#include "system/syslog.h"
#include "smbd/smbd.h"
#include "../librpc/gen_ndr/ndr_netlogon.h"
+#include "auth.h"
+#include "ntioctl.h"
+#include "lib/param/loadparm.h"
+#include "lib/util/bitmap.h"
static int vfs_full_audit_debug_level = DBGC_VFS;
{ LOG_LOCAL4, "LOCAL4" },
{ LOG_LOCAL5, "LOCAL5" },
{ LOG_LOCAL6, "LOCAL6" },
- { LOG_LOCAL7, "LOCAL7" }
+ { LOG_LOCAL7, "LOCAL7" },
+ { -1, NULL}
};
int facility;
{ LOG_WARNING, "WARNING" },
{ LOG_NOTICE, "NOTICE" },
{ LOG_INFO, "INFO" },
- { LOG_DEBUG, "DEBUG" }
+ { LOG_DEBUG, "DEBUG" },
+ { -1, NULL}
};
int priority;
}
result = talloc_sub_advanced(ctx,
lp_servicename(SNUM(conn)),
- conn->session_info->unix_name,
+ conn->session_info->unix_info->unix_name,
conn->connectpath,
- conn->session_info->utok.gid,
- conn->session_info->sanitized_username,
- conn->session_info->info3->base.domain.string,
+ conn->session_info->unix_token->gid,
+ conn->session_info->unix_info->sanitized_username,
+ conn->session_info->info->domain_name,
prefix);
TALLOC_FREE(prefix);
return result;
return result;
}
- pd = TALLOC_ZERO_P(handle, struct vfs_full_audit_private_data);
+ pd = talloc_zero(handle, struct vfs_full_audit_private_data);
if (!pd) {
SMB_VFS_NEXT_DISCONNECT(handle);
return -1;
}
-#ifndef WITH_SYSLOG
+#ifdef WITH_SYSLOG
openlog("smbd_audit", 0, audit_syslog_facility(handle));
#endif
static int smb_full_audit_get_shadow_copy_data(struct vfs_handle_struct *handle,
struct files_struct *fsp,
- SHADOW_COPY_DATA *shadow_copy_data, bool labels)
+ struct shadow_copy_data *shadow_copy_data,
+ bool labels)
{
int result;
return result;
}
-static SMB_STRUCT_DIRENT *smb_full_audit_readdir(vfs_handle_struct *handle,
+static struct dirent *smb_full_audit_readdir(vfs_handle_struct *handle,
SMB_STRUCT_DIR *dirp, SMB_STRUCT_STAT *sbuf)
{
- SMB_STRUCT_DIRENT *result;
+ struct dirent *result;
result = SMB_VFS_NEXT_READDIR(handle, dirp, sbuf);
return result;
}
-static char *smb_full_audit_getwd(vfs_handle_struct *handle,
- char *path)
+static char *smb_full_audit_getwd(vfs_handle_struct *handle)
{
char *result;
- result = SMB_VFS_NEXT_GETWD(handle, path);
+ result = SMB_VFS_NEXT_GETWD(handle);
- do_log(SMB_VFS_OP_GETWD, (result != NULL), handle, "%s", path);
+ do_log(SMB_VFS_OP_GETWD, (result != NULL), handle, "%s",
+ result == NULL? "" : result);
return result;
}
static NTSTATUS smb_full_audit_notify_watch(struct vfs_handle_struct *handle,
struct sys_notify_context *ctx,
- struct notify_entry *e,
+ const char *path,
+ uint32_t *filter,
+ uint32_t *subdir_filter,
void (*callback)(struct sys_notify_context *ctx,
void *private_data,
struct notify_event *ev),
{
NTSTATUS result;
- result = SMB_VFS_NEXT_NOTIFY_WATCH(handle, ctx, e, callback, private_data, handle_p);
+ result = SMB_VFS_NEXT_NOTIFY_WATCH(handle, ctx, path,
+ filter, subdir_filter, callback,
+ private_data, handle_p);
do_log(SMB_VFS_OP_NOTIFY_WATCH, NT_STATUS_IS_OK(result), handle, "");
/* Disk operations */
.connect_fn = smb_full_audit_connect,
- .disconnect = smb_full_audit_disconnect,
- .disk_free = smb_full_audit_disk_free,
- .get_quota = smb_full_audit_get_quota,
- .set_quota = smb_full_audit_set_quota,
- .get_shadow_copy_data = smb_full_audit_get_shadow_copy_data,
- .statvfs = smb_full_audit_statvfs,
- .fs_capabilities = smb_full_audit_fs_capabilities,
- .opendir = smb_full_audit_opendir,
- .fdopendir = smb_full_audit_fdopendir,
- .readdir = smb_full_audit_readdir,
- .seekdir = smb_full_audit_seekdir,
- .telldir = smb_full_audit_telldir,
- .rewind_dir = smb_full_audit_rewinddir,
- .mkdir = smb_full_audit_mkdir,
- .rmdir = smb_full_audit_rmdir,
- .closedir = smb_full_audit_closedir,
- .init_search_op = smb_full_audit_init_search_op,
- .open = smb_full_audit_open,
- .create_file = smb_full_audit_create_file,
+ .disconnect_fn = smb_full_audit_disconnect,
+ .disk_free_fn = smb_full_audit_disk_free,
+ .get_quota_fn = smb_full_audit_get_quota,
+ .set_quota_fn = smb_full_audit_set_quota,
+ .get_shadow_copy_data_fn = smb_full_audit_get_shadow_copy_data,
+ .statvfs_fn = smb_full_audit_statvfs,
+ .fs_capabilities_fn = smb_full_audit_fs_capabilities,
+ .opendir_fn = smb_full_audit_opendir,
+ .fdopendir_fn = smb_full_audit_fdopendir,
+ .readdir_fn = smb_full_audit_readdir,
+ .seekdir_fn = smb_full_audit_seekdir,
+ .telldir_fn = smb_full_audit_telldir,
+ .rewind_dir_fn = smb_full_audit_rewinddir,
+ .mkdir_fn = smb_full_audit_mkdir,
+ .rmdir_fn = smb_full_audit_rmdir,
+ .closedir_fn = smb_full_audit_closedir,
+ .init_search_op_fn = smb_full_audit_init_search_op,
+ .open_fn = smb_full_audit_open,
+ .create_file_fn = smb_full_audit_create_file,
.close_fn = smb_full_audit_close,
- .vfs_read = smb_full_audit_read,
- .pread = smb_full_audit_pread,
- .write = smb_full_audit_write,
- .pwrite = smb_full_audit_pwrite,
- .lseek = smb_full_audit_lseek,
- .sendfile = smb_full_audit_sendfile,
- .recvfile = smb_full_audit_recvfile,
- .rename = smb_full_audit_rename,
- .fsync = smb_full_audit_fsync,
- .stat = smb_full_audit_stat,
- .fstat = smb_full_audit_fstat,
- .lstat = smb_full_audit_lstat,
- .get_alloc_size = smb_full_audit_get_alloc_size,
- .unlink = smb_full_audit_unlink,
- .chmod = smb_full_audit_chmod,
- .fchmod = smb_full_audit_fchmod,
- .chown = smb_full_audit_chown,
- .fchown = smb_full_audit_fchown,
- .lchown = smb_full_audit_lchown,
- .chdir = smb_full_audit_chdir,
- .getwd = smb_full_audit_getwd,
- .ntimes = smb_full_audit_ntimes,
- .ftruncate = smb_full_audit_ftruncate,
- .fallocate = smb_full_audit_fallocate,
- .lock = smb_full_audit_lock,
- .kernel_flock = smb_full_audit_kernel_flock,
- .linux_setlease = smb_full_audit_linux_setlease,
- .getlock = smb_full_audit_getlock,
- .symlink = smb_full_audit_symlink,
- .vfs_readlink = smb_full_audit_readlink,
- .link = smb_full_audit_link,
- .mknod = smb_full_audit_mknod,
- .realpath = smb_full_audit_realpath,
- .notify_watch = smb_full_audit_notify_watch,
- .chflags = smb_full_audit_chflags,
- .file_id_create = smb_full_audit_file_id_create,
- .streaminfo = smb_full_audit_streaminfo,
- .get_real_filename = smb_full_audit_get_real_filename,
- .connectpath = smb_full_audit_connectpath,
- .brl_lock_windows = smb_full_audit_brl_lock_windows,
- .brl_unlock_windows = smb_full_audit_brl_unlock_windows,
- .brl_cancel_windows = smb_full_audit_brl_cancel_windows,
- .strict_lock = smb_full_audit_strict_lock,
- .strict_unlock = smb_full_audit_strict_unlock,
- .translate_name = smb_full_audit_translate_name,
- .fget_nt_acl = smb_full_audit_fget_nt_acl,
- .get_nt_acl = smb_full_audit_get_nt_acl,
- .fset_nt_acl = smb_full_audit_fset_nt_acl,
- .chmod_acl = smb_full_audit_chmod_acl,
- .fchmod_acl = smb_full_audit_fchmod_acl,
- .sys_acl_get_entry = smb_full_audit_sys_acl_get_entry,
- .sys_acl_get_tag_type = smb_full_audit_sys_acl_get_tag_type,
- .sys_acl_get_permset = smb_full_audit_sys_acl_get_permset,
- .sys_acl_get_qualifier = smb_full_audit_sys_acl_get_qualifier,
- .sys_acl_get_file = smb_full_audit_sys_acl_get_file,
- .sys_acl_get_fd = smb_full_audit_sys_acl_get_fd,
- .sys_acl_clear_perms = smb_full_audit_sys_acl_clear_perms,
- .sys_acl_add_perm = smb_full_audit_sys_acl_add_perm,
- .sys_acl_to_text = smb_full_audit_sys_acl_to_text,
- .sys_acl_init = smb_full_audit_sys_acl_init,
- .sys_acl_create_entry = smb_full_audit_sys_acl_create_entry,
- .sys_acl_set_tag_type = smb_full_audit_sys_acl_set_tag_type,
- .sys_acl_set_qualifier = smb_full_audit_sys_acl_set_qualifier,
- .sys_acl_set_permset = smb_full_audit_sys_acl_set_permset,
- .sys_acl_valid = smb_full_audit_sys_acl_valid,
- .sys_acl_set_file = smb_full_audit_sys_acl_set_file,
- .sys_acl_set_fd = smb_full_audit_sys_acl_set_fd,
- .sys_acl_delete_def_file = smb_full_audit_sys_acl_delete_def_file,
- .sys_acl_get_perm = smb_full_audit_sys_acl_get_perm,
- .sys_acl_free_text = smb_full_audit_sys_acl_free_text,
- .sys_acl_free_acl = smb_full_audit_sys_acl_free_acl,
- .sys_acl_free_qualifier = smb_full_audit_sys_acl_free_qualifier,
- .getxattr = smb_full_audit_getxattr,
- .lgetxattr = smb_full_audit_lgetxattr,
- .fgetxattr = smb_full_audit_fgetxattr,
- .listxattr = smb_full_audit_listxattr,
- .llistxattr = smb_full_audit_llistxattr,
- .flistxattr = smb_full_audit_flistxattr,
- .removexattr = smb_full_audit_removexattr,
- .lremovexattr = smb_full_audit_lremovexattr,
- .fremovexattr = smb_full_audit_fremovexattr,
- .setxattr = smb_full_audit_setxattr,
- .lsetxattr = smb_full_audit_lsetxattr,
- .fsetxattr = smb_full_audit_fsetxattr,
- .aio_read = smb_full_audit_aio_read,
- .aio_write = smb_full_audit_aio_write,
+ .read_fn = smb_full_audit_read,
+ .pread_fn = smb_full_audit_pread,
+ .write_fn = smb_full_audit_write,
+ .pwrite_fn = smb_full_audit_pwrite,
+ .lseek_fn = smb_full_audit_lseek,
+ .sendfile_fn = smb_full_audit_sendfile,
+ .recvfile_fn = smb_full_audit_recvfile,
+ .rename_fn = smb_full_audit_rename,
+ .fsync_fn = smb_full_audit_fsync,
+ .stat_fn = smb_full_audit_stat,
+ .fstat_fn = smb_full_audit_fstat,
+ .lstat_fn = smb_full_audit_lstat,
+ .get_alloc_size_fn = smb_full_audit_get_alloc_size,
+ .unlink_fn = smb_full_audit_unlink,
+ .chmod_fn = smb_full_audit_chmod,
+ .fchmod_fn = smb_full_audit_fchmod,
+ .chown_fn = smb_full_audit_chown,
+ .fchown_fn = smb_full_audit_fchown,
+ .lchown_fn = smb_full_audit_lchown,
+ .chdir_fn = smb_full_audit_chdir,
+ .getwd_fn = smb_full_audit_getwd,
+ .ntimes_fn = smb_full_audit_ntimes,
+ .ftruncate_fn = smb_full_audit_ftruncate,
+ .fallocate_fn = smb_full_audit_fallocate,
+ .lock_fn = smb_full_audit_lock,
+ .kernel_flock_fn = smb_full_audit_kernel_flock,
+ .linux_setlease_fn = smb_full_audit_linux_setlease,
+ .getlock_fn = smb_full_audit_getlock,
+ .symlink_fn = smb_full_audit_symlink,
+ .readlink_fn = smb_full_audit_readlink,
+ .link_fn = smb_full_audit_link,
+ .mknod_fn = smb_full_audit_mknod,
+ .realpath_fn = smb_full_audit_realpath,
+ .notify_watch_fn = smb_full_audit_notify_watch,
+ .chflags_fn = smb_full_audit_chflags,
+ .file_id_create_fn = smb_full_audit_file_id_create,
+ .streaminfo_fn = smb_full_audit_streaminfo,
+ .get_real_filename_fn = smb_full_audit_get_real_filename,
+ .connectpath_fn = smb_full_audit_connectpath,
+ .brl_lock_windows_fn = smb_full_audit_brl_lock_windows,
+ .brl_unlock_windows_fn = smb_full_audit_brl_unlock_windows,
+ .brl_cancel_windows_fn = smb_full_audit_brl_cancel_windows,
+ .strict_lock_fn = smb_full_audit_strict_lock,
+ .strict_unlock_fn = smb_full_audit_strict_unlock,
+ .translate_name_fn = smb_full_audit_translate_name,
+ .fget_nt_acl_fn = smb_full_audit_fget_nt_acl,
+ .get_nt_acl_fn = smb_full_audit_get_nt_acl,
+ .fset_nt_acl_fn = smb_full_audit_fset_nt_acl,
+ .chmod_acl_fn = smb_full_audit_chmod_acl,
+ .fchmod_acl_fn = smb_full_audit_fchmod_acl,
+ .sys_acl_get_entry_fn = smb_full_audit_sys_acl_get_entry,
+ .sys_acl_get_tag_type_fn = smb_full_audit_sys_acl_get_tag_type,
+ .sys_acl_get_permset_fn = smb_full_audit_sys_acl_get_permset,
+ .sys_acl_get_qualifier_fn = smb_full_audit_sys_acl_get_qualifier,
+ .sys_acl_get_file_fn = smb_full_audit_sys_acl_get_file,
+ .sys_acl_get_fd_fn = smb_full_audit_sys_acl_get_fd,
+ .sys_acl_clear_perms_fn = smb_full_audit_sys_acl_clear_perms,
+ .sys_acl_add_perm_fn = smb_full_audit_sys_acl_add_perm,
+ .sys_acl_to_text_fn = smb_full_audit_sys_acl_to_text,
+ .sys_acl_init_fn = smb_full_audit_sys_acl_init,
+ .sys_acl_create_entry_fn = smb_full_audit_sys_acl_create_entry,
+ .sys_acl_set_tag_type_fn = smb_full_audit_sys_acl_set_tag_type,
+ .sys_acl_set_qualifier_fn = smb_full_audit_sys_acl_set_qualifier,
+ .sys_acl_set_permset_fn = smb_full_audit_sys_acl_set_permset,
+ .sys_acl_valid_fn = smb_full_audit_sys_acl_valid,
+ .sys_acl_set_file_fn = smb_full_audit_sys_acl_set_file,
+ .sys_acl_set_fd_fn = smb_full_audit_sys_acl_set_fd,
+ .sys_acl_delete_def_file_fn = smb_full_audit_sys_acl_delete_def_file,
+ .sys_acl_get_perm_fn = smb_full_audit_sys_acl_get_perm,
+ .sys_acl_free_text_fn = smb_full_audit_sys_acl_free_text,
+ .sys_acl_free_acl_fn = smb_full_audit_sys_acl_free_acl,
+ .sys_acl_free_qualifier_fn = smb_full_audit_sys_acl_free_qualifier,
+ .getxattr_fn = smb_full_audit_getxattr,
+ .lgetxattr_fn = smb_full_audit_lgetxattr,
+ .fgetxattr_fn = smb_full_audit_fgetxattr,
+ .listxattr_fn = smb_full_audit_listxattr,
+ .llistxattr_fn = smb_full_audit_llistxattr,
+ .flistxattr_fn = smb_full_audit_flistxattr,
+ .removexattr_fn = smb_full_audit_removexattr,
+ .lremovexattr_fn = smb_full_audit_lremovexattr,
+ .fremovexattr_fn = smb_full_audit_fremovexattr,
+ .setxattr_fn = smb_full_audit_setxattr,
+ .lsetxattr_fn = smb_full_audit_lsetxattr,
+ .fsetxattr_fn = smb_full_audit_fsetxattr,
+ .aio_read_fn = smb_full_audit_aio_read,
+ .aio_write_fn = smb_full_audit_aio_write,
.aio_return_fn = smb_full_audit_aio_return,
- .aio_cancel = smb_full_audit_aio_cancel,
+ .aio_cancel_fn = smb_full_audit_aio_cancel,
.aio_error_fn = smb_full_audit_aio_error,
- .aio_fsync = smb_full_audit_aio_fsync,
- .aio_suspend = smb_full_audit_aio_suspend,
- .aio_force = smb_full_audit_aio_force,
- .is_offline = smb_full_audit_is_offline,
- .set_offline = smb_full_audit_set_offline,
+ .aio_fsync_fn = smb_full_audit_aio_fsync,
+ .aio_suspend_fn = smb_full_audit_aio_suspend,
+ .aio_force_fn = smb_full_audit_aio_force,
+ .is_offline_fn = smb_full_audit_is_offline,
+ .set_offline_fn = smb_full_audit_set_offline,
};
NTSTATUS vfs_full_audit_init(void)
git.samba.org / kai / samba-autobuild / .git / blobdiff