multiples
[share]
    path = /home/share
    browseable = yes
    writeable = yes

Ajouter l'utilisateur Samba "eole"

smbpasswd -a eole

Créer les dossiers, le lien symbolique et donner les droits d'écriture à "eole" :

mkdir /home/share
mkdir /home/test
ln -s /home/test /home/share/
chown eole:eole /home/share
chown eole:eole /home/test

Redémarrer les services :

service clamav-freshclam restart
service clamav-daemon restart
service scannedonly restart
service nmbd restart; service smbd restart

Depuis un poste windows naviguer vers "\\<ip_serveur>\share", "test" doit s'afficher comme dossier.

Ensuite faire bugger l'affichage du dossier "test" :

#!/bin/bash

function chr() {
    declare -i i=$1
    c=$(printf \\$(printf '%03o' $i))
    echo $c
}

for i in `seq 97 122`
do
    j=$(chr $i)
    head -c 5000 /dev/urandom > /home/share/$j.exe
done

Sur le poste windows, retourner dans la fenêtre de l'explorateur affichant le partage et appuyer sur F5.
Le dossier "test" est affiché comme si c'était un fichier.

#6 Updated by Daniel Dehennin over 5 years ago

Il semble qu’une autre option soit d’utiliser ClamFS disponible en version 1.0.1 sur Ubuntu Trusty.

#7 Updated by Joël Cuissinat over 5 years ago

  • Status changed from En cours to Nouveau
  • Parent task changed from #13532 to #13756

#8 Updated by Klaas TJEBBES over 5 years ago

  • Assigned To changed from Emmanuel GARETTE to Daniel Dehennin

Confirmer la reproductibilité à coup sûr de la procédure décrite en note #5.

#9 Updated by Klaas TJEBBES over 5 years ago

  • Remaining (hours) changed from 3.0 to 1.0

#10 Updated by Scrum Master over 5 years ago

  • Status changed from Nouveau to En cours

#11 Updated by Daniel Dehennin over 5 years ago

  1. Install Ubuntu Trusty Thar server, normal user called ubuntu
  2. Install samba
    root@ubuntu:~# apt-get install samba samba-vfs-modules
    
  3. Install clamav
    root@ubuntu:~# apt-get install clamav
    
  4. Download clamav database
    root@ubuntu:~# freshclam
    
  5. Install scannedonly
    root@ubuntu:~# wget http://eole.ac-dijon.fr/eole/pool/main/s/scannedonly/scannedonly_0.21-1_amd64.deb
    root@ubuntu:~# dpkg -i scannedonly_0.21-1_amd64.deb
    
  6. Edit samba configuration to add
    root@ubuntu:~# cat > /etc/samba/smb.conf <<EOF
    [global]
            netbios name = srvtest
            workgroup = domtest
            server string = srvtest
            wins support = yes
            dns proxy = no
            domain master = no
            os level = 99
            unix extensions = no
            nt acl support = yes
            wide links = yes
            oplocks = no
            level2 oplocks = no
            vfs objects = scannedonly
            scannedonly:allow_nonscanned_files=True
            store dos attributes = no
            log file = /var/log/samba/log.%m
            max log size = 1000
            syslog = 0
            panic action = /usr/share/samba/panic-action %d
            server role = standalone server
            passdb backend = tdbsam
            obey pam restrictions = yes
            unix password sync = yes
            passwd program = /usr/bin/passwd %u
            passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
            pam password change = yes
            map to guest = bad user
            usershare allow guests = yes
    [printers]
            comment = All Printers
            browseable = no
            path = /var/spool/samba
            printable = yes
            guest ok = no
            read only = yes
            create mask = 0700
    [print$]
            comment = Printer Drivers
            path = /var/lib/samba/printers
            browseable = yes
            read only = yes
            guest ok = no
    [share]
            path = /home/share
            browseable = yes
            writeable = yes
    EOF
    
  7. Prepare directories
    root@ubuntu:~# mkdir -p /home/share/test
    root@ubuntu:~# chown -R ubuntu:ubuntu /home/share
    
  8. Restart services
    root@ubuntu:~# service nmbd restart; service smbd restart
    
  9. Add ubuntu user to samba
    smbpasswd -a ubuntu
    
  10. Explore \\srvtest\share on a windows machine (tested with windows 7) => test is a directory
  11. Run the following command to make thing buggy
    root@ubuntu:~# for letter in {a..z}; do head -c 5000 /dev/urandom > /home/share/${letter}.exe; done
    
  12. Refresh the Explorer window => test is an unknown file
  13. Delete all .exe files
    root@ubuntu:~# rm -f /home/share/*.exe
    
  14. Refresh the explorer => test is an unknown file
  15. Delete all .scanned files
    root@ubuntu:~# rm -f /home/share/.scanned*
    
  16. Refresh the explorer => test is a directory

#12 Updated by Daniel Dehennin over 5 years ago

  • % Done changed from 20 to 60
  • Remaining (hours) changed from 1.0 to 0.5

#13 Updated by Daniel Dehennin over 5 years ago

Ouverture d’un rapport de bug chez Samba.

#14 Updated by Scrum Master over 5 years ago

  • Status changed from En cours to Résolu

#15 Updated by Joël Cuissinat over 5 years ago

  • Status changed from Résolu to Fermé
  • Remaining (hours) changed from 0.5 to 0.0

Référence ajoutée dans la page wiki : ContributionsExterieures

#16 Updated by Daniel Dehennin over 5 years ago

  • % Done changed from 60 to 100

Also available in: Atom PDF