19218cc47d12a2edb69b40ea953d6bddd8cafe7e
[samba.git] / source3 / modules / vfs_full_audit.c
1 /* 
2  * Auditing VFS module for samba.  Log selected file operations to syslog
3  * facility.
4  *
5  * Copyright (C) Tim Potter, 1999-2000
6  * Copyright (C) Alexander Bokovoy, 2002
7  * Copyright (C) John H Terpstra, 2003
8  * Copyright (C) Stefan (metze) Metzmacher, 2003
9  * Copyright (C) Volker Lendecke, 2004
10  *
11  * This program is free software; you can redistribute it and/or modify
12  * it under the terms of the GNU General Public License as published by
13  * the Free Software Foundation; either version 3 of the License, or
14  * (at your option) any later version.
15  *  
16  * This program is distributed in the hope that it will be useful,
17  * but WITHOUT ANY WARRANTY; without even the implied warranty of
18  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
19  * GNU General Public License for more details.
20  *  
21  * You should have received a copy of the GNU General Public License
22  * along with this program; if not, see <http://www.gnu.org/licenses/>.
23  */
24
25 /*
26  * This module implements parseable logging for all Samba VFS operations.
27  *
28  * You use it as follows:
29  *
30  * [tmp]
31  * path = /tmp
32  * vfs objects = full_audit
33  * full_audit:prefix = %u|%I
34  * full_audit:success = open opendir
35  * full_audit:failure = all
36  *
37  * vfs op can be "all" which means log all operations.
38  * vfs op can be "none" which means no logging.
39  *
40  * This leads to syslog entries of the form:
41  * smbd_audit: nobody|192.168.234.1|opendir|ok|.
42  * smbd_audit: nobody|192.168.234.1|open|fail (File not found)|r|x.txt
43  *
44  * where "nobody" is the connected username and "192.168.234.1" is the
45  * client's IP address. 
46  *
47  * Options:
48  *
49  * prefix: A macro expansion template prepended to the syslog entry.
50  *
51  * success: A list of VFS operations for which a successful completion should
52  * be logged. Defaults to no logging at all. The special operation "all" logs
53  * - you guessed it - everything.
54  *
55  * failure: A list of VFS operations for which failure to complete should be
56  * logged. Defaults to logging everything.
57  */
58
59
60 #include "includes.h"
61
62 extern userdom_struct current_user_info;
63
64 static int vfs_full_audit_debug_level = DBGC_VFS;
65
66 struct vfs_full_audit_private_data {
67         struct bitmap *success_ops;
68         struct bitmap *failure_ops;
69 };
70
71 #undef DBGC_CLASS
72 #define DBGC_CLASS vfs_full_audit_debug_level
73
74 /* Function prototypes */
75
76 static int smb_full_audit_connect(vfs_handle_struct *handle,
77                          const char *svc, const char *user);
78 static void smb_full_audit_disconnect(vfs_handle_struct *handle);
79 static SMB_BIG_UINT smb_full_audit_disk_free(vfs_handle_struct *handle,
80                                     const char *path,
81                                     bool small_query, SMB_BIG_UINT *bsize, 
82                                     SMB_BIG_UINT *dfree, SMB_BIG_UINT *dsize);
83 static int smb_full_audit_get_quota(struct vfs_handle_struct *handle,
84                            enum SMB_QUOTA_TYPE qtype, unid_t id,
85                            SMB_DISK_QUOTA *qt);
86 static int smb_full_audit_set_quota(struct vfs_handle_struct *handle,
87                            enum SMB_QUOTA_TYPE qtype, unid_t id,
88                            SMB_DISK_QUOTA *qt);
89 static int smb_full_audit_get_shadow_copy_data(struct vfs_handle_struct *handle,
90                                 struct files_struct *fsp,
91                                 SHADOW_COPY_DATA *shadow_copy_data, bool labels);
92 static int smb_full_audit_statvfs(struct vfs_handle_struct *handle,
93                                 const char *path,
94                                 struct vfs_statvfs_struct *statbuf);
95
96 static SMB_STRUCT_DIR *smb_full_audit_opendir(vfs_handle_struct *handle,
97                           const char *fname, const char *mask, uint32 attr);
98 static SMB_STRUCT_DIRENT *smb_full_audit_readdir(vfs_handle_struct *handle,
99                                     SMB_STRUCT_DIR *dirp);
100 static void smb_full_audit_seekdir(vfs_handle_struct *handle,
101                         SMB_STRUCT_DIR *dirp, long offset);
102 static long smb_full_audit_telldir(vfs_handle_struct *handle,
103                         SMB_STRUCT_DIR *dirp);
104 static void smb_full_audit_rewinddir(vfs_handle_struct *handle,
105                         SMB_STRUCT_DIR *dirp);
106 static int smb_full_audit_mkdir(vfs_handle_struct *handle,
107                        const char *path, mode_t mode);
108 static int smb_full_audit_rmdir(vfs_handle_struct *handle,
109                        const char *path);
110 static int smb_full_audit_closedir(vfs_handle_struct *handle,
111                           SMB_STRUCT_DIR *dirp);
112 static int smb_full_audit_open(vfs_handle_struct *handle,
113                       const char *fname, files_struct *fsp, int flags, mode_t mode);
114 static int smb_full_audit_close(vfs_handle_struct *handle, files_struct *fsp, int fd);
115 static ssize_t smb_full_audit_read(vfs_handle_struct *handle, files_struct *fsp,
116                           void *data, size_t n);
117 static ssize_t smb_full_audit_pread(vfs_handle_struct *handle, files_struct *fsp,
118                            void *data, size_t n, SMB_OFF_T offset);
119 static ssize_t smb_full_audit_write(vfs_handle_struct *handle, files_struct *fsp,
120                            const void *data, size_t n);
121 static ssize_t smb_full_audit_pwrite(vfs_handle_struct *handle, files_struct *fsp,
122                             const void *data, size_t n,
123                             SMB_OFF_T offset);
124 static SMB_OFF_T smb_full_audit_lseek(vfs_handle_struct *handle, files_struct *fsp,
125                              SMB_OFF_T offset, int whence);
126 static ssize_t smb_full_audit_sendfile(vfs_handle_struct *handle, int tofd,
127                               files_struct *fromfsp,
128                               const DATA_BLOB *hdr, SMB_OFF_T offset,
129                               size_t n);
130 static ssize_t smb_full_audit_recvfile(vfs_handle_struct *handle, int fromfd,
131                               files_struct *tofsp,
132                               SMB_OFF_T offset,
133                               size_t n);
134 static int smb_full_audit_rename(vfs_handle_struct *handle,
135                         const char *oldname, const char *newname);
136 static int smb_full_audit_fsync(vfs_handle_struct *handle, files_struct *fsp);
137 static int smb_full_audit_stat(vfs_handle_struct *handle,
138                       const char *fname, SMB_STRUCT_STAT *sbuf);
139 static int smb_full_audit_fstat(vfs_handle_struct *handle, files_struct *fsp,
140                        SMB_STRUCT_STAT *sbuf);
141 static int smb_full_audit_lstat(vfs_handle_struct *handle,
142                        const char *path, SMB_STRUCT_STAT *sbuf);
143 static int smb_full_audit_unlink(vfs_handle_struct *handle,
144                         const char *path);
145 static int smb_full_audit_chmod(vfs_handle_struct *handle,
146                        const char *path, mode_t mode);
147 static int smb_full_audit_fchmod(vfs_handle_struct *handle, files_struct *fsp,
148                         mode_t mode);
149 static int smb_full_audit_chown(vfs_handle_struct *handle,
150                        const char *path, uid_t uid, gid_t gid);
151 static int smb_full_audit_fchown(vfs_handle_struct *handle, files_struct *fsp,
152                         uid_t uid, gid_t gid);
153 static int smb_full_audit_lchown(vfs_handle_struct *handle,
154                        const char *path, uid_t uid, gid_t gid);
155 static int smb_full_audit_chdir(vfs_handle_struct *handle,
156                        const char *path);
157 static char *smb_full_audit_getwd(vfs_handle_struct *handle,
158                          char *path);
159 static int smb_full_audit_ntimes(vfs_handle_struct *handle,
160                        const char *path, const struct timespec ts[2]);
161 static int smb_full_audit_ftruncate(vfs_handle_struct *handle, files_struct *fsp,
162                            SMB_OFF_T len);
163 static bool smb_full_audit_lock(vfs_handle_struct *handle, files_struct *fsp,
164                        int op, SMB_OFF_T offset, SMB_OFF_T count, int type);
165 static int smb_full_audit_kernel_flock(struct vfs_handle_struct *handle,
166                                        struct files_struct *fsp,
167                                        uint32 share_mode);
168 static int smb_full_audit_linux_setlease(vfs_handle_struct *handle, files_struct *fsp,
169                                         int leasetype);
170 static bool smb_full_audit_getlock(vfs_handle_struct *handle, files_struct *fsp,
171                        SMB_OFF_T *poffset, SMB_OFF_T *pcount, int *ptype, pid_t *ppid);
172 static int smb_full_audit_symlink(vfs_handle_struct *handle,
173                          const char *oldpath, const char *newpath);
174 static int smb_full_audit_readlink(vfs_handle_struct *handle,
175                           const char *path, char *buf, size_t bufsiz);
176 static int smb_full_audit_link(vfs_handle_struct *handle,
177                       const char *oldpath, const char *newpath);
178 static int smb_full_audit_mknod(vfs_handle_struct *handle,
179                        const char *pathname, mode_t mode, SMB_DEV_T dev);
180 static char *smb_full_audit_realpath(vfs_handle_struct *handle,
181                             const char *path, char *resolved_path);
182 static NTSTATUS smb_full_audit_notify_watch(struct vfs_handle_struct *handle,
183                         struct sys_notify_context *ctx,
184                         struct notify_entry *e,
185                         void (*callback)(struct sys_notify_context *ctx,
186                                         void *private_data,
187                                         struct notify_event *ev),
188                         void *private_data, void *handle_p);
189 static int smb_full_audit_chflags(vfs_handle_struct *handle,
190                             const char *path, unsigned int flags);
191 static struct file_id smb_full_audit_file_id_create(struct vfs_handle_struct *handle,
192                                                     SMB_DEV_T dev, SMB_INO_T inode);
193 static NTSTATUS smb_full_audit_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
194                                 uint32 security_info,
195                                 SEC_DESC **ppdesc);
196 static NTSTATUS smb_full_audit_get_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
197                                const char *name, uint32 security_info,
198                                SEC_DESC **ppdesc);
199 static NTSTATUS smb_full_audit_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
200                               uint32 security_info_sent,
201                               SEC_DESC *psd);
202 static NTSTATUS smb_full_audit_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
203                              const char *name, uint32 security_info_sent,
204                              SEC_DESC *psd);
205 static int smb_full_audit_chmod_acl(vfs_handle_struct *handle,
206                            const char *path, mode_t mode);
207 static int smb_full_audit_fchmod_acl(vfs_handle_struct *handle, files_struct *fsp,
208                                      mode_t mode);
209 static int smb_full_audit_sys_acl_get_entry(vfs_handle_struct *handle,
210                                    SMB_ACL_T theacl, int entry_id,
211                                    SMB_ACL_ENTRY_T *entry_p);
212 static int smb_full_audit_sys_acl_get_tag_type(vfs_handle_struct *handle,
213                                       SMB_ACL_ENTRY_T entry_d,
214                                       SMB_ACL_TAG_T *tag_type_p);
215 static int smb_full_audit_sys_acl_get_permset(vfs_handle_struct *handle,
216                                      SMB_ACL_ENTRY_T entry_d,
217                                      SMB_ACL_PERMSET_T *permset_p);
218 static void * smb_full_audit_sys_acl_get_qualifier(vfs_handle_struct *handle,
219                                           SMB_ACL_ENTRY_T entry_d);
220 static SMB_ACL_T smb_full_audit_sys_acl_get_file(vfs_handle_struct *handle,
221                                         const char *path_p,
222                                         SMB_ACL_TYPE_T type);
223 static SMB_ACL_T smb_full_audit_sys_acl_get_fd(vfs_handle_struct *handle,
224                                       files_struct *fsp);
225 static int smb_full_audit_sys_acl_clear_perms(vfs_handle_struct *handle,
226                                      SMB_ACL_PERMSET_T permset);
227 static int smb_full_audit_sys_acl_add_perm(vfs_handle_struct *handle,
228                                   SMB_ACL_PERMSET_T permset,
229                                   SMB_ACL_PERM_T perm);
230 static char * smb_full_audit_sys_acl_to_text(vfs_handle_struct *handle,
231                                     SMB_ACL_T theacl,
232                                     ssize_t *plen);
233 static SMB_ACL_T smb_full_audit_sys_acl_init(vfs_handle_struct *handle,
234                                     int count);
235 static int smb_full_audit_sys_acl_create_entry(vfs_handle_struct *handle,
236                                       SMB_ACL_T *pacl,
237                                       SMB_ACL_ENTRY_T *pentry);
238 static int smb_full_audit_sys_acl_set_tag_type(vfs_handle_struct *handle,
239                                       SMB_ACL_ENTRY_T entry,
240                                       SMB_ACL_TAG_T tagtype);
241 static int smb_full_audit_sys_acl_set_qualifier(vfs_handle_struct *handle,
242                                        SMB_ACL_ENTRY_T entry,
243                                        void *qual);
244 static int smb_full_audit_sys_acl_set_permset(vfs_handle_struct *handle,
245                                      SMB_ACL_ENTRY_T entry,
246                                      SMB_ACL_PERMSET_T permset);
247 static int smb_full_audit_sys_acl_valid(vfs_handle_struct *handle,
248                                SMB_ACL_T theacl );
249 static int smb_full_audit_sys_acl_set_file(vfs_handle_struct *handle,
250                                   const char *name, SMB_ACL_TYPE_T acltype,
251                                   SMB_ACL_T theacl);
252 static int smb_full_audit_sys_acl_set_fd(vfs_handle_struct *handle, files_struct *fsp,
253                                 SMB_ACL_T theacl);
254 static int smb_full_audit_sys_acl_delete_def_file(vfs_handle_struct *handle,
255                                          const char *path);
256 static int smb_full_audit_sys_acl_get_perm(vfs_handle_struct *handle,
257                                   SMB_ACL_PERMSET_T permset,
258                                   SMB_ACL_PERM_T perm);
259 static int smb_full_audit_sys_acl_free_text(vfs_handle_struct *handle,
260                                    char *text);
261 static int smb_full_audit_sys_acl_free_acl(vfs_handle_struct *handle,
262                                   SMB_ACL_T posix_acl);
263 static int smb_full_audit_sys_acl_free_qualifier(vfs_handle_struct *handle,
264                                         void *qualifier,
265                                         SMB_ACL_TAG_T tagtype);
266 static ssize_t smb_full_audit_getxattr(struct vfs_handle_struct *handle,
267                               const char *path,
268                               const char *name, void *value, size_t size);
269 static ssize_t smb_full_audit_lgetxattr(struct vfs_handle_struct *handle,
270                                const char *path, const char *name,
271                                void *value, size_t size);
272 static ssize_t smb_full_audit_fgetxattr(struct vfs_handle_struct *handle,
273                                struct files_struct *fsp,
274                                const char *name, void *value, size_t size);
275 static ssize_t smb_full_audit_listxattr(struct vfs_handle_struct *handle,
276                                const char *path, char *list, size_t size);
277 static ssize_t smb_full_audit_llistxattr(struct vfs_handle_struct *handle,
278                                 const char *path, char *list, size_t size);
279 static ssize_t smb_full_audit_flistxattr(struct vfs_handle_struct *handle,
280                                 struct files_struct *fsp, char *list,
281                                 size_t size);
282 static int smb_full_audit_removexattr(struct vfs_handle_struct *handle,
283                              const char *path,
284                              const char *name);
285 static int smb_full_audit_lremovexattr(struct vfs_handle_struct *handle,
286                               const char *path,
287                               const char *name);
288 static int smb_full_audit_fremovexattr(struct vfs_handle_struct *handle,
289                               struct files_struct *fsp,
290                               const char *name);
291 static int smb_full_audit_setxattr(struct vfs_handle_struct *handle,
292                           const char *path,
293                           const char *name, const void *value, size_t size,
294                           int flags);
295 static int smb_full_audit_lsetxattr(struct vfs_handle_struct *handle,
296                            const char *path,
297                            const char *name, const void *value, size_t size,
298                            int flags);
299 static int smb_full_audit_fsetxattr(struct vfs_handle_struct *handle,
300                            struct files_struct *fsp, const char *name,
301                            const void *value, size_t size, int flags);
302
303 static int smb_full_audit_aio_read(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb);
304 static int smb_full_audit_aio_write(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb);
305 static ssize_t smb_full_audit_aio_return(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb);
306 static int smb_full_audit_aio_cancel(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb);
307 static int smb_full_audit_aio_error(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb);
308 static int smb_full_audit_aio_fsync(struct vfs_handle_struct *handle, struct files_struct *fsp, int op, SMB_STRUCT_AIOCB *aiocb);
309 static int smb_full_audit_aio_suspend(struct vfs_handle_struct *handle, struct files_struct *fsp, const SMB_STRUCT_AIOCB * const aiocb[], int n, const struct timespec *ts);
310
311 /* VFS operations */
312
313 static vfs_op_tuple audit_op_tuples[] = {
314     
315         /* Disk operations */
316
317         {SMB_VFS_OP(smb_full_audit_connect),    SMB_VFS_OP_CONNECT,
318          SMB_VFS_LAYER_LOGGER},
319         {SMB_VFS_OP(smb_full_audit_disconnect), SMB_VFS_OP_DISCONNECT,
320          SMB_VFS_LAYER_LOGGER},
321         {SMB_VFS_OP(smb_full_audit_disk_free),  SMB_VFS_OP_DISK_FREE,
322          SMB_VFS_LAYER_LOGGER},
323         {SMB_VFS_OP(smb_full_audit_get_quota),  SMB_VFS_OP_GET_QUOTA,
324          SMB_VFS_LAYER_LOGGER},
325         {SMB_VFS_OP(smb_full_audit_set_quota),  SMB_VFS_OP_SET_QUOTA,
326          SMB_VFS_LAYER_LOGGER},
327         {SMB_VFS_OP(smb_full_audit_get_shadow_copy_data), SMB_VFS_OP_GET_SHADOW_COPY_DATA,
328          SMB_VFS_LAYER_LOGGER},
329         {SMB_VFS_OP(smb_full_audit_statvfs),    SMB_VFS_OP_STATVFS,
330          SMB_VFS_LAYER_LOGGER},
331
332         /* Directory operations */
333
334         {SMB_VFS_OP(smb_full_audit_opendir),    SMB_VFS_OP_OPENDIR,
335          SMB_VFS_LAYER_LOGGER},
336         {SMB_VFS_OP(smb_full_audit_readdir),    SMB_VFS_OP_READDIR,
337          SMB_VFS_LAYER_LOGGER},
338         {SMB_VFS_OP(smb_full_audit_seekdir),    SMB_VFS_OP_SEEKDIR,
339          SMB_VFS_LAYER_LOGGER},
340         {SMB_VFS_OP(smb_full_audit_telldir),    SMB_VFS_OP_TELLDIR,
341          SMB_VFS_LAYER_LOGGER},
342         {SMB_VFS_OP(smb_full_audit_rewinddir),  SMB_VFS_OP_REWINDDIR,
343          SMB_VFS_LAYER_LOGGER},
344         {SMB_VFS_OP(smb_full_audit_mkdir),      SMB_VFS_OP_MKDIR,
345          SMB_VFS_LAYER_LOGGER},
346         {SMB_VFS_OP(smb_full_audit_rmdir),      SMB_VFS_OP_RMDIR,
347          SMB_VFS_LAYER_LOGGER},
348         {SMB_VFS_OP(smb_full_audit_closedir),   SMB_VFS_OP_CLOSEDIR,
349          SMB_VFS_LAYER_LOGGER},
350
351         /* File operations */
352
353         {SMB_VFS_OP(smb_full_audit_open),       SMB_VFS_OP_OPEN,
354          SMB_VFS_LAYER_LOGGER},
355         {SMB_VFS_OP(smb_full_audit_close),      SMB_VFS_OP_CLOSE,
356          SMB_VFS_LAYER_LOGGER},
357         {SMB_VFS_OP(smb_full_audit_read),       SMB_VFS_OP_READ,
358          SMB_VFS_LAYER_LOGGER},
359         {SMB_VFS_OP(smb_full_audit_pread),      SMB_VFS_OP_PREAD,
360          SMB_VFS_LAYER_LOGGER},
361         {SMB_VFS_OP(smb_full_audit_write),      SMB_VFS_OP_WRITE,
362          SMB_VFS_LAYER_LOGGER},
363         {SMB_VFS_OP(smb_full_audit_pwrite),     SMB_VFS_OP_PWRITE,
364          SMB_VFS_LAYER_LOGGER},
365         {SMB_VFS_OP(smb_full_audit_lseek),      SMB_VFS_OP_LSEEK,
366          SMB_VFS_LAYER_LOGGER},
367         {SMB_VFS_OP(smb_full_audit_sendfile),   SMB_VFS_OP_SENDFILE,
368          SMB_VFS_LAYER_LOGGER},
369         {SMB_VFS_OP(smb_full_audit_recvfile),   SMB_VFS_OP_RECVFILE,
370          SMB_VFS_LAYER_LOGGER},
371         {SMB_VFS_OP(smb_full_audit_rename),     SMB_VFS_OP_RENAME,
372          SMB_VFS_LAYER_LOGGER},
373         {SMB_VFS_OP(smb_full_audit_fsync),      SMB_VFS_OP_FSYNC,
374          SMB_VFS_LAYER_LOGGER},
375         {SMB_VFS_OP(smb_full_audit_stat),       SMB_VFS_OP_STAT,
376          SMB_VFS_LAYER_LOGGER},
377         {SMB_VFS_OP(smb_full_audit_fstat),      SMB_VFS_OP_FSTAT,
378          SMB_VFS_LAYER_LOGGER},
379         {SMB_VFS_OP(smb_full_audit_lstat),      SMB_VFS_OP_LSTAT,
380          SMB_VFS_LAYER_LOGGER},
381         {SMB_VFS_OP(smb_full_audit_unlink),     SMB_VFS_OP_UNLINK,
382          SMB_VFS_LAYER_LOGGER},
383         {SMB_VFS_OP(smb_full_audit_chmod),      SMB_VFS_OP_CHMOD,
384          SMB_VFS_LAYER_LOGGER},
385         {SMB_VFS_OP(smb_full_audit_fchmod),     SMB_VFS_OP_FCHMOD,
386          SMB_VFS_LAYER_LOGGER},
387         {SMB_VFS_OP(smb_full_audit_chown),      SMB_VFS_OP_CHOWN,
388          SMB_VFS_LAYER_LOGGER},
389         {SMB_VFS_OP(smb_full_audit_fchown),     SMB_VFS_OP_FCHOWN,
390          SMB_VFS_LAYER_LOGGER},
391         {SMB_VFS_OP(smb_full_audit_lchown),     SMB_VFS_OP_LCHOWN,
392          SMB_VFS_LAYER_LOGGER},
393         {SMB_VFS_OP(smb_full_audit_chdir),      SMB_VFS_OP_CHDIR,
394          SMB_VFS_LAYER_LOGGER},
395         {SMB_VFS_OP(smb_full_audit_getwd),      SMB_VFS_OP_GETWD,
396          SMB_VFS_LAYER_LOGGER},
397         {SMB_VFS_OP(smb_full_audit_ntimes),     SMB_VFS_OP_NTIMES,
398          SMB_VFS_LAYER_LOGGER},
399         {SMB_VFS_OP(smb_full_audit_ftruncate),  SMB_VFS_OP_FTRUNCATE,
400          SMB_VFS_LAYER_LOGGER},
401         {SMB_VFS_OP(smb_full_audit_lock),       SMB_VFS_OP_LOCK,
402          SMB_VFS_LAYER_LOGGER},
403         {SMB_VFS_OP(smb_full_audit_kernel_flock),       SMB_VFS_OP_KERNEL_FLOCK,
404          SMB_VFS_LAYER_LOGGER},
405         {SMB_VFS_OP(smb_full_audit_linux_setlease),       SMB_VFS_OP_LINUX_SETLEASE,
406          SMB_VFS_LAYER_LOGGER},
407         {SMB_VFS_OP(smb_full_audit_getlock),    SMB_VFS_OP_GETLOCK,
408          SMB_VFS_LAYER_LOGGER},
409         {SMB_VFS_OP(smb_full_audit_symlink),    SMB_VFS_OP_SYMLINK,
410          SMB_VFS_LAYER_LOGGER},
411         {SMB_VFS_OP(smb_full_audit_readlink),   SMB_VFS_OP_READLINK,
412          SMB_VFS_LAYER_LOGGER},
413         {SMB_VFS_OP(smb_full_audit_link),       SMB_VFS_OP_LINK,
414          SMB_VFS_LAYER_LOGGER},
415         {SMB_VFS_OP(smb_full_audit_mknod),      SMB_VFS_OP_MKNOD,
416          SMB_VFS_LAYER_LOGGER},
417         {SMB_VFS_OP(smb_full_audit_realpath),   SMB_VFS_OP_REALPATH,
418          SMB_VFS_LAYER_LOGGER},
419         {SMB_VFS_OP(smb_full_audit_notify_watch),SMB_VFS_OP_NOTIFY_WATCH,
420          SMB_VFS_LAYER_LOGGER},
421         {SMB_VFS_OP(smb_full_audit_chflags),    SMB_VFS_OP_CHFLAGS,
422          SMB_VFS_LAYER_LOGGER},
423         {SMB_VFS_OP(smb_full_audit_file_id_create),     SMB_VFS_OP_FILE_ID_CREATE,
424          SMB_VFS_LAYER_LOGGER},
425
426         /* NT ACL operations. */
427
428         {SMB_VFS_OP(smb_full_audit_fget_nt_acl),        SMB_VFS_OP_FGET_NT_ACL,
429          SMB_VFS_LAYER_LOGGER},
430         {SMB_VFS_OP(smb_full_audit_get_nt_acl), SMB_VFS_OP_GET_NT_ACL,
431          SMB_VFS_LAYER_LOGGER},
432         {SMB_VFS_OP(smb_full_audit_fset_nt_acl),        SMB_VFS_OP_FSET_NT_ACL,
433          SMB_VFS_LAYER_LOGGER},
434         {SMB_VFS_OP(smb_full_audit_set_nt_acl), SMB_VFS_OP_SET_NT_ACL,
435          SMB_VFS_LAYER_LOGGER},
436
437         /* POSIX ACL operations. */
438
439         {SMB_VFS_OP(smb_full_audit_chmod_acl),  SMB_VFS_OP_CHMOD_ACL,
440          SMB_VFS_LAYER_LOGGER},
441         {SMB_VFS_OP(smb_full_audit_fchmod_acl), SMB_VFS_OP_FCHMOD_ACL,
442          SMB_VFS_LAYER_LOGGER},
443         {SMB_VFS_OP(smb_full_audit_sys_acl_get_entry),  SMB_VFS_OP_SYS_ACL_GET_ENTRY,
444          SMB_VFS_LAYER_LOGGER},
445         {SMB_VFS_OP(smb_full_audit_sys_acl_get_tag_type),       SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE,
446          SMB_VFS_LAYER_LOGGER},
447         {SMB_VFS_OP(smb_full_audit_sys_acl_get_permset),        SMB_VFS_OP_SYS_ACL_GET_PERMSET,
448          SMB_VFS_LAYER_LOGGER},
449         {SMB_VFS_OP(smb_full_audit_sys_acl_get_qualifier),      SMB_VFS_OP_SYS_ACL_GET_QUALIFIER,
450          SMB_VFS_LAYER_LOGGER},
451         {SMB_VFS_OP(smb_full_audit_sys_acl_get_file),   SMB_VFS_OP_SYS_ACL_GET_FILE,
452          SMB_VFS_LAYER_LOGGER},
453 {SMB_VFS_OP(smb_full_audit_sys_acl_get_fd),     SMB_VFS_OP_SYS_ACL_GET_FD,
454          SMB_VFS_LAYER_LOGGER},
455         {SMB_VFS_OP(smb_full_audit_sys_acl_clear_perms),        SMB_VFS_OP_SYS_ACL_CLEAR_PERMS,
456          SMB_VFS_LAYER_LOGGER},
457         {SMB_VFS_OP(smb_full_audit_sys_acl_add_perm),   SMB_VFS_OP_SYS_ACL_ADD_PERM,
458          SMB_VFS_LAYER_LOGGER},
459         {SMB_VFS_OP(smb_full_audit_sys_acl_to_text),    SMB_VFS_OP_SYS_ACL_TO_TEXT,
460          SMB_VFS_LAYER_LOGGER},
461         {SMB_VFS_OP(smb_full_audit_sys_acl_init),       SMB_VFS_OP_SYS_ACL_INIT,
462          SMB_VFS_LAYER_LOGGER},
463         {SMB_VFS_OP(smb_full_audit_sys_acl_create_entry),       SMB_VFS_OP_SYS_ACL_CREATE_ENTRY,
464          SMB_VFS_LAYER_LOGGER},
465         {SMB_VFS_OP(smb_full_audit_sys_acl_set_tag_type),       SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE,
466          SMB_VFS_LAYER_LOGGER},
467         {SMB_VFS_OP(smb_full_audit_sys_acl_set_qualifier),      SMB_VFS_OP_SYS_ACL_SET_QUALIFIER,
468          SMB_VFS_LAYER_LOGGER},
469         {SMB_VFS_OP(smb_full_audit_sys_acl_set_permset),        SMB_VFS_OP_SYS_ACL_SET_PERMSET,
470          SMB_VFS_LAYER_LOGGER},
471         {SMB_VFS_OP(smb_full_audit_sys_acl_valid),      SMB_VFS_OP_SYS_ACL_VALID,
472          SMB_VFS_LAYER_LOGGER},
473         {SMB_VFS_OP(smb_full_audit_sys_acl_set_file),   SMB_VFS_OP_SYS_ACL_SET_FILE,
474          SMB_VFS_LAYER_LOGGER},
475         {SMB_VFS_OP(smb_full_audit_sys_acl_set_fd),     SMB_VFS_OP_SYS_ACL_SET_FD,
476          SMB_VFS_LAYER_LOGGER},
477         {SMB_VFS_OP(smb_full_audit_sys_acl_delete_def_file),    SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE,
478          SMB_VFS_LAYER_LOGGER},
479         {SMB_VFS_OP(smb_full_audit_sys_acl_get_perm),   SMB_VFS_OP_SYS_ACL_GET_PERM,
480          SMB_VFS_LAYER_LOGGER},
481         {SMB_VFS_OP(smb_full_audit_sys_acl_free_text),  SMB_VFS_OP_SYS_ACL_FREE_TEXT,
482          SMB_VFS_LAYER_LOGGER},
483         {SMB_VFS_OP(smb_full_audit_sys_acl_free_acl),   SMB_VFS_OP_SYS_ACL_FREE_ACL,
484          SMB_VFS_LAYER_LOGGER},
485         {SMB_VFS_OP(smb_full_audit_sys_acl_free_qualifier),     SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER,
486          SMB_VFS_LAYER_LOGGER},
487         
488         /* EA operations. */
489
490         {SMB_VFS_OP(smb_full_audit_getxattr),   SMB_VFS_OP_GETXATTR,
491          SMB_VFS_LAYER_LOGGER},
492         {SMB_VFS_OP(smb_full_audit_lgetxattr),  SMB_VFS_OP_LGETXATTR,
493          SMB_VFS_LAYER_LOGGER},
494         {SMB_VFS_OP(smb_full_audit_fgetxattr),  SMB_VFS_OP_FGETXATTR,
495          SMB_VFS_LAYER_LOGGER},
496         {SMB_VFS_OP(smb_full_audit_listxattr),  SMB_VFS_OP_LISTXATTR,
497          SMB_VFS_LAYER_LOGGER},
498         {SMB_VFS_OP(smb_full_audit_llistxattr), SMB_VFS_OP_LLISTXATTR,
499          SMB_VFS_LAYER_LOGGER},
500         {SMB_VFS_OP(smb_full_audit_flistxattr), SMB_VFS_OP_FLISTXATTR,
501          SMB_VFS_LAYER_LOGGER},
502         {SMB_VFS_OP(smb_full_audit_removexattr),        SMB_VFS_OP_REMOVEXATTR,
503          SMB_VFS_LAYER_LOGGER},
504         {SMB_VFS_OP(smb_full_audit_lremovexattr),       SMB_VFS_OP_LREMOVEXATTR,
505          SMB_VFS_LAYER_LOGGER},
506         {SMB_VFS_OP(smb_full_audit_fremovexattr),       SMB_VFS_OP_FREMOVEXATTR,
507          SMB_VFS_LAYER_LOGGER},
508         {SMB_VFS_OP(smb_full_audit_setxattr),   SMB_VFS_OP_SETXATTR,
509          SMB_VFS_LAYER_LOGGER},
510         {SMB_VFS_OP(smb_full_audit_lsetxattr),  SMB_VFS_OP_LSETXATTR,
511          SMB_VFS_LAYER_LOGGER},
512         {SMB_VFS_OP(smb_full_audit_fsetxattr),  SMB_VFS_OP_FSETXATTR,
513          SMB_VFS_LAYER_LOGGER},
514         
515         {SMB_VFS_OP(smb_full_audit_aio_read),   SMB_VFS_OP_AIO_READ,
516          SMB_VFS_LAYER_LOGGER},
517         {SMB_VFS_OP(smb_full_audit_aio_write),  SMB_VFS_OP_AIO_WRITE,
518          SMB_VFS_LAYER_LOGGER},
519         {SMB_VFS_OP(smb_full_audit_aio_return), SMB_VFS_OP_AIO_RETURN,
520          SMB_VFS_LAYER_LOGGER},
521         {SMB_VFS_OP(smb_full_audit_aio_cancel), SMB_VFS_OP_AIO_CANCEL,
522          SMB_VFS_LAYER_LOGGER},
523         {SMB_VFS_OP(smb_full_audit_aio_error),  SMB_VFS_OP_AIO_ERROR,
524          SMB_VFS_LAYER_LOGGER},
525         {SMB_VFS_OP(smb_full_audit_aio_fsync),  SMB_VFS_OP_AIO_FSYNC,
526          SMB_VFS_LAYER_LOGGER},
527         {SMB_VFS_OP(smb_full_audit_aio_suspend),SMB_VFS_OP_AIO_SUSPEND,
528          SMB_VFS_LAYER_LOGGER},
529
530         /* Finish VFS operations definition */
531         
532         {SMB_VFS_OP(NULL),              SMB_VFS_OP_NOOP,
533          SMB_VFS_LAYER_NOOP}
534 };
535
536 /* The following array *must* be in the same order as defined in vfs.h */
537
538 static struct {
539         vfs_op_type type;
540         const char *name;
541 } vfs_op_names[] = {
542         { SMB_VFS_OP_CONNECT,   "connect" },
543         { SMB_VFS_OP_DISCONNECT,        "disconnect" },
544         { SMB_VFS_OP_DISK_FREE, "disk_free" },
545         { SMB_VFS_OP_GET_QUOTA, "get_quota" },
546         { SMB_VFS_OP_SET_QUOTA, "set_quota" },
547         { SMB_VFS_OP_GET_SHADOW_COPY_DATA,      "get_shadow_copy_data" },
548         { SMB_VFS_OP_STATVFS,   "statvfs" },
549         { SMB_VFS_OP_FS_CAPABILITIES,   "fs_capabilities" },
550         { SMB_VFS_OP_OPENDIR,   "opendir" },
551         { SMB_VFS_OP_READDIR,   "readdir" },
552         { SMB_VFS_OP_SEEKDIR,   "seekdir" },
553         { SMB_VFS_OP_TELLDIR,   "telldir" },
554         { SMB_VFS_OP_REWINDDIR, "rewinddir" },
555         { SMB_VFS_OP_MKDIR,     "mkdir" },
556         { SMB_VFS_OP_RMDIR,     "rmdir" },
557         { SMB_VFS_OP_CLOSEDIR,  "closedir" },
558         { SMB_VFS_OP_OPEN,      "open" },
559         { SMB_VFS_OP_CLOSE,     "close" },
560         { SMB_VFS_OP_READ,      "read" },
561         { SMB_VFS_OP_PREAD,     "pread" },
562         { SMB_VFS_OP_WRITE,     "write" },
563         { SMB_VFS_OP_PWRITE,    "pwrite" },
564         { SMB_VFS_OP_LSEEK,     "lseek" },
565         { SMB_VFS_OP_SENDFILE,  "sendfile" },
566         { SMB_VFS_OP_RENAME,    "rename" },
567         { SMB_VFS_OP_FSYNC,     "fsync" },
568         { SMB_VFS_OP_STAT,      "stat" },
569         { SMB_VFS_OP_FSTAT,     "fstat" },
570         { SMB_VFS_OP_LSTAT,     "lstat" },
571         { SMB_VFS_OP_UNLINK,    "unlink" },
572         { SMB_VFS_OP_CHMOD,     "chmod" },
573         { SMB_VFS_OP_FCHMOD,    "fchmod" },
574         { SMB_VFS_OP_CHOWN,     "chown" },
575         { SMB_VFS_OP_FCHOWN,    "fchown" },
576         { SMB_VFS_OP_LCHOWN,    "lchown" },
577         { SMB_VFS_OP_CHDIR,     "chdir" },
578         { SMB_VFS_OP_GETWD,     "getwd" },
579         { SMB_VFS_OP_NTIMES,    "ntimes" },
580         { SMB_VFS_OP_FTRUNCATE, "ftruncate" },
581         { SMB_VFS_OP_LOCK,      "lock" },
582         { SMB_VFS_OP_KERNEL_FLOCK,      "kernel_flock" },
583         { SMB_VFS_OP_LINUX_SETLEASE, "linux_setlease" },
584         { SMB_VFS_OP_GETLOCK,   "getlock" },
585         { SMB_VFS_OP_SYMLINK,   "symlink" },
586         { SMB_VFS_OP_READLINK,  "readlink" },
587         { SMB_VFS_OP_LINK,      "link" },
588         { SMB_VFS_OP_MKNOD,     "mknod" },
589         { SMB_VFS_OP_REALPATH,  "realpath" },
590         { SMB_VFS_OP_NOTIFY_WATCH, "notify_watch" },
591         { SMB_VFS_OP_CHFLAGS,   "chflags" },
592         { SMB_VFS_OP_FILE_ID_CREATE,    "file_id_create" },
593         { SMB_VFS_OP_FGET_NT_ACL,       "fget_nt_acl" },
594         { SMB_VFS_OP_GET_NT_ACL,        "get_nt_acl" },
595         { SMB_VFS_OP_FSET_NT_ACL,       "fset_nt_acl" },
596         { SMB_VFS_OP_SET_NT_ACL,        "set_nt_acl" },
597         { SMB_VFS_OP_CHMOD_ACL, "chmod_acl" },
598         { SMB_VFS_OP_FCHMOD_ACL,        "fchmod_acl" },
599         { SMB_VFS_OP_SYS_ACL_GET_ENTRY, "sys_acl_get_entry" },
600         { SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE,      "sys_acl_get_tag_type" },
601         { SMB_VFS_OP_SYS_ACL_GET_PERMSET,       "sys_acl_get_permset" },
602         { SMB_VFS_OP_SYS_ACL_GET_QUALIFIER,     "sys_acl_get_qualifier" },
603         { SMB_VFS_OP_SYS_ACL_GET_FILE,  "sys_acl_get_file" },
604         { SMB_VFS_OP_SYS_ACL_GET_FD,    "sys_acl_get_fd" },
605         { SMB_VFS_OP_SYS_ACL_CLEAR_PERMS,       "sys_acl_clear_perms" },
606         { SMB_VFS_OP_SYS_ACL_ADD_PERM,  "sys_acl_add_perm" },
607         { SMB_VFS_OP_SYS_ACL_TO_TEXT,   "sys_acl_to_text" },
608         { SMB_VFS_OP_SYS_ACL_INIT,      "sys_acl_init" },
609         { SMB_VFS_OP_SYS_ACL_CREATE_ENTRY,      "sys_acl_create_entry" },
610         { SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE,      "sys_acl_set_tag_type" },
611         { SMB_VFS_OP_SYS_ACL_SET_QUALIFIER,     "sys_acl_set_qualifier" },
612         { SMB_VFS_OP_SYS_ACL_SET_PERMSET,       "sys_acl_set_permset" },
613         { SMB_VFS_OP_SYS_ACL_VALID,     "sys_acl_valid" },
614         { SMB_VFS_OP_SYS_ACL_SET_FILE,  "sys_acl_set_file" },
615         { SMB_VFS_OP_SYS_ACL_SET_FD,    "sys_acl_set_fd" },
616         { SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE,   "sys_acl_delete_def_file" },
617         { SMB_VFS_OP_SYS_ACL_GET_PERM,  "sys_acl_get_perm" },
618         { SMB_VFS_OP_SYS_ACL_FREE_TEXT, "sys_acl_free_text" },
619         { SMB_VFS_OP_SYS_ACL_FREE_ACL,  "sys_acl_free_acl" },
620         { SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER,    "sys_acl_free_qualifier" },
621         { SMB_VFS_OP_GETXATTR,  "getxattr" },
622         { SMB_VFS_OP_LGETXATTR, "lgetxattr" },
623         { SMB_VFS_OP_FGETXATTR, "fgetxattr" },
624         { SMB_VFS_OP_LISTXATTR, "listxattr" },
625         { SMB_VFS_OP_LLISTXATTR,        "llistxattr" },
626         { SMB_VFS_OP_FLISTXATTR,        "flistxattr" },
627         { SMB_VFS_OP_REMOVEXATTR,       "removexattr" },
628         { SMB_VFS_OP_LREMOVEXATTR,      "lremovexattr" },
629         { SMB_VFS_OP_FREMOVEXATTR,      "fremovexattr" },
630         { SMB_VFS_OP_SETXATTR,  "setxattr" },
631         { SMB_VFS_OP_LSETXATTR, "lsetxattr" },
632         { SMB_VFS_OP_FSETXATTR, "fsetxattr" },
633         { SMB_VFS_OP_AIO_READ,  "aio_read" },
634         { SMB_VFS_OP_AIO_WRITE, "aio_write" },
635         { SMB_VFS_OP_AIO_RETURN,"aio_return" },
636         { SMB_VFS_OP_AIO_CANCEL,"aio_cancel" },
637         { SMB_VFS_OP_AIO_ERROR, "aio_error" },
638         { SMB_VFS_OP_AIO_FSYNC, "aio_fsync" },
639         { SMB_VFS_OP_AIO_SUSPEND,"aio_suspend" },
640         { SMB_VFS_OP_AIO_FORCE, "aio_force" },
641         { SMB_VFS_OP_IS_OFFLINE, "aio_is_offline" },
642         { SMB_VFS_OP_SET_OFFLINE, "aio_set_offline" },
643         { SMB_VFS_OP_LAST, NULL }
644 };      
645
646 static int audit_syslog_facility(vfs_handle_struct *handle)
647 {
648         static const struct enum_list enum_log_facilities[] = {
649                 { LOG_USER, "USER" },
650                 { LOG_LOCAL0, "LOCAL0" },
651                 { LOG_LOCAL1, "LOCAL1" },
652                 { LOG_LOCAL2, "LOCAL2" },
653                 { LOG_LOCAL3, "LOCAL3" },
654                 { LOG_LOCAL4, "LOCAL4" },
655                 { LOG_LOCAL5, "LOCAL5" },
656                 { LOG_LOCAL6, "LOCAL6" },
657                 { LOG_LOCAL7, "LOCAL7" }
658         };
659
660         int facility;
661
662         facility = lp_parm_enum(SNUM(handle->conn), "full_audit", "facility", enum_log_facilities, LOG_USER);
663
664         return facility;
665 }
666
667 static int audit_syslog_priority(vfs_handle_struct *handle)
668 {
669         static const struct enum_list enum_log_priorities[] = {
670                 { LOG_EMERG, "EMERG" },
671                 { LOG_ALERT, "ALERT" },
672                 { LOG_CRIT, "CRIT" },
673                 { LOG_ERR, "ERR" },
674                 { LOG_WARNING, "WARNING" },
675                 { LOG_NOTICE, "NOTICE" },
676                 { LOG_INFO, "INFO" },
677                 { LOG_DEBUG, "DEBUG" }
678         };
679
680         int priority;
681
682         priority = lp_parm_enum(SNUM(handle->conn), "full_audit", "priority",
683                                 enum_log_priorities, LOG_NOTICE);
684         if (priority == -1) {
685                 priority = LOG_WARNING;
686         }
687
688         return priority;
689 }
690
691 static char *audit_prefix(TALLOC_CTX *ctx, connection_struct *conn)
692 {
693         char *prefix = NULL;
694
695         prefix = talloc_strdup(ctx,
696                         lp_parm_const_string(SNUM(conn), "full_audit",
697                                              "prefix", "%u|%I"));
698         if (!prefix) {
699                 return NULL;
700         }
701         return talloc_sub_advanced(ctx,
702                         lp_servicename(SNUM(conn)), conn->user,
703                         conn->connectpath, conn->gid,
704                         get_current_username(),
705                         current_user_info.domain,
706                         prefix);
707 }
708
709 static bool log_success(vfs_handle_struct *handle, vfs_op_type op)
710 {
711         struct vfs_full_audit_private_data *pd = NULL;
712
713         SMB_VFS_HANDLE_GET_DATA(handle, pd,
714                 struct vfs_full_audit_private_data,
715                 return True);
716
717         if (pd->success_ops == NULL) {
718                 return True;
719         }
720
721         return bitmap_query(pd->success_ops, op);
722 }
723
724 static bool log_failure(vfs_handle_struct *handle, vfs_op_type op)
725 {
726         struct vfs_full_audit_private_data *pd = NULL;
727
728         SMB_VFS_HANDLE_GET_DATA(handle, pd,
729                 struct vfs_full_audit_private_data,
730                 return True);
731
732         if (pd->failure_ops == NULL)
733                 return True;
734
735         return bitmap_query(pd->failure_ops, op);
736 }
737
738 static void init_bitmap(struct bitmap **bm, const char **ops)
739 {
740         bool log_all = False;
741
742         if (*bm != NULL)
743                 return;
744
745         *bm = bitmap_allocate(SMB_VFS_OP_LAST);
746
747         if (*bm == NULL) {
748                 DEBUG(0, ("Could not alloc bitmap -- "
749                           "defaulting to logging everything\n"));
750                 return;
751         }
752
753         while (*ops != NULL) {
754                 int i;
755                 bool found = False;
756
757                 if (strequal(*ops, "all")) {
758                         log_all = True;
759                         break;
760                 }
761
762                 if (strequal(*ops, "none")) {
763                         break;
764                 }
765
766                 for (i=0; i<SMB_VFS_OP_LAST; i++) {
767                         if (vfs_op_names[i].name == NULL) {
768                                 smb_panic("vfs_full_audit.c: name table not "
769                                           "in sync with vfs.h\n");
770                         }
771
772                         if (strequal(*ops, vfs_op_names[i].name)) {
773                                 bitmap_set(*bm, i);
774                                 found = True;
775                         }
776                 }
777                 if (!found) {
778                         DEBUG(0, ("Could not find opname %s, logging all\n",
779                                   *ops));
780                         log_all = True;
781                         break;
782                 }
783                 ops += 1;
784         }
785
786         if (log_all) {
787                 /* The query functions default to True */
788                 bitmap_free(*bm);
789                 *bm = NULL;
790         }
791 }
792
793 static const char *audit_opname(vfs_op_type op)
794 {
795         if (op >= SMB_VFS_OP_LAST)
796                 return "INVALID VFS OP";
797         return vfs_op_names[op].name;
798 }
799
800 static void do_log(vfs_op_type op, bool success, vfs_handle_struct *handle,
801                    const char *format, ...)
802 {
803         fstring err_msg;
804         char *audit_pre = NULL;
805         va_list ap;
806         char *op_msg = NULL;
807
808         if (success && (!log_success(handle, op)))
809                 return;
810
811         if (!success && (!log_failure(handle, op)))
812                 return;
813
814         if (success)
815                 fstrcpy(err_msg, "ok");
816         else
817                 fstr_sprintf(err_msg, "fail (%s)", strerror(errno));
818
819         va_start(ap, format);
820         op_msg = talloc_vasprintf(NULL, format, ap);
821         va_end(ap);
822
823         if (!op_msg) {
824                 return;
825         }
826
827         audit_pre = audit_prefix(NULL, handle->conn);
828         syslog(audit_syslog_priority(handle), "%s|%s|%s|%s\n",
829                 audit_pre ? audit_pre : "",
830                 audit_opname(op), err_msg, op_msg);
831
832         TALLOC_FREE(audit_pre);
833         TALLOC_FREE(op_msg);
834
835         return;
836 }
837
838 /* Free function for the private data. */
839
840 static void free_private_data(void **p_data)
841 {
842         struct vfs_full_audit_private_data *pd = *(struct vfs_full_audit_private_data **)p_data;
843
844         if (pd->success_ops) {
845                 bitmap_free(pd->success_ops);
846         }
847         if (pd->failure_ops) {
848                 bitmap_free(pd->failure_ops);
849         }
850         SAFE_FREE(pd);
851         *p_data = NULL;
852 }
853
854 /* Implementation of vfs_ops.  Pass everything on to the default
855    operation but log event first. */
856
857 static int smb_full_audit_connect(vfs_handle_struct *handle,
858                          const char *svc, const char *user)
859 {
860         int result;
861         struct vfs_full_audit_private_data *pd = NULL;
862         const char *none[] = { NULL };
863         const char *all [] = { "all" };
864
865         if (!handle) {
866                 return -1;
867         }
868
869         pd = SMB_MALLOC_P(struct vfs_full_audit_private_data);
870         if (!pd) {
871                 return -1;
872         }
873         ZERO_STRUCTP(pd);
874
875         openlog("smbd_audit", 0, audit_syslog_facility(handle));
876
877         init_bitmap(&pd->success_ops,
878                     lp_parm_string_list(SNUM(handle->conn), "full_audit", "success",
879                                         none));
880         init_bitmap(&pd->failure_ops,
881                     lp_parm_string_list(SNUM(handle->conn), "full_audit", "failure",
882                                         all));
883
884         /* Store the private data. */
885         SMB_VFS_HANDLE_SET_DATA(handle, pd, free_private_data,
886                                 struct vfs_full_audit_private_data, return -1);
887
888         result = SMB_VFS_NEXT_CONNECT(handle, svc, user);
889
890         do_log(SMB_VFS_OP_CONNECT, True, handle,
891                "%s", svc);
892
893         return result;
894 }
895
896 static void smb_full_audit_disconnect(vfs_handle_struct *handle)
897 {
898         SMB_VFS_NEXT_DISCONNECT(handle);
899
900         do_log(SMB_VFS_OP_DISCONNECT, True, handle,
901                "%s", lp_servicename(SNUM(handle->conn)));
902
903         /* The bitmaps will be disconnected when the private
904            data is deleted. */
905
906         return;
907 }
908
909 static SMB_BIG_UINT smb_full_audit_disk_free(vfs_handle_struct *handle,
910                                     const char *path,
911                                     bool small_query, SMB_BIG_UINT *bsize, 
912                                     SMB_BIG_UINT *dfree, SMB_BIG_UINT *dsize)
913 {
914         SMB_BIG_UINT result;
915
916         result = SMB_VFS_NEXT_DISK_FREE(handle, path, small_query, bsize,
917                                         dfree, dsize);
918
919         /* Don't have a reasonable notion of failure here */
920
921         do_log(SMB_VFS_OP_DISK_FREE, True, handle, "%s", path);
922
923         return result;
924 }
925
926 static int smb_full_audit_get_quota(struct vfs_handle_struct *handle,
927                            enum SMB_QUOTA_TYPE qtype, unid_t id,
928                            SMB_DISK_QUOTA *qt)
929 {
930         int result;
931
932         result = SMB_VFS_NEXT_GET_QUOTA(handle, qtype, id, qt);
933
934         do_log(SMB_VFS_OP_GET_QUOTA, (result >= 0), handle, "");
935
936         return result;
937 }
938
939         
940 static int smb_full_audit_set_quota(struct vfs_handle_struct *handle,
941                            enum SMB_QUOTA_TYPE qtype, unid_t id,
942                            SMB_DISK_QUOTA *qt)
943 {
944         int result;
945
946         result = SMB_VFS_NEXT_SET_QUOTA(handle, qtype, id, qt);
947
948         do_log(SMB_VFS_OP_SET_QUOTA, (result >= 0), handle, "");
949
950         return result;
951 }
952
953 static int smb_full_audit_get_shadow_copy_data(struct vfs_handle_struct *handle,
954                                 struct files_struct *fsp,
955                                 SHADOW_COPY_DATA *shadow_copy_data, bool labels)
956 {
957         int result;
958
959         result = SMB_VFS_NEXT_GET_SHADOW_COPY_DATA(handle, fsp, shadow_copy_data, labels);
960
961         do_log(SMB_VFS_OP_GET_SHADOW_COPY_DATA, (result >= 0), handle, "");
962
963         return result;
964 }
965
966 static int smb_full_audit_statvfs(struct vfs_handle_struct *handle,
967                                 const char *path,
968                                 struct vfs_statvfs_struct *statbuf)
969 {
970         int result;
971
972         result = SMB_VFS_NEXT_STATVFS(handle, path, statbuf);
973
974         do_log(SMB_VFS_OP_STATVFS, (result >= 0), handle, "");
975
976         return result;
977 }
978
979 static SMB_STRUCT_DIR *smb_full_audit_opendir(vfs_handle_struct *handle,
980                           const char *fname, const char *mask, uint32 attr)
981 {
982         SMB_STRUCT_DIR *result;
983
984         result = SMB_VFS_NEXT_OPENDIR(handle, fname, mask, attr);
985
986         do_log(SMB_VFS_OP_OPENDIR, (result != NULL), handle, "%s", fname);
987
988         return result;
989 }
990
991 static SMB_STRUCT_DIRENT *smb_full_audit_readdir(vfs_handle_struct *handle,
992                                     SMB_STRUCT_DIR *dirp)
993 {
994         SMB_STRUCT_DIRENT *result;
995
996         result = SMB_VFS_NEXT_READDIR(handle, dirp);
997
998         /* This operation has no reasonable error condition
999          * (End of dir is also failure), so always succeed.
1000          */
1001         do_log(SMB_VFS_OP_READDIR, True, handle, "");
1002
1003         return result;
1004 }
1005
1006 static void smb_full_audit_seekdir(vfs_handle_struct *handle,
1007                         SMB_STRUCT_DIR *dirp, long offset)
1008 {
1009         SMB_VFS_NEXT_SEEKDIR(handle, dirp, offset);
1010
1011         do_log(SMB_VFS_OP_SEEKDIR, True, handle, "");
1012         return;
1013 }
1014
1015 static long smb_full_audit_telldir(vfs_handle_struct *handle,
1016                         SMB_STRUCT_DIR *dirp)
1017 {
1018         long result;
1019
1020         result = SMB_VFS_NEXT_TELLDIR(handle, dirp);
1021
1022         do_log(SMB_VFS_OP_TELLDIR, True, handle, "");
1023
1024         return result;
1025 }
1026
1027 static void smb_full_audit_rewinddir(vfs_handle_struct *handle,
1028                         SMB_STRUCT_DIR *dirp)
1029 {
1030         SMB_VFS_NEXT_REWINDDIR(handle, dirp);
1031
1032         do_log(SMB_VFS_OP_REWINDDIR, True, handle, "");
1033         return;
1034 }
1035
1036 static int smb_full_audit_mkdir(vfs_handle_struct *handle,
1037                        const char *path, mode_t mode)
1038 {
1039         int result;
1040         
1041         result = SMB_VFS_NEXT_MKDIR(handle, path, mode);
1042         
1043         do_log(SMB_VFS_OP_MKDIR, (result >= 0), handle, "%s", path);
1044
1045         return result;
1046 }
1047
1048 static int smb_full_audit_rmdir(vfs_handle_struct *handle,
1049                        const char *path)
1050 {
1051         int result;
1052         
1053         result = SMB_VFS_NEXT_RMDIR(handle, path);
1054
1055         do_log(SMB_VFS_OP_RMDIR, (result >= 0), handle, "%s", path);
1056
1057         return result;
1058 }
1059
1060 static int smb_full_audit_closedir(vfs_handle_struct *handle,
1061                           SMB_STRUCT_DIR *dirp)
1062 {
1063         int result;
1064
1065         result = SMB_VFS_NEXT_CLOSEDIR(handle, dirp);
1066         
1067         do_log(SMB_VFS_OP_CLOSEDIR, (result >= 0), handle, "");
1068
1069         return result;
1070 }
1071
1072 static int smb_full_audit_open(vfs_handle_struct *handle,
1073                       const char *fname, files_struct *fsp, int flags, mode_t mode)
1074 {
1075         int result;
1076         
1077         result = SMB_VFS_NEXT_OPEN(handle, fname, fsp, flags, mode);
1078
1079         do_log(SMB_VFS_OP_OPEN, (result >= 0), handle, "%s|%s",
1080                ((flags & O_WRONLY) || (flags & O_RDWR))?"w":"r",
1081                fname);
1082
1083         return result;
1084 }
1085
1086 static int smb_full_audit_close(vfs_handle_struct *handle, files_struct *fsp, int fd)
1087 {
1088         int result;
1089         
1090         result = SMB_VFS_NEXT_CLOSE(handle, fsp, fd);
1091
1092         do_log(SMB_VFS_OP_CLOSE, (result >= 0), handle, "%s", fsp->fsp_name);
1093
1094         return result;
1095 }
1096
1097 static ssize_t smb_full_audit_read(vfs_handle_struct *handle, files_struct *fsp,
1098                           void *data, size_t n)
1099 {
1100         ssize_t result;
1101
1102         result = SMB_VFS_NEXT_READ(handle, fsp, data, n);
1103
1104         do_log(SMB_VFS_OP_READ, (result >= 0), handle, "%s", fsp->fsp_name);
1105
1106         return result;
1107 }
1108
1109 static ssize_t smb_full_audit_pread(vfs_handle_struct *handle, files_struct *fsp,
1110                            void *data, size_t n, SMB_OFF_T offset)
1111 {
1112         ssize_t result;
1113
1114         result = SMB_VFS_NEXT_PREAD(handle, fsp, data, n, offset);
1115
1116         do_log(SMB_VFS_OP_PREAD, (result >= 0), handle, "%s", fsp->fsp_name);
1117
1118         return result;
1119 }
1120
1121 static ssize_t smb_full_audit_write(vfs_handle_struct *handle, files_struct *fsp,
1122                            const void *data, size_t n)
1123 {
1124         ssize_t result;
1125
1126         result = SMB_VFS_NEXT_WRITE(handle, fsp, data, n);
1127
1128         do_log(SMB_VFS_OP_WRITE, (result >= 0), handle, "%s", fsp->fsp_name);
1129
1130         return result;
1131 }
1132
1133 static ssize_t smb_full_audit_pwrite(vfs_handle_struct *handle, files_struct *fsp,
1134                             const void *data, size_t n,
1135                             SMB_OFF_T offset)
1136 {
1137         ssize_t result;
1138
1139         result = SMB_VFS_NEXT_PWRITE(handle, fsp, data, n, offset);
1140
1141         do_log(SMB_VFS_OP_PWRITE, (result >= 0), handle, "%s", fsp->fsp_name);
1142
1143         return result;
1144 }
1145
1146 static SMB_OFF_T smb_full_audit_lseek(vfs_handle_struct *handle, files_struct *fsp,
1147                              SMB_OFF_T offset, int whence)
1148 {
1149         ssize_t result;
1150
1151         result = SMB_VFS_NEXT_LSEEK(handle, fsp, offset, whence);
1152
1153         do_log(SMB_VFS_OP_LSEEK, (result != (ssize_t)-1), handle,
1154                "%s", fsp->fsp_name);
1155
1156         return result;
1157 }
1158
1159 static ssize_t smb_full_audit_sendfile(vfs_handle_struct *handle, int tofd,
1160                               files_struct *fromfsp,
1161                               const DATA_BLOB *hdr, SMB_OFF_T offset,
1162                               size_t n)
1163 {
1164         ssize_t result;
1165
1166         result = SMB_VFS_NEXT_SENDFILE(handle, tofd, fromfsp, hdr, offset, n);
1167
1168         do_log(SMB_VFS_OP_SENDFILE, (result >= 0), handle,
1169                "%s", fromfsp->fsp_name);
1170
1171         return result;
1172 }
1173
1174 static ssize_t smb_full_audit_recvfile(vfs_handle_struct *handle, int fromfd,
1175                       files_struct *tofsp,
1176                               SMB_OFF_T offset,
1177                               size_t n)
1178 {
1179         ssize_t result;
1180
1181         result = SMB_VFS_NEXT_RECVFILE(handle, fromfd, tofsp, offset, n);
1182
1183         do_log(SMB_VFS_OP_RECVFILE, (result >= 0), handle,
1184                "%s", tofsp->fsp_name);
1185
1186         return result;
1187 }
1188
1189 static int smb_full_audit_rename(vfs_handle_struct *handle,
1190                         const char *oldname, const char *newname)
1191 {
1192         int result;
1193         
1194         result = SMB_VFS_NEXT_RENAME(handle, oldname, newname);
1195
1196         do_log(SMB_VFS_OP_RENAME, (result >= 0), handle, "%s|%s", oldname, newname);
1197
1198         return result;    
1199 }
1200
1201 static int smb_full_audit_fsync(vfs_handle_struct *handle, files_struct *fsp)
1202 {
1203         int result;
1204         
1205         result = SMB_VFS_NEXT_FSYNC(handle, fsp);
1206
1207         do_log(SMB_VFS_OP_FSYNC, (result >= 0), handle, "%s", fsp->fsp_name);
1208
1209         return result;    
1210 }
1211
1212 static int smb_full_audit_stat(vfs_handle_struct *handle,
1213                       const char *fname, SMB_STRUCT_STAT *sbuf)
1214 {
1215         int result;
1216         
1217         result = SMB_VFS_NEXT_STAT(handle, fname, sbuf);
1218
1219         do_log(SMB_VFS_OP_STAT, (result >= 0), handle, "%s", fname);
1220
1221         return result;    
1222 }
1223
1224 static int smb_full_audit_fstat(vfs_handle_struct *handle, files_struct *fsp,
1225                        SMB_STRUCT_STAT *sbuf)
1226 {
1227         int result;
1228         
1229         result = SMB_VFS_NEXT_FSTAT(handle, fsp, sbuf);
1230
1231         do_log(SMB_VFS_OP_FSTAT, (result >= 0), handle, "%s", fsp->fsp_name);
1232
1233         return result;
1234 }
1235
1236 static int smb_full_audit_lstat(vfs_handle_struct *handle,
1237                        const char *path, SMB_STRUCT_STAT *sbuf)
1238 {
1239         int result;
1240         
1241         result = SMB_VFS_NEXT_LSTAT(handle, path, sbuf);
1242
1243         do_log(SMB_VFS_OP_LSTAT, (result >= 0), handle, "%s", path);
1244
1245         return result;    
1246 }
1247
1248 static int smb_full_audit_unlink(vfs_handle_struct *handle,
1249                         const char *path)
1250 {
1251         int result;
1252         
1253         result = SMB_VFS_NEXT_UNLINK(handle, path);
1254
1255         do_log(SMB_VFS_OP_UNLINK, (result >= 0), handle, "%s", path);
1256
1257         return result;
1258 }
1259
1260 static int smb_full_audit_chmod(vfs_handle_struct *handle,
1261                        const char *path, mode_t mode)
1262 {
1263         int result;
1264
1265         result = SMB_VFS_NEXT_CHMOD(handle, path, mode);
1266
1267         do_log(SMB_VFS_OP_CHMOD, (result >= 0), handle, "%s|%o", path, mode);
1268
1269         return result;
1270 }
1271
1272 static int smb_full_audit_fchmod(vfs_handle_struct *handle, files_struct *fsp,
1273                         mode_t mode)
1274 {
1275         int result;
1276         
1277         result = SMB_VFS_NEXT_FCHMOD(handle, fsp, mode);
1278
1279         do_log(SMB_VFS_OP_FCHMOD, (result >= 0), handle,
1280                "%s|%o", fsp->fsp_name, mode);
1281
1282         return result;
1283 }
1284
1285 static int smb_full_audit_chown(vfs_handle_struct *handle,
1286                        const char *path, uid_t uid, gid_t gid)
1287 {
1288         int result;
1289
1290         result = SMB_VFS_NEXT_CHOWN(handle, path, uid, gid);
1291
1292         do_log(SMB_VFS_OP_CHOWN, (result >= 0), handle, "%s|%ld|%ld",
1293                path, (long int)uid, (long int)gid);
1294
1295         return result;
1296 }
1297
1298 static int smb_full_audit_fchown(vfs_handle_struct *handle, files_struct *fsp,
1299                         uid_t uid, gid_t gid)
1300 {
1301         int result;
1302
1303         result = SMB_VFS_NEXT_FCHOWN(handle, fsp, uid, gid);
1304
1305         do_log(SMB_VFS_OP_FCHOWN, (result >= 0), handle, "%s|%ld|%ld",
1306                fsp->fsp_name, (long int)uid, (long int)gid);
1307
1308         return result;
1309 }
1310
1311 static int smb_full_audit_lchown(vfs_handle_struct *handle,
1312                        const char *path, uid_t uid, gid_t gid)
1313 {
1314         int result;
1315
1316         result = SMB_VFS_NEXT_LCHOWN(handle, path, uid, gid);
1317
1318         do_log(SMB_VFS_OP_LCHOWN, (result >= 0), handle, "%s|%ld|%ld",
1319                path, (long int)uid, (long int)gid);
1320
1321         return result;
1322 }
1323
1324 static int smb_full_audit_chdir(vfs_handle_struct *handle,
1325                        const char *path)
1326 {
1327         int result;
1328
1329         result = SMB_VFS_NEXT_CHDIR(handle, path);
1330
1331         do_log(SMB_VFS_OP_CHDIR, (result >= 0), handle, "chdir|%s", path);
1332
1333         return result;
1334 }
1335
1336 static char *smb_full_audit_getwd(vfs_handle_struct *handle,
1337                          char *path)
1338 {
1339         char *result;
1340
1341         result = SMB_VFS_NEXT_GETWD(handle, path);
1342         
1343         do_log(SMB_VFS_OP_GETWD, (result != NULL), handle, "%s", path);
1344
1345         return result;
1346 }
1347
1348 static int smb_full_audit_ntimes(vfs_handle_struct *handle,
1349                        const char *path, const struct timespec ts[2])
1350 {
1351         int result;
1352
1353         result = SMB_VFS_NEXT_NTIMES(handle, path, ts);
1354
1355         do_log(SMB_VFS_OP_NTIMES, (result >= 0), handle, "%s", path);
1356
1357         return result;
1358 }
1359
1360 static int smb_full_audit_ftruncate(vfs_handle_struct *handle, files_struct *fsp,
1361                            SMB_OFF_T len)
1362 {
1363         int result;
1364
1365         result = SMB_VFS_NEXT_FTRUNCATE(handle, fsp, len);
1366
1367         do_log(SMB_VFS_OP_FTRUNCATE, (result >= 0), handle,
1368                "%s", fsp->fsp_name);
1369
1370         return result;
1371 }
1372
1373 static bool smb_full_audit_lock(vfs_handle_struct *handle, files_struct *fsp,
1374                        int op, SMB_OFF_T offset, SMB_OFF_T count, int type)
1375 {
1376         bool result;
1377
1378         result = SMB_VFS_NEXT_LOCK(handle, fsp, op, offset, count, type);
1379
1380         do_log(SMB_VFS_OP_LOCK, result, handle, "%s", fsp->fsp_name);
1381
1382         return result;
1383 }
1384
1385 static int smb_full_audit_kernel_flock(struct vfs_handle_struct *handle,
1386                                        struct files_struct *fsp,
1387                                        uint32 share_mode)
1388 {
1389         int result;
1390
1391         result = SMB_VFS_NEXT_KERNEL_FLOCK(handle, fsp, share_mode);
1392
1393         do_log(SMB_VFS_OP_KERNEL_FLOCK, (result >= 0), handle, "%s",
1394                fsp->fsp_name);
1395
1396         return result;
1397 }
1398
1399 static int smb_full_audit_linux_setlease(vfs_handle_struct *handle, files_struct *fsp,
1400                                  int leasetype)
1401 {
1402         int result;
1403
1404         result = SMB_VFS_NEXT_LINUX_SETLEASE(handle, fsp, leasetype);
1405
1406         do_log(SMB_VFS_OP_LINUX_SETLEASE, (result >= 0), handle, "%s",
1407                fsp->fsp_name);
1408
1409         return result;
1410 }
1411
1412 static bool smb_full_audit_getlock(vfs_handle_struct *handle, files_struct *fsp,
1413                        SMB_OFF_T *poffset, SMB_OFF_T *pcount, int *ptype, pid_t *ppid)
1414 {
1415         bool result;
1416
1417         result = SMB_VFS_NEXT_GETLOCK(handle, fsp, poffset, pcount, ptype, ppid);
1418
1419         do_log(SMB_VFS_OP_GETLOCK, result, handle, "%s", fsp->fsp_name);
1420
1421         return result;
1422 }
1423
1424 static int smb_full_audit_symlink(vfs_handle_struct *handle,
1425                          const char *oldpath, const char *newpath)
1426 {
1427         int result;
1428
1429         result = SMB_VFS_NEXT_SYMLINK(handle, oldpath, newpath);
1430
1431         do_log(SMB_VFS_OP_SYMLINK, (result >= 0), handle,
1432                "%s|%s", oldpath, newpath);
1433
1434         return result;
1435 }
1436
1437 static int smb_full_audit_readlink(vfs_handle_struct *handle,
1438                           const char *path, char *buf, size_t bufsiz)
1439 {
1440         int result;
1441
1442         result = SMB_VFS_NEXT_READLINK(handle, path, buf, bufsiz);
1443
1444         do_log(SMB_VFS_OP_READLINK, (result >= 0), handle, "%s", path);
1445
1446         return result;
1447 }
1448
1449 static int smb_full_audit_link(vfs_handle_struct *handle,
1450                       const char *oldpath, const char *newpath)
1451 {
1452         int result;
1453
1454         result = SMB_VFS_NEXT_LINK(handle, oldpath, newpath);
1455
1456         do_log(SMB_VFS_OP_LINK, (result >= 0), handle,
1457                "%s|%s", oldpath, newpath);
1458
1459         return result;
1460 }
1461
1462 static int smb_full_audit_mknod(vfs_handle_struct *handle,
1463                        const char *pathname, mode_t mode, SMB_DEV_T dev)
1464 {
1465         int result;
1466
1467         result = SMB_VFS_NEXT_MKNOD(handle, pathname, mode, dev);
1468
1469         do_log(SMB_VFS_OP_MKNOD, (result >= 0), handle, "%s", pathname);
1470
1471         return result;
1472 }
1473
1474 static char *smb_full_audit_realpath(vfs_handle_struct *handle,
1475                             const char *path, char *resolved_path)
1476 {
1477         char *result;
1478
1479         result = SMB_VFS_NEXT_REALPATH(handle, path, resolved_path);
1480
1481         do_log(SMB_VFS_OP_REALPATH, (result != NULL), handle, "%s", path);
1482
1483         return result;
1484 }
1485
1486 static NTSTATUS smb_full_audit_notify_watch(struct vfs_handle_struct *handle,
1487                         struct sys_notify_context *ctx,
1488                         struct notify_entry *e,
1489                         void (*callback)(struct sys_notify_context *ctx,
1490                                         void *private_data,
1491                                         struct notify_event *ev),
1492                         void *private_data, void *handle_p)
1493 {
1494         NTSTATUS result;
1495
1496         result = SMB_VFS_NEXT_NOTIFY_WATCH(handle, ctx, e, callback, private_data, handle_p);
1497
1498         do_log(SMB_VFS_OP_NOTIFY_WATCH, NT_STATUS_IS_OK(result), handle, "");
1499
1500         return result;
1501 }
1502
1503 static int smb_full_audit_chflags(vfs_handle_struct *handle,
1504                             const char *path, unsigned int flags)
1505 {
1506         int result;
1507
1508         result = SMB_VFS_NEXT_CHFLAGS(handle, path, flags);
1509
1510         do_log(SMB_VFS_OP_CHFLAGS, (result != 0), handle, "%s", path);
1511
1512         return result;
1513 }
1514
1515 static struct file_id smb_full_audit_file_id_create(struct vfs_handle_struct *handle,
1516                                                     SMB_DEV_T dev, SMB_INO_T inode)
1517 {
1518         struct file_id id_zero;
1519         struct file_id result;
1520
1521         ZERO_STRUCT(id_zero);
1522
1523         result = SMB_VFS_NEXT_FILE_ID_CREATE(handle, dev, inode);
1524
1525         do_log(SMB_VFS_OP_FILE_ID_CREATE,
1526                !file_id_equal(&id_zero, &result),
1527                handle, "%s", file_id_string_tos(&result));
1528
1529         return result;
1530 }
1531
1532 static NTSTATUS smb_full_audit_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
1533                                 uint32 security_info,
1534                                 SEC_DESC **ppdesc)
1535 {
1536         NTSTATUS result;
1537
1538         result = SMB_VFS_NEXT_FGET_NT_ACL(handle, fsp, security_info, ppdesc);
1539
1540         do_log(SMB_VFS_OP_FGET_NT_ACL, NT_STATUS_IS_OK(result), handle,
1541                "%s", fsp->fsp_name);
1542
1543         return result;
1544 }
1545
1546 static NTSTATUS smb_full_audit_get_nt_acl(vfs_handle_struct *handle,
1547                                           files_struct *fsp,
1548                                           const char *name,
1549                                           uint32 security_info,
1550                                           SEC_DESC **ppdesc)
1551 {
1552         NTSTATUS result;
1553
1554         result = SMB_VFS_NEXT_GET_NT_ACL(handle, name, security_info, ppdesc);
1555
1556         do_log(SMB_VFS_OP_GET_NT_ACL, NT_STATUS_IS_OK(result), handle,
1557                "%s", fsp->fsp_name);
1558
1559         return result;
1560 }
1561
1562 static NTSTATUS smb_full_audit_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
1563                               uint32 security_info_sent,
1564                               SEC_DESC *psd)
1565 {
1566         NTSTATUS result;
1567
1568         result = SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, security_info_sent, psd);
1569
1570         do_log(SMB_VFS_OP_FSET_NT_ACL, NT_STATUS_IS_OK(result), handle, "%s", fsp->fsp_name);
1571
1572         return result;
1573 }
1574
1575 static NTSTATUS smb_full_audit_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
1576                              const char *name, uint32 security_info_sent,
1577                              SEC_DESC *psd)
1578 {
1579         NTSTATUS result;
1580
1581         result = SMB_VFS_NEXT_SET_NT_ACL(handle, fsp, name, security_info_sent,
1582                                          psd);
1583
1584         do_log(SMB_VFS_OP_SET_NT_ACL, NT_STATUS_IS_OK(result), handle, "%s", fsp->fsp_name);
1585
1586         return result;
1587 }
1588
1589 static int smb_full_audit_chmod_acl(vfs_handle_struct *handle,
1590                            const char *path, mode_t mode)
1591 {
1592         int result;
1593         
1594         result = SMB_VFS_NEXT_CHMOD_ACL(handle, path, mode);
1595
1596         do_log(SMB_VFS_OP_CHMOD_ACL, (result >= 0), handle,
1597                "%s|%o", path, mode);
1598
1599         return result;
1600 }
1601
1602 static int smb_full_audit_fchmod_acl(vfs_handle_struct *handle, files_struct *fsp,
1603                                      mode_t mode)
1604 {
1605         int result;
1606         
1607         result = SMB_VFS_NEXT_FCHMOD_ACL(handle, fsp, mode);
1608
1609         do_log(SMB_VFS_OP_FCHMOD_ACL, (result >= 0), handle,
1610                "%s|%o", fsp->fsp_name, mode);
1611
1612         return result;
1613 }
1614
1615 static int smb_full_audit_sys_acl_get_entry(vfs_handle_struct *handle,
1616
1617                                    SMB_ACL_T theacl, int entry_id,
1618                                    SMB_ACL_ENTRY_T *entry_p)
1619 {
1620         int result;
1621
1622         result = SMB_VFS_NEXT_SYS_ACL_GET_ENTRY(handle, theacl, entry_id,
1623                                                 entry_p);
1624
1625         do_log(SMB_VFS_OP_SYS_ACL_GET_ENTRY, (result >= 0), handle,
1626                "");
1627
1628         return result;
1629 }
1630
1631 static int smb_full_audit_sys_acl_get_tag_type(vfs_handle_struct *handle,
1632
1633                                       SMB_ACL_ENTRY_T entry_d,
1634                                       SMB_ACL_TAG_T *tag_type_p)
1635 {
1636         int result;
1637
1638         result = SMB_VFS_NEXT_SYS_ACL_GET_TAG_TYPE(handle, entry_d,
1639                                                    tag_type_p);
1640
1641         do_log(SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE, (result >= 0), handle,
1642                "");
1643
1644         return result;
1645 }
1646
1647 static int smb_full_audit_sys_acl_get_permset(vfs_handle_struct *handle,
1648
1649                                      SMB_ACL_ENTRY_T entry_d,
1650                                      SMB_ACL_PERMSET_T *permset_p)
1651 {
1652         int result;
1653
1654         result = SMB_VFS_NEXT_SYS_ACL_GET_PERMSET(handle, entry_d,
1655                                                   permset_p);
1656
1657         do_log(SMB_VFS_OP_SYS_ACL_GET_PERMSET, (result >= 0), handle,
1658                "");
1659
1660         return result;
1661 }
1662
1663 static void * smb_full_audit_sys_acl_get_qualifier(vfs_handle_struct *handle,
1664
1665                                           SMB_ACL_ENTRY_T entry_d)
1666 {
1667         void *result;
1668
1669         result = SMB_VFS_NEXT_SYS_ACL_GET_QUALIFIER(handle, entry_d);
1670
1671         do_log(SMB_VFS_OP_SYS_ACL_GET_QUALIFIER, (result != NULL), handle,
1672                "");
1673
1674         return result;
1675 }
1676
1677 static SMB_ACL_T smb_full_audit_sys_acl_get_file(vfs_handle_struct *handle,
1678                                         const char *path_p,
1679                                         SMB_ACL_TYPE_T type)
1680 {
1681         SMB_ACL_T result;
1682
1683         result = SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p, type);
1684
1685         do_log(SMB_VFS_OP_SYS_ACL_GET_FILE, (result != NULL), handle,
1686                "%s", path_p);
1687
1688         return result;
1689 }
1690
1691 static SMB_ACL_T smb_full_audit_sys_acl_get_fd(vfs_handle_struct *handle,
1692                                       files_struct *fsp)
1693 {
1694         SMB_ACL_T result;
1695
1696         result = SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp);
1697
1698         do_log(SMB_VFS_OP_SYS_ACL_GET_FD, (result != NULL), handle,
1699                "%s", fsp->fsp_name);
1700
1701         return result;
1702 }
1703
1704 static int smb_full_audit_sys_acl_clear_perms(vfs_handle_struct *handle,
1705
1706                                      SMB_ACL_PERMSET_T permset)
1707 {
1708         int result;
1709
1710         result = SMB_VFS_NEXT_SYS_ACL_CLEAR_PERMS(handle, permset);
1711
1712         do_log(SMB_VFS_OP_SYS_ACL_CLEAR_PERMS, (result >= 0), handle,
1713                "");
1714
1715         return result;
1716 }
1717
1718 static int smb_full_audit_sys_acl_add_perm(vfs_handle_struct *handle,
1719
1720                                   SMB_ACL_PERMSET_T permset,
1721                                   SMB_ACL_PERM_T perm)
1722 {
1723         int result;
1724
1725         result = SMB_VFS_NEXT_SYS_ACL_ADD_PERM(handle, permset, perm);
1726
1727         do_log(SMB_VFS_OP_SYS_ACL_ADD_PERM, (result >= 0), handle,
1728                "");
1729
1730         return result;
1731 }
1732
1733 static char * smb_full_audit_sys_acl_to_text(vfs_handle_struct *handle,
1734                                     SMB_ACL_T theacl,
1735                                     ssize_t *plen)
1736 {
1737         char * result;
1738
1739         result = SMB_VFS_NEXT_SYS_ACL_TO_TEXT(handle, theacl, plen);
1740
1741         do_log(SMB_VFS_OP_SYS_ACL_TO_TEXT, (result != NULL), handle,
1742                "");
1743
1744         return result;
1745 }
1746
1747 static SMB_ACL_T smb_full_audit_sys_acl_init(vfs_handle_struct *handle,
1748
1749                                     int count)
1750 {
1751         SMB_ACL_T result;
1752
1753         result = SMB_VFS_NEXT_SYS_ACL_INIT(handle, count);
1754
1755         do_log(SMB_VFS_OP_SYS_ACL_INIT, (result != NULL), handle,
1756                "");
1757
1758         return result;
1759 }
1760
1761 static int smb_full_audit_sys_acl_create_entry(vfs_handle_struct *handle,
1762                                       SMB_ACL_T *pacl,
1763                                       SMB_ACL_ENTRY_T *pentry)
1764 {
1765         int result;
1766
1767         result = SMB_VFS_NEXT_SYS_ACL_CREATE_ENTRY(handle, pacl, pentry);
1768
1769         do_log(SMB_VFS_OP_SYS_ACL_CREATE_ENTRY, (result >= 0), handle,
1770                "");
1771
1772         return result;
1773 }
1774
1775 static int smb_full_audit_sys_acl_set_tag_type(vfs_handle_struct *handle,
1776
1777                                       SMB_ACL_ENTRY_T entry,
1778                                       SMB_ACL_TAG_T tagtype)
1779 {
1780         int result;
1781
1782         result = SMB_VFS_NEXT_SYS_ACL_SET_TAG_TYPE(handle, entry,
1783                                                    tagtype);
1784
1785         do_log(SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE, (result >= 0), handle,
1786                "");
1787
1788         return result;
1789 }
1790
1791 static int smb_full_audit_sys_acl_set_qualifier(vfs_handle_struct *handle,
1792
1793                                        SMB_ACL_ENTRY_T entry,
1794                                        void *qual)
1795 {
1796         int result;
1797
1798         result = SMB_VFS_NEXT_SYS_ACL_SET_QUALIFIER(handle, entry, qual);
1799
1800         do_log(SMB_VFS_OP_SYS_ACL_SET_QUALIFIER, (result >= 0), handle,
1801                "");
1802
1803         return result;
1804 }
1805
1806 static int smb_full_audit_sys_acl_set_permset(vfs_handle_struct *handle,
1807
1808                                      SMB_ACL_ENTRY_T entry,
1809                                      SMB_ACL_PERMSET_T permset)
1810 {
1811         int result;
1812
1813         result = SMB_VFS_NEXT_SYS_ACL_SET_PERMSET(handle, entry, permset);
1814
1815         do_log(SMB_VFS_OP_SYS_ACL_SET_PERMSET, (result >= 0), handle,
1816                "");
1817
1818         return result;
1819 }
1820
1821 static int smb_full_audit_sys_acl_valid(vfs_handle_struct *handle,
1822
1823                                SMB_ACL_T theacl )
1824 {
1825         int result;
1826
1827         result = SMB_VFS_NEXT_SYS_ACL_VALID(handle, theacl);
1828
1829         do_log(SMB_VFS_OP_SYS_ACL_VALID, (result >= 0), handle,
1830                "");
1831
1832         return result;
1833 }
1834
1835 static int smb_full_audit_sys_acl_set_file(vfs_handle_struct *handle,
1836
1837                                   const char *name, SMB_ACL_TYPE_T acltype,
1838                                   SMB_ACL_T theacl)
1839 {
1840         int result;
1841
1842         result = SMB_VFS_NEXT_SYS_ACL_SET_FILE(handle, name, acltype,
1843                                                theacl);
1844
1845         do_log(SMB_VFS_OP_SYS_ACL_SET_FILE, (result >= 0), handle,
1846                "%s", name);
1847
1848         return result;
1849 }
1850
1851 static int smb_full_audit_sys_acl_set_fd(vfs_handle_struct *handle, files_struct *fsp,
1852                                 SMB_ACL_T theacl)
1853 {
1854         int result;
1855
1856         result = SMB_VFS_NEXT_SYS_ACL_SET_FD(handle, fsp, theacl);
1857
1858         do_log(SMB_VFS_OP_SYS_ACL_SET_FD, (result >= 0), handle,
1859                "%s", fsp->fsp_name);
1860
1861         return result;
1862 }
1863
1864 static int smb_full_audit_sys_acl_delete_def_file(vfs_handle_struct *handle,
1865
1866                                          const char *path)
1867 {
1868         int result;
1869
1870         result = SMB_VFS_NEXT_SYS_ACL_DELETE_DEF_FILE(handle, path);
1871
1872         do_log(SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE, (result >= 0), handle,
1873                "%s", path);
1874
1875         return result;
1876 }
1877
1878 static int smb_full_audit_sys_acl_get_perm(vfs_handle_struct *handle,
1879
1880                                   SMB_ACL_PERMSET_T permset,
1881                                   SMB_ACL_PERM_T perm)
1882 {
1883         int result;
1884
1885         result = SMB_VFS_NEXT_SYS_ACL_GET_PERM(handle, permset, perm);
1886
1887         do_log(SMB_VFS_OP_SYS_ACL_GET_PERM, (result >= 0), handle,
1888                "");
1889
1890         return result;
1891 }
1892
1893 static int smb_full_audit_sys_acl_free_text(vfs_handle_struct *handle,
1894
1895                                    char *text)
1896 {
1897         int result;
1898
1899         result = SMB_VFS_NEXT_SYS_ACL_FREE_TEXT(handle, text);
1900
1901         do_log(SMB_VFS_OP_SYS_ACL_FREE_TEXT, (result >= 0), handle,
1902                "");
1903
1904         return result;
1905 }
1906
1907 static int smb_full_audit_sys_acl_free_acl(vfs_handle_struct *handle,
1908
1909                                   SMB_ACL_T posix_acl)
1910 {
1911         int result;
1912
1913         result = SMB_VFS_NEXT_SYS_ACL_FREE_ACL(handle, posix_acl);
1914
1915         do_log(SMB_VFS_OP_SYS_ACL_FREE_ACL, (result >= 0), handle,
1916                "");
1917
1918         return result;
1919 }
1920
1921 static int smb_full_audit_sys_acl_free_qualifier(vfs_handle_struct *handle,
1922                                         void *qualifier,
1923                                         SMB_ACL_TAG_T tagtype)
1924 {
1925         int result;
1926
1927         result = SMB_VFS_NEXT_SYS_ACL_FREE_QUALIFIER(handle, qualifier,
1928                                                      tagtype);
1929
1930         do_log(SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER, (result >= 0), handle,
1931                "");
1932
1933         return result;
1934 }
1935
1936 static ssize_t smb_full_audit_getxattr(struct vfs_handle_struct *handle,
1937                               const char *path,
1938                               const char *name, void *value, size_t size)
1939 {
1940         ssize_t result;
1941
1942         result = SMB_VFS_NEXT_GETXATTR(handle, path, name, value, size);
1943
1944         do_log(SMB_VFS_OP_GETXATTR, (result >= 0), handle,
1945                "%s|%s", path, name);
1946
1947         return result;
1948 }
1949
1950 static ssize_t smb_full_audit_lgetxattr(struct vfs_handle_struct *handle,
1951                                const char *path, const char *name,
1952                                void *value, size_t size)
1953 {
1954         ssize_t result;
1955
1956         result = SMB_VFS_NEXT_LGETXATTR(handle, path, name, value, size);
1957
1958         do_log(SMB_VFS_OP_LGETXATTR, (result >= 0), handle,
1959                "%s|%s", path, name);
1960
1961         return result;
1962 }
1963
1964 static ssize_t smb_full_audit_fgetxattr(struct vfs_handle_struct *handle,
1965                                struct files_struct *fsp,
1966                                const char *name, void *value, size_t size)
1967 {
1968         ssize_t result;
1969
1970         result = SMB_VFS_NEXT_FGETXATTR(handle, fsp, name, value, size);
1971
1972         do_log(SMB_VFS_OP_FGETXATTR, (result >= 0), handle,
1973                "%s|%s", fsp->fsp_name, name);
1974
1975         return result;
1976 }
1977
1978 static ssize_t smb_full_audit_listxattr(struct vfs_handle_struct *handle,
1979                                const char *path, char *list, size_t size)
1980 {
1981         ssize_t result;
1982
1983         result = SMB_VFS_NEXT_LISTXATTR(handle, path, list, size);
1984
1985         do_log(SMB_VFS_OP_LISTXATTR, (result >= 0), handle, "%s", path);
1986
1987         return result;
1988 }
1989
1990 static ssize_t smb_full_audit_llistxattr(struct vfs_handle_struct *handle,
1991                                 const char *path, char *list, size_t size)
1992 {
1993         ssize_t result;
1994
1995         result = SMB_VFS_NEXT_LLISTXATTR(handle, path, list, size);
1996
1997         do_log(SMB_VFS_OP_LLISTXATTR, (result >= 0), handle, "%s", path);
1998
1999         return result;
2000 }
2001
2002 static ssize_t smb_full_audit_flistxattr(struct vfs_handle_struct *handle,
2003                                 struct files_struct *fsp, char *list,
2004                                 size_t size)
2005 {
2006         ssize_t result;
2007
2008         result = SMB_VFS_NEXT_FLISTXATTR(handle, fsp, list, size);
2009
2010         do_log(SMB_VFS_OP_FLISTXATTR, (result >= 0), handle,
2011                "%s", fsp->fsp_name);
2012
2013         return result;
2014 }
2015
2016 static int smb_full_audit_removexattr(struct vfs_handle_struct *handle,
2017                              const char *path,
2018                              const char *name)
2019 {
2020         int result;
2021
2022         result = SMB_VFS_NEXT_REMOVEXATTR(handle, path, name);
2023
2024         do_log(SMB_VFS_OP_REMOVEXATTR, (result >= 0), handle,
2025                "%s|%s", path, name);
2026
2027         return result;
2028 }
2029
2030 static int smb_full_audit_lremovexattr(struct vfs_handle_struct *handle,
2031                               const char *path,
2032                               const char *name)
2033 {
2034         int result;
2035
2036         result = SMB_VFS_NEXT_LREMOVEXATTR(handle, path, name);
2037
2038         do_log(SMB_VFS_OP_LREMOVEXATTR, (result >= 0), handle,
2039                "%s|%s", path, name);
2040
2041         return result;
2042 }
2043
2044 static int smb_full_audit_fremovexattr(struct vfs_handle_struct *handle,
2045                               struct files_struct *fsp,
2046                               const char *name)
2047 {
2048         int result;
2049
2050         result = SMB_VFS_NEXT_FREMOVEXATTR(handle, fsp, name);
2051
2052         do_log(SMB_VFS_OP_FREMOVEXATTR, (result >= 0), handle,
2053                "%s|%s", fsp->fsp_name, name);
2054
2055         return result;
2056 }
2057
2058 static int smb_full_audit_setxattr(struct vfs_handle_struct *handle,
2059                           const char *path,
2060                           const char *name, const void *value, size_t size,
2061                           int flags)
2062 {
2063         int result;
2064
2065         result = SMB_VFS_NEXT_SETXATTR(handle, path, name, value, size,
2066                                        flags);
2067
2068         do_log(SMB_VFS_OP_SETXATTR, (result >= 0), handle,
2069                "%s|%s", path, name);
2070
2071         return result;
2072 }
2073
2074 static int smb_full_audit_lsetxattr(struct vfs_handle_struct *handle,
2075                            const char *path,
2076                            const char *name, const void *value, size_t size,
2077                            int flags)
2078 {
2079         int result;
2080
2081         result = SMB_VFS_NEXT_LSETXATTR(handle, path, name, value, size,
2082                                         flags);
2083
2084         do_log(SMB_VFS_OP_LSETXATTR, (result >= 0), handle,
2085                "%s|%s", path, name);
2086
2087         return result;
2088 }
2089
2090 static int smb_full_audit_fsetxattr(struct vfs_handle_struct *handle,
2091                            struct files_struct *fsp, const char *name,
2092                            const void *value, size_t size, int flags)
2093 {
2094         int result;
2095
2096         result = SMB_VFS_NEXT_FSETXATTR(handle, fsp, name, value, size, flags);
2097
2098         do_log(SMB_VFS_OP_FSETXATTR, (result >= 0), handle,
2099                "%s|%s", fsp->fsp_name, name);
2100
2101         return result;
2102 }
2103
2104 static int smb_full_audit_aio_read(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb)
2105 {
2106         int result;
2107
2108         result = SMB_VFS_NEXT_AIO_READ(handle, fsp, aiocb);
2109         do_log(SMB_VFS_OP_AIO_READ, (result >= 0), handle,
2110                 "%s", fsp->fsp_name);
2111
2112         return result;
2113 }
2114
2115 static int smb_full_audit_aio_write(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb)
2116 {
2117         int result;
2118
2119         result = SMB_VFS_NEXT_AIO_WRITE(handle, fsp, aiocb);
2120         do_log(SMB_VFS_OP_AIO_WRITE, (result >= 0), handle,
2121                 "%s", fsp->fsp_name);
2122
2123         return result;
2124 }
2125
2126 static ssize_t smb_full_audit_aio_return(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb)
2127 {
2128         int result;
2129
2130         result = SMB_VFS_NEXT_AIO_RETURN(handle, fsp, aiocb);
2131         do_log(SMB_VFS_OP_AIO_RETURN, (result >= 0), handle,
2132                 "%s", fsp->fsp_name);
2133
2134         return result;
2135 }
2136
2137 static int smb_full_audit_aio_cancel(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb)
2138 {
2139         int result;
2140
2141         result = SMB_VFS_NEXT_AIO_CANCEL(handle, fsp, aiocb);
2142         do_log(SMB_VFS_OP_AIO_CANCEL, (result >= 0), handle,
2143                 "%s", fsp->fsp_name);
2144
2145         return result;
2146 }
2147
2148 static int smb_full_audit_aio_error(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb)
2149 {
2150         int result;
2151
2152         result = SMB_VFS_NEXT_AIO_ERROR(handle, fsp, aiocb);
2153         do_log(SMB_VFS_OP_AIO_ERROR, (result >= 0), handle,
2154                 "%s", fsp->fsp_name);
2155
2156         return result;
2157 }
2158
2159 static int smb_full_audit_aio_fsync(struct vfs_handle_struct *handle, struct files_struct *fsp, int op, SMB_STRUCT_AIOCB *aiocb)
2160 {
2161         int result;
2162
2163         result = SMB_VFS_NEXT_AIO_FSYNC(handle, fsp, op, aiocb);
2164         do_log(SMB_VFS_OP_AIO_FSYNC, (result >= 0), handle,
2165                 "%s", fsp->fsp_name);
2166
2167         return result;
2168 }
2169
2170 static int smb_full_audit_aio_suspend(struct vfs_handle_struct *handle, struct files_struct *fsp, const SMB_STRUCT_AIOCB * const aiocb[], int n, const struct timespec *ts)
2171 {
2172         int result;
2173
2174         result = SMB_VFS_NEXT_AIO_SUSPEND(handle, fsp, aiocb, n, ts);
2175         do_log(SMB_VFS_OP_AIO_SUSPEND, (result >= 0), handle,
2176                 "%s", fsp->fsp_name);
2177
2178         return result;
2179 }
2180
2181
2182 NTSTATUS vfs_full_audit_init(void);
2183 NTSTATUS vfs_full_audit_init(void)
2184 {
2185         NTSTATUS ret = smb_register_vfs(SMB_VFS_INTERFACE_VERSION,
2186                                         "full_audit", audit_op_tuples);
2187         
2188         if (!NT_STATUS_IS_OK(ret))
2189                 return ret;
2190
2191         vfs_full_audit_debug_level = debug_add_class("full_audit");
2192         if (vfs_full_audit_debug_level == -1) {
2193                 vfs_full_audit_debug_level = DBGC_VFS;
2194                 DEBUG(0, ("vfs_full_audit: Couldn't register custom debugging "
2195                           "class!\n"));
2196         } else {
2197                 DEBUG(10, ("vfs_full_audit: Debug class number of "
2198                            "'full_audit': %d\n", vfs_full_audit_debug_level));
2199         }
2200         
2201         return ret;
2202 }