After-Access Anti-Virus

While I’m not claiming that Linux is a virus-free operating system. It’s very rare to be faced with any critical virus like those normally-found on Windows.

I has setup several Linux boxes for the file-sharing service. While the most of Windows virus wouldn’t affect to the linux box directly, my Linux boxes will become the virus carriers. That’s why I need anti-virus on Linux.

There’s some effort to provide on-access virus scan like ClamFS or samba-vscan. These efforts are very likely try to emulate live scan in Windows anti-virus software. But what I’m really need is to prevent my Linux boxes from being the carrier so I’m thinking about after-access anti-virus.

The idea is quite simple, any file that written into the disk should be scan immediately. For the users’ aspect, the file will be open upon the time they request it. There will be very low latency for this scheme. But after all users finished with their files, every files on the server will be guaranteed that they are all virus clean.

The implementation is fairly simple and not invasive to others service. I use pyinotify combined with pyclamd. Most code came from both library tutorial so I decide to use it internally for a while and hope this can be released to the world when it ready.


Today, after a short “j-walking”, I found a blog introduce me an interesting program called vrms.

It’s just a simple program that scan all deb packages installed on the machine and  notify you if there’re some of the packages which isn’t free.

The funniest part is the program’s name, it’s an abbreviate from Virtual Richard M. Stallman.

While I don’t really think any End-User will be care about software license at all. (They even pirated some.) Top-Down free software subsinary is on the way. Large corporation in Thailand has started to deploy OO.o in scale of thousands machines. I’m sure we’ll see a lot more very soon.

My History


wason@wason-thinkpad-r61:~$ history|awk '{a[$2]++} END{for(i in a){printf "%5d\t%s\n",a[i],i}}'|sort -rn|head
89 ssh
75 sudo
53 cd
45 ls
40 make
30 ifconfig
29 ping
21 iwconfig
10 svn
10 man

เห็นมาจาก Kamthorn

Upgrading Trac on Ubuntu 6.06

Yesterday, my client request new some features on Trac. Those features are already available in the recent version and through some plugins. After a night of research, I decide to migrate from Trac 0.9 which available in the reposity to Trac 0.11b2 which is the most recent version available.

Upgrading is quite complicated but I think it’s worth. I struct with a few problems while upgrading so here is a few notes about what you should know before upgrade.

  • If you want to be sure that plugins will be work, you have to install Genshi 0.5 which is available from svn. Genshi 0.4.4 is block many plugins to be working.
    • EasyInstall via pypi incorrectly download OSX version instead of Linux version.
    • EasyInstall from python egg on the web is working fine but incompatible with many modules.
  • WebAdmin is just integrated as a core Trac module. But you have to grant TRAC_ADMIN permission to yourself before you able to see the menu.
  • In some situation, you may be have to resync to repository before get Trac work.
  • Upgrading from 0.9 to 0.11 work fine. No need for 0.10 at all.
  • Restart Apache after you get all things done.