6 <author><firstname>Simo</firstname><surname>Sorce</surname><contrib>original vfs_skel README</contrib></author>
7 <author><firstname>Alexander</firstname><surname>Bokovoy</surname><contrib>original vfs_netatalk docs</contrib></author>
8 <author><firstname>Stefan</firstname><surname>Metzmacher</surname><contrib>Update for multiple modules</contrib></author>
10 <title>Stackable VFS modules</title>
13 <title>Features and Benefits</title>
16 Since Samba-3, there is support for stackable VFS (Virtual File System) modules.
17 Samba passes each request to access the UNIX file system through the loaded VFS modules.
18 This chapter covers all the modules that come with the Samba source and references to
19 some external modules.
26 <title>Discussion</title>
29 If not supplied with your platform distribution binary Samba package you may have problems
30 compiling these modules, as shared libraries are compiled and linked in different ways
31 on different systems. They currently have been tested against GNU/Linux and IRIX.
35 To use the VFS modules, create a share similar to the one below. The
36 important parameter is the <smbconfoption><name>vfs objects</name></smbconfoption> parameter where
37 you can list one or more VFS modules by name. For example, to log all access
38 to files and put deleted files in a recycle bin, see <link linkend="vfsrecyc">next configuration</link>:
40 <smbconfexample id="vfsrecyc">
41 <title>smb.conf with VFS modules</title>
42 <smbconfsection>[audit]</smbconfsection>
43 <smbconfoption><name>comment</name><value>Audited /data directory</value></smbconfoption>
44 <smbconfoption><name>path</name><value>/data</value></smbconfoption>
45 <smbconfoption><name>vfs objects</name><value>audit recycle</value></smbconfoption>
46 <smbconfoption><name>writable</name><value>yes</value></smbconfoption>
47 <smbconfoption><name>browseable</name><value>yes</value></smbconfoption>
52 The modules are used in the order in which they are specified.
53 Let's say that you want to both have a virus scanner module and a recycle
54 bin module. It is wise to put the virus scanner module as the first one so
55 that it is the first that get run an may detect a virus immediately, before
56 any action is performed on that file.
57 <smbconfoption><name>vfs objects</name><value>vscan-clamav recycle</value></smbconfoption>
61 Samba will attempt to load modules from the <filename>/lib</filename> directory in the root directory of the
62 Samba installation (usually <filename>/usr/lib/samba/vfs</filename> or <filename>/usr/local/samba/lib/vfs
67 Some modules can be used twice for the same share.
68 This can be done using a configuration similar to the one shown in <link linkend="multimodule">the following example</link>.
70 <smbconfexample id="multimodule">
71 <title>smb.conf with multiple VFS modules</title>
72 <smbconfsection>[test]</smbconfsection>
73 <smbconfoption><name>comment</name><value>VFS TEST</value></smbconfoption>
74 <smbconfoption><name>path</name><value>/data</value></smbconfoption>
75 <smbconfoption><name>writeable</name><value>yes</value></smbconfoption>
76 <smbconfoption><name>browseable</name><value>yes</value></smbconfoption>
77 <smbconfoption><name>vfs objects</name><value>example:example1 example example:test</value></smbconfoption>
78 <smbconfoption><name>example1: parameter</name><value>1</value></smbconfoption>
79 <smbconfoption><name>example: parameter</name><value>5</value></smbconfoption>
80 <smbconfoption><name>test: parameter</name><value>7</value></smbconfoption>
87 <title>Included Modules</title>
93 A simple module to audit file access to the syslog
94 facility. The following operations are logged:
96 <listitem>share</listitem>
97 <listitem>connect/disconnect</listitem>
98 <listitem>directory opens/create/remove</listitem>
99 <listitem>file open/close/rename/unlink/chmod</listitem>
106 <title>extd_audit</title>
109 This module is identical with the <command>audit</command> module above except
110 that it sends audit logs to both syslog as well as the <command>smbd</command> log files. The
111 <smbconfoption><name>log level</name></smbconfoption> for this module is set in the &smb.conf; file.
115 Valid settings and the information that will be recorded are shown in <link linkend="xtdaudit">the next table</link>.
118 <table frame="all" id="xtdaudit">
119 <title>Extended Auditing Log Information</title>
120 <tgroup cols="2" align="center">
122 <row><entry align="center">Log Level</entry><entry>Log Details - File and Directory Operations</entry></row>
125 <row><entry align="center">0</entry><entry align="left">Creation / Deletion</entry></row>
126 <row><entry align="center">1</entry><entry align="left">Create / Delete / Rename / Permission Changes</entry></row>
127 <row><entry align="center">2</entry><entry align="left">Create / Delete / Rename / Perm Change / Open / Close</entry></row>
134 <sect2 id="fakeperms">
135 <title>fake_perms</title>
138 This module was created to allow Roaming Profile files and directories to be set (on the Samba server
139 under UNIX) as read only. This module will, if installed on the Profiles share, report to the client
140 that the Profile files and directories are writable. This satisfies the client even though the files
141 will never be overwritten as the client logs out or shuts down.
147 <title>recycle</title>
150 A Recycle Bin-like module. Where used, unlink calls will be intercepted and files moved
151 to the recycle directory instead of being deleted. This gives the same effect as the
152 <guiicon>Recycle Bin</guiicon> on Windows computers.
156 The <guiicon>Recycle Bin</guiicon> will not appear in <application>Windows Explorer</application> views of the network file system
157 (share) nor on any mapped drive. Instead, a directory called <filename>.recycle</filename> will be
158 automatically created when the first file is deleted. Users can recover files from the
159 <filename>.recycle</filename> directory. If the <parameter>recycle:keeptree</parameter> has been
160 specified, deleted files will be found in a path identical with that from which the file was deleted.
163 <para>Supported options for the <command>recycle</command> module are as follow:
166 <term>recycle:repository</term>
168 Relative path of the directory where deleted files should be moved.
173 <term>recycle:keeptree</term>
175 Specifies whether the directory structure should be kept or if the files in the directory that is being
176 deleted should be kept separately in the recycle bin.
181 <term>recycle:versions</term>
183 If this option is set, two files
184 with the same name that are deleted will both
185 be kept in the recycle bin. Newer deleted versions
186 of a file will be called <quote>Copy #x of <replaceable>filename</replaceable></quote>.
191 <term>recycle:touch</term>
193 Specifies whether a file's access date should be touched when the file is moved to the recycle bin.
198 <term>recycle:maxsize</term>
200 Files that are larger than the number of bytes specified by this parameter will not be put into the recycle bin.
205 <term>recycle:exclude</term>
207 List of files that should not be put into the recycle bin when deleted, but deleted in the regular way.
212 <term>recycle:exclude_dir</term>
214 Contains a list of directories. When files from these directories are
215 deleted, they are not put into the
216 recycle bin but are deleted in the
222 <term>recycle:noversions</term>
224 Opposite of <parameter>recycle:versions</parameter>. If both options are specified, this one takes precedence.
233 <title>netatalk</title>
236 A netatalk module will ease co-existence of Samba and netatalk file sharing services.
239 <para>Advantages compared to the old netatalk module:
241 <listitem><para>Does not care about creating .AppleDouble forks, just keeps them in sync.</para></listitem>
242 <listitem><para>If a share in &smb.conf; does not contain .AppleDouble item in hide or veto list, it will be added automatically.</para></listitem>
251 <title>VFS Modules Available Elsewhere</title>
254 This section contains a listing of various other VFS modules that
255 have been posted but do not currently reside in the Samba CVS
256 tree for one reason or another (e.g., it is easy for the maintainer
257 to have his or her own CVS tree).
261 No statements about the stability or functionality of any module
262 should be implied due to its presence here.
266 <title>DatabaseFS</title>
269 URL: <ulink noescape="1" url="http://www.css.tayloru.edu/~elorimer/databasefs/index.php">http://www.css.tayloru.edu/~elorimer/databasefs/index.php</ulink>
272 <para>By <ulink url="mailto:elorimer@css.tayloru.edu">Eric Lorimer.</ulink></para>
275 I have created a VFS module that implements a fairly complete read-only
276 filesystem. It presents information from a database as a filesystem in
277 a modular and generic way to allow different databases to be used
278 (originally designed for organizing MP3s under directories such as
279 <quote>Artists,</quote> <quote>Song Keywords,</quote> and so on. I have since easily
280 applied it to a student
281 roster database.) The directory structure is stored in the
282 database itself and the module makes no assumptions about the database
283 structure beyond the table it requires to run.
287 Any feedback would be appreciated: comments, suggestions, patches,
288 and so on. If nothing else, hopefully it might prove useful for someone
289 else who wishes to create a virtual filesystem.
297 <para>URL: <ulink noescape="1" url="http://www.openantivirus.org/">http://www.openantivirus.org/</ulink></para>
300 <filename>samba-vscan</filename> is a proof-of-concept module for Samba, which
301 uses the VFS (virtual file system) features of Samba 2.2.x/3.0
302 alphaX. Of course, Samba has to be compiled with VFS support.
303 <filename>samba-vscan</filename> supports various virus scanners and is maintained