To use the VFS modules, create a share similar to the one below. The important parameter is the vfs objects parameter where you can list one or more VFS modules by name. For example, to log all access to files and put deleted files in a recycle bin, see the smb.conf with VFS modules example:

Example 23.1. smb.conf with VFS modules

[audit]
comment = Audited /data directory
path = /data
vfs objects = audit recycle
writeable = yes
browseable = yes

The modules are used in the order in which they are specified. Let’s say that you want to both have a virus scanner module and a recycle bin module. It is wise to put the virus scanner module as the first one so that it is the first to get run and may detect a virus immediately, before any action is performed on that file. vfs objects = vscan-clamav recycle

Samba will attempt to load modules from the /lib directory in the root directory of the Samba installation (usually /usr/lib/samba/vfs or /usr/local/samba/lib/vfs).

Some modules can be used twice for the same share. This can be done using a configuration similar to the one shown in the smb.conf with multiple VFS modules.

Example 23.2. smb.conf with multiple VFS modules

[test]
comment = VFS TEST
path = /data
writeable = yes
browseable = yes
vfs objects = example:example1 example example:test
example1: parameter = 1
example: parameter = 5
test: parameter = 7

Included Modules

audit

A simple module to audit file access to the syslog facility. The following operations are logged:

share

connect/disconnect

directory opens/create/remove

file open/close/rename/unlink/chmod

default_quota

This module allows the default quota values, in the windows explorer GUI, to be stored on a Samba-3 server. The challenge is that linux filesystems only store quotas for users and groups, but no default quotas.

Samba returns NO_LIMIT as the default quotas by default and refuses to update them. With this module you can store the default quotas that are reported to a windows client, in the quota record of a user. By default the root user is taken because quota limits for root are typically not enforced.

This module takes 2 parametric entries in the smb.conf file. The default prefix for each is the “default_quota”. This can be overwrittem when you load the module in the vfs modules parameter like this:

vfs objects = default_quota:myprefix
The parametric entries that may be specified for the default_quotas module are:

myprefix:uid
This parameter takes a integer argument that specifies the uid of the quota record that will be used for storing the default user quotas.

The default value is 0 (for root user). An example of use is:

vfs objects = default_quota
default_quota: uid = 65534
The above demonstrates the case where the myprefix was omitted, thus the default prefix is the name of the module. When a myprefix parameter is specified the above can be re-written like this:

vfs objects = default_quota:myprefix
myprefix: uid = 65534
myprefix:uid nolimit
This parameter takes a boolean argument that specifies if the stored default quota values also be reported for the user record, or if the value NO_LIMIT should be reported to the windows client for the user specified by the prefix:uid parameter.

The default value is yes (which means to report NO_LIMIT). An example of use is shown here:

vfs objects = default_quota:myprefix
myprefix: uid nolimit = no
myprefix:gid
This parameter takes an integer argument, it’s just like the prefix>:uid but for group quotas. NOTE: group quotas are not supported from the windows explorer.

The default value is 0 (for root group). An example of use is shown here:

vfs objects = default_quota
default_quota: gid = 65534
myprefix:gid nolimit
This parameter takes a boolean argument, just like the prefix>:uid nolimit but for group quotas. NOTE: group quotas are not supported from the windows explorer.

The default value is yes (which means to report NO_LIMIT). An example of use is shown here:

vfs objects = default_quota
default_quota: uid nolimit = no
An example of use of multiple parametric specifications is shown here:


vfs objects = default_quota:quotasettings
quotasettings: uid nolimit = no
quotasettings: gid = 65534
quotasettings: gid nolimit = no

to delete file from trash
use this useful script (thanks to Duncan)

#!/usr/bin/perl -w
# v1.0
# Copyright (c) Duncan McNutt May 2008. Free for personal use.
# Please send enhancements & bug reports back to me duncan _at_ aranea net
# For commercial use, please contact me.
#
# This script will clean out samba 3.x vfs recycle trash/rubbish bins.
# It looks for all files with an access date older than a certain number of
# days and deletes them. Empty directories will be deleted as well.
#
# There is a lot of outdated information on the recycle feature of samba.
# For up to date documentation on the recycle feature, see:
# http://www.samba.org/samba/docs/man/manpages-3/vfs_recycle.8.html
#

# List of the shares with recycle bins goes here, use colons “:” to separate
# the different directories.
$recycledirs = “/home/exampledir:/home3/groupshare:/home/you-didnt-configure-this-yet”;

# If I have time I will write a smb.conf parsing script to get it from there,
# but don’t hold your breath.

# If you are paranoid (like me) and don’t trust scripts that delete things
# without testing them first, then set this to one for dry runs.
# This is a good idea the first time you run this script, you may have mistyped
# a directory above…
# This can be 0 for off and 1 for on.
$testing = 0;

# After how many day in the recycle bin should the files be removed?
# Most people seem to think a week is fine.
$maxage = 7;

# The next parameter needs to be set depending on how the recycle system
# handles the dating of the “deleted” files. Most administrators “touch”
# (update the timestamp) on the files to mark the date they were moved to the
# recycle bin. This allows you to use scripts such as this to delete them
# later based on thier age.
#
# There are two ways to mark the files that were moved to the recycle bin:
# “recycle:touch specifies whether a file’s access date should be updated when
# the file is moved to the repository.
# So if you use “recycle:touch = true” then use “atime” below
# “recycle:touch_mtime specifies whether a file’s last modified date should be
# updated when the file is moved to the repository.
# So if you use “recycle:touch_mtime = true” then use “mtime” below
#
# ATTENTION: you must set either the touch or the touch_mtime for each recycle
# entry in smb.conf for this script to work!!!
#
# As most of the tips in the internet use touch, atime is the default.
#$modifiedtime = “mtime”;
$modifiedtime = “atime”;

# Following is the name of the recycle bin, the default is “.recycle”
# This can be changed with the “recycle:repository = ” option in smb.conf
$recyclename = “.recycle”;

# Extra messages for each action is printed when “verbose” is on.
# 0 means be quite; 1 means print informative output, 2 means print everything
$verbose = 1;

# ——————————————————
# END OF CONFIG
# ——————————————————

@dirs = split(/:/, $recycledirs);
if ($testing) { $verbose = 2; }

foreach (@dirs) {
if (! -d $_ ) {
print “ERROR IN CONFIG OF $0 , this is not a directory: $_\n”;
next;
}
$dirpath = “$_/$recyclename”;
if (! -d $_ ) {
print “ERROR IN CONFIG OF $0 , this not a directory: $dirpath\n”;
next;
}
if ($verbose) { print “Processing directory: $dirpath\n”; }

# Delete all old files older than maxage.
#`find “$dirpath” -$modifiedtime +$maxage -delete`;
@a=`find “$dirpath” -$modifiedtime +$maxage`;
if ($verbose) { $count = 0; print “Deleting files: ” };
$count = 0;
foreach (@a) {
chomp($_);
if ($verbose) { $count++; ($verbose==2 ? print “$_ ” : print “.”) };
if (! $testing) {
unlink($_);
}
}
if ($verbose) { print “\nDeleted $count files.\n” };

# Delete the empty directories.
# The mindepth makes sure we do not delete the recycle directory itself.
# `find “$dirpath” -mindepth 1 -type d -empty -delete`;
@a=`find “$dirpath” -mindepth 1 -type d -empty | sort -r`;
foreach (@a) {
if ($verbose) { print “Deleting empty directory: $_” };
if (! $testing) {
chomp($_);
rmdir ($_);
}
}
}

Advertisements