Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

vscand(1m) [opensolaris man page]

vscand(1M)						  System Administration Commands						vscand(1M)

NAME

       vscand - vscan service daemon

SYNOPSIS

       /usr/lib/vscan/vscand

DESCRIPTION

       vscand  is  the	daemon	that  handles  virus  scan requests from file systems on file open and close operations. A file system may support
       enabling and disabling of virus scanning on a per dataset basis, using that file system's administrative command, for example zfs(1M).

       If the file state or scan policy (see vscanadm(1M) requires that a file be scanned, vscand communicates	with  external	third-party  virus
       scanners (scan engines) using the Internet Content Adaptation Protocol (ICAP, RFC 3507) to have the file scanned.

       A  file is submitted to a scan engine if it has been modified since it was last scanned, or if it has not been scanned with the latest scan
       engine configuration (Virus definitions). The file's modified attribute and scanstamp attribute are used to store  this	information.  Once
       the file is scanned, the modified attribute is cleared and the scanstamp attribute is updated.

       If  the	file  is found to contain a virus, the virus is logged in syslogd(1M), an audit record is written, and the file is quarantined (by
       setting its quarantine attribute). Once a file is quarantined, attempts to read, execute or rename the file will be denied by the file sys-
       tem.  The syslogd(1M) entry and the audit record specify the name of the infected file and the violations detected in the file. Each viola-
       tion is specified as "ID - threat description", where ID and threat description are defined in the  X-Infection-Found-Header  in  ICAP  RFC
       3507; Extensions.

       By  default,  vscand  connects  to  scan  engines on port 1344. The port and other service configuration parameters can be configured using
       vscanadm(1M).

       The vscan service is disabled by default, and can be enabled using svcadm(1M).

EXIT STATUS

       The following exit values are returned:

       0	   Daemon started successfully.

       non-zero    Daemon failed to start.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWvscanu		   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Uncommitted		   |
       +-----------------------------+-----------------------------+

SEE ALSO

       ps(1), svcs(1), logadm(1M), svcadm(1M), syslogd(1M), vscandadm(1M), zfs(1M), attributes(5), smf(5)

NOTES

       If a file is accessed using a protocol which does not invoke the file system open and close operations, for example NFSv3,  virus  scanning
       is not initiated on the file.

       File content is transferred to the scan engines as cleartext data.

       Administrative  actions for the vscan service, such as enabling, disabling, or requesting a restart, can be performed using svcadm(1M). The
       vscan service status can be queried using the svcs(1) command.

       The vscan service is managed by the service management facility, smf(5), under the service identifier:

	 svc:/system/filesystem/vscan

SunOS 5.11							    6 Nov 2007								vscand(1M)

Check Out this Related Man Page

idmapd(1M)						  System Administration Commands						idmapd(1M)

NAME

       idmapd - Native Identity Mapping service daemon

SYNOPSIS

       /usr/lib/idmapd

DESCRIPTION

       The idmapd daemon maps Windows Security Identifiers (SIDs) to POSIX Identifiers (UIDs/GIDs) and conversely.

       The idmap(1M) utility provides a front end to the idmapd daemon.

FILES

       /var/idmap/idmap.db

	   Database  in  which	to  store  local name-based ID mapping rules. The contents of the database are private. The database should not be
	   accessed or modified directly.

       /var/run/idmap/idmap.db

	   Database in which to cache ID mappings that are generated by ephemeral ID mapping and by name-based mapping. The contents of the  data-
	   base are private. The database should not be accessed or modified directly.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWcsu			   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |See below.		   |
       +-----------------------------+-----------------------------+

       Interface stability for these components is as follows:

       svc:/system/idmap

	   Committed

       /var/idmap/idmap.db

	   Project Private

       /var/run/idmap/idmap.db

	   Project Private

SEE ALSO

       svcs(1), idmap(1M), svcadm(1M), svccfg(1M), defaultdomain(4), attributes(5), smf(5)

NOTES

       The idmapd service is managed by the service management facility (SMF). The service identifier for the idmapd service is svc:/system/idmap.

       Use  the  svcadm  command  to perform administrative actions on this service, such as enabling, disabling, or restarting the service. These
       actions require the solaris.smf.manage.idmap authorization. Use the svcs command to query the service's status.

       The functionality of this daemon might change in a future release of the Solaris operating system.

SunOS 5.11							    5 June 2007 							idmapd(1M)
Man Page