<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter 20. Stackable VFS modules</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.61.2"><link rel="home" href="index.html" title="Samba HOWTO Collection"><link rel="up" href="optional.html" title="Part III. Advanced Configuration"><link rel="previous" href="CUPS-printing.html" title="Chapter 19. CUPS Printing Support"><link rel="next" href="winbind.html" title="Chapter 21. Winbind: Use of Domain Accounts"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 20. Stackable VFS modules</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="CUPS-printing.html">Prev</a> </td><th width="60%" align="center">Part III. Advanced Configuration</th><td width="20%" align="right"> <a accesskey="n" href="winbind.html">Next</a></td></tr></table><hr></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="VFS"></a>Chapter 20. Stackable VFS modules</h2></div><div><div class="author"><h3 class="author"><span class="firstname">Jelmer</span> <span class="othername">R.</span> <span class="surname">Vernooij</span></h3><div class="affiliation"><span class="orgname">The Samba Team<br></span><div class="address"><p><tt class="email"><<a href="mailto:jelmer@samba.org">jelmer@samba.org</a>></tt></p></div></div></div></div><div><div class="author"><h3 class="author"><span class="firstname">John</span> <span class="othername">H.</span> <span class="surname">Terpstra</span></h3><div class="affiliation"><span class="orgname">Samba Team<br></span><div class="address"><p><tt class="email"><<a href="mailto:jht@samba.org">jht@samba.org</a>></tt></p></div></div></div></div><div><div class="author"><h3 class="author"><span class="firstname">Tim</span> <span class="surname">Potter</span></h3><div class="affiliation"><span class="orgname">Samba Team<br></span><div class="address"><p><tt class="email"><<a href="mailto:tpot@samba.org">tpot@samba.org</a>></tt></p></div></div></div></div><div><div class="author"><h3 class="author"><span class="firstname">Simo</span> <span class="surname">Sorce</span></h3><span class="contrib">original vfs_skel README</span></div></div><div><div class="author"><h3 class="author"><span class="firstname">Alexander</span> <span class="surname">Bokovoy</span></h3><span class="contrib">original vfs_netatalk docs</span></div></div><div><div class="author"><h3 class="author"><span class="firstname">Stefan</span> <span class="surname">Metzmacher</span></h3><span class="contrib">Update for multiple modules</span></div></div></div><div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><a href="VFS.html#id2892931">Features and Benefits</a></dt><dt><a href="VFS.html#id2892949">Discussion</a></dt><dt><a href="VFS.html#id2893350">Included Modules</a></dt><dd><dl><dt><a href="VFS.html#id2893357">audit</a></dt><dt><a href="VFS.html#id2893393">extd_audit</a></dt><dt><a href="VFS.html#fakeperms">fake_perms</a></dt><dt><a href="VFS.html#id2893584">recycle</a></dt><dt><a href="VFS.html#id2893819">netatalk</a></dt></dl></dd><dt><a href="VFS.html#id2893861">VFS Modules Available Elsewhere</a></dt><dd><dl><dt><a href="VFS.html#id2893883">DatabaseFS</a></dt><dt><a href="VFS.html#id2893952">vscan</a></dt></dl></dd></dl></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2892931"></a>Features and Benefits</h2></div></div><div></div></div><p> Since Samba-3, there is support for stackable VFS (Virtual File System) modules. Samba passes each request to access the UNIX file system through the loaded VFS modules. This chapter covers all the modules that come with the Samba source and references to some external modules. </p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2892949"></a>Discussion</h2></div></div><div></div></div><p> If not supplied with your platform distribution binary Samba package you may have problems compiling these modules, as shared libraries are compiled and linked in different ways on different systems. They currently have been tested against GNU/Linux and IRIX. </p><p> To use the VFS modules, create a share similar to the one below. The important parameter is the <a class="indexterm" name="id2892968"></a>vfs objects parameter where you can list one or more VFS modules by name. For example, to log all access to files and put deleted files in a recycle bin, see <a href="VFS.html#vfsrecyc" title="Example 20.1. smb.conf with VFS modules">next configuration</a>: </p><div class="example"><a name="vfsrecyc"></a><p class="title"><b>Example 20.1. smb.conf with VFS modules</b></p><table class="simplelist" border="0" summary="Simple list"><tr><td> </td></tr><tr><td><i class="parameter"><tt>[audit]</tt></i></td></tr><tr><td><i class="parameter"><tt> comment = Audited /data directory</tt></i></td></tr><tr><td><i class="parameter"><tt> path = /data</tt></i></td></tr><tr><td><i class="parameter"><tt> vfs objects = audit recycle</tt></i></td></tr><tr><td><i class="parameter"><tt> writeable = yes</tt></i></td></tr><tr><td><i class="parameter"><tt> browseable = yes</tt></i></td></tr></table></div><p> </p><p> The modules are used in the order in which they are specified. Let's say that you want to both have a virus scanner module and a recycle bin module. It is wise to put the virus scanner module as the first one so that it is the first that get run an may detect a virus immediately, before any action is performed on that file. <a class="indexterm" name="id2893115"></a>vfs objects = vscan-clamav recycle </p><p> Samba will attempt to load modules from the <tt class="filename">/lib</tt> directory in the root directory of the Samba installation (usually <tt class="filename">/usr/lib/samba/vfs</tt> or <tt class="filename">/usr/local/samba/lib/vfs </tt>). </p><p> Some modules can be used twice for the same share. This can be done using a configuration similar to the one shown in <a href="VFS.html#multimodule" title="Example 20.2. smb.conf with multiple VFS modules">the following example</a>. </p><div class="example"><a name="multimodule"></a><p class="title"><b>Example 20.2. smb.conf with multiple VFS modules</b></p><table class="simplelist" border="0" summary="Simple list"><tr><td> </td></tr><tr><td><i class="parameter"><tt>[test]</tt></i></td></tr><tr><td><i class="parameter"><tt> comment = VFS TEST</tt></i></td></tr><tr><td><i class="parameter"><tt> path = /data</tt></i></td></tr><tr><td><i class="parameter"><tt> writeable = yes</tt></i></td></tr><tr><td><i class="parameter"><tt> browseable = yes</tt></i></td></tr><tr><td><i class="parameter"><tt> vfs objects = example:example1 example example:test</tt></i></td></tr><tr><td><i class="parameter"><tt> example1: parameter = 1</tt></i></td></tr><tr><td><i class="parameter"><tt> example: parameter = 5</tt></i></td></tr><tr><td><i class="parameter"><tt> test: parameter = 7</tt></i></td></tr></table></div><p> </p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2893350"></a>Included Modules</h2></div></div><div></div></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2893357"></a>audit</h3></div></div><div></div></div><p> A simple module to audit file access to the syslog facility. The following operations are logged: </p><div class="itemizedlist"><ul type="disc"><li>share</li><li>connect/disconnect</li><li>directory opens/create/remove</li><li>file open/close/rename/unlink/chmod</li></ul></div><p> </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2893393"></a>extd_audit</h3></div></div><div></div></div><p> This module is identical with the <b class="command">audit</b> module above except that it sends audit logs to both syslog as well as the <b class="command">smbd</b> log files. The <a class="indexterm" name="id2893421"></a>log level for this module is set in the <tt class="filename">smb.conf</tt> file. </p><p> Valid settings and the information that will be recorded are shown in <a href="VFS.html#xtdaudit" title="Table 20.1. Extended Auditing Log Information">the next table</a>. </p><div class="table"><a name="xtdaudit"></a><p class="title"><b>Table 20.1. Extended Auditing Log Information</b></p><table summary="Extended Auditing Log Information" border="1"><colgroup><col><col></colgroup><thead><tr><th align="center">Log Level</th><th align="center">Log Details - File and Directory Operations</th></tr></thead><tbody><tr><td align="center">0</td><td align="left">Creation / Deletion</td></tr><tr><td align="center">1</td><td align="left">Create / Delete / Rename / Permission Changes</td></tr><tr><td align="center">2</td><td align="left">Create / Delete / Rename / Perm Change / Open / Close</td></tr></tbody></table></div></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="fakeperms"></a>fake_perms</h3></div></div><div></div></div><p> This module was created to allow Roaming Profile files and directories to be set (on the Samba server under UNIX) as read only. This module will, if installed on the Profiles share, report to the client that the Profile files and directories are writable. This satisfies the client even though the files will never be overwritten as the client logs out or shuts down. </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2893584"></a>recycle</h3></div></div><div></div></div><p> A Recycle Bin-like module. Where used, unlink calls will be intercepted and files moved to the recycle directory instead of being deleted. This gives the same effect as the <span class="guiicon">Recycle Bin</span> on Windows computers. </p><p> The <span class="guiicon">Recycle Bin</span> will not appear in <span class="application">Windows Explorer</span> views of the network file system (share) nor on any mapped drive. Instead, a directory called <tt class="filename">.recycle</tt> will be automatically created when the first file is deleted. Users can recover files from the <tt class="filename">.recycle</tt> directory. If the <i class="parameter"><tt>recycle:keeptree</tt></i> has been specified, deleted files will be found in a path identical with that from which the file was deleted. </p><p>Supported options for the <b class="command">recycle</b> module are as follow: </p><div class="variablelist"><dl><dt><span class="term">recycle:repository</span></dt><dd><p> Relative path of the directory where deleted files should be moved. </p></dd><dt><span class="term">recycle:keeptree</span></dt><dd><p> Specifies whether the directory structure should be kept or if the files in the directory that is being deleted should be kept separately in the recycle bin. </p></dd><dt><span class="term">recycle:versions</span></dt><dd><p> If this option is set, two files with the same name that are deleted will both be kept in the recycle bin. Newer deleted versions of a file will be called “<span class="quote"><span class="emphasis"><em>Copy #x of <i class="replaceable"><tt>filename</tt></i></em></span></span>”. </p></dd><dt><span class="term">recycle:touch</span></dt><dd><p> Specifies whether a file's access date should be touched when the file is moved to the recycle bin. </p></dd><dt><span class="term">recycle:maxsize</span></dt><dd><p> Files that are larger than the number of bytes specified by this parameter will not be put into the recycle bin. </p></dd><dt><span class="term">recycle:exclude</span></dt><dd><p> List of files that should not be put into the recycle bin when deleted, but deleted in the regular way. </p></dd><dt><span class="term">recycle:exclude_dir</span></dt><dd><p> Contains a list of directories. When files from these directories are deleted, they are not put into the recycle bin but are deleted in the regular way. </p></dd><dt><span class="term">recycle:noversions</span></dt><dd><p> Opposite of <i class="parameter"><tt>recycle:versions</tt></i>. If both options are specified, this one takes precedence. </p></dd></dl></div><p> </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2893819"></a>netatalk</h3></div></div><div></div></div><p> A netatalk module will ease co-existence of Samba and netatalk file sharing services. </p><p>Advantages compared to the old netatalk module: </p><div class="itemizedlist"><ul type="disc"><li><p>Does not care about creating .AppleDouble forks, just keeps them in sync.</p></li><li><p>If a share in <tt class="filename">smb.conf</tt> does not contain .AppleDouble item in hide or veto list, it will be added automatically.</p></li></ul></div><p> </p></div></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2893861"></a>VFS Modules Available Elsewhere</h2></div></div><div></div></div><p> This section contains a listing of various other VFS modules that have been posted but do not currently reside in the Samba CVS tree for one reason or another (e.g., it is easy for the maintainer to have his or her own CVS tree). </p><p> No statements about the stability or functionality of any module should be implied due to its presence here. </p><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2893883"></a>DatabaseFS</h3></div></div><div></div></div><p> URL: <a href="http://www.css.tayloru.edu/~elorimer/databasefs/index.php" target="_top">http://www.css.tayloru.edu/~elorimer/databasefs/index.php</a> </p><p>By <a href="mailto:elorimer@css.tayloru.edu" target="_top">Eric Lorimer.</a></p><p> I have created a VFS module that implements a fairly complete read-only filesystem. It presents information from a database as a filesystem in a modular and generic way to allow different databases to be used (originally designed for organizing MP3s under directories such as “<span class="quote"><span class="emphasis"><em>Artists,</em></span></span>” “<span class="quote"><span class="emphasis"><em>Song Keywords,</em></span></span>” and so on. I have since easily applied it to a student roster database.) The directory structure is stored in the database itself and the module makes no assumptions about the database structure beyond the table it requires to run. </p><p> Any feedback would be appreciated: comments, suggestions, patches, and so on. If nothing else, hopefully it might prove useful for someone else who wishes to create a virtual filesystem. </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2893952"></a>vscan</h3></div></div><div></div></div><p>URL: <a href="http://www.openantivirus.org/" target="_top">http://www.openantivirus.org/</a></p><p> <tt class="filename">samba-vscan</tt> is a proof-of-concept module for Samba, which uses the VFS (virtual file system) features of Samba 2.2.x/3.0 alphaX. Of course, Samba has to be compiled with VFS support. <tt class="filename">samba-vscan</tt> supports various virus scanners and is maintained by Rainer Link. </p></div></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="CUPS-printing.html">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="optional.html">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="winbind.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">Chapter 19. CUPS Printing Support </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> Chapter 21. Winbind: Use of Domain Accounts</td></tr></table></div></body></html>