2 * Auditing VFS module for samba. Log selected file operations to syslog
5 * Copyright (C) Tim Potter, 1999-2000
6 * Copyright (C) Alexander Bokovoy, 2002
7 * Copyright (C) John H Terpstra, 2003
8 * Copyright (C) Stefan (metze) Metzmacher, 2003
9 * Copyright (C) Volker Lendecke, 2004
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
27 * This module implements parseable logging for all Samba VFS operations.
29 * You use it as follows:
33 * vfs objects = full_audit
34 * full_audit:prefix = %u|%I
35 * full_audit:success = open opendir
36 * full_audit:failure = all
38 * vfs op can be "all" which means log all operations.
39 * vfs op can be "none" which means no logging.
41 * This leads to syslog entries of the form:
42 * smbd_audit: nobody|192.168.234.1|opendir|ok|.
43 * smbd_audit: nobody|192.168.234.1|open|fail (File not found)|r|x.txt
45 * where "nobody" is the connected username and "192.168.234.1" is the
46 * client's IP address.
50 * prefix: A macro expansion template prepended to the syslog entry.
52 * success: A list of VFS operations for which a successful completion should
53 * be logged. Defaults to no logging at all. The special operation "all" logs
54 * - you guessed it - everything.
56 * failure: A list of VFS operations for which failure to complete should be
57 * logged. Defaults to logging everything.
63 static int vfs_full_audit_debug_level = DBGC_VFS;
65 struct vfs_full_audit_private_data {
66 struct bitmap *success_ops;
67 struct bitmap *failure_ops;
71 #define DBGC_CLASS vfs_full_audit_debug_level
73 /* Function prototypes */
75 static int smb_full_audit_connect(vfs_handle_struct *handle,
76 const char *svc, const char *user);
77 static void smb_full_audit_disconnect(vfs_handle_struct *handle);
78 static SMB_BIG_UINT smb_full_audit_disk_free(vfs_handle_struct *handle,
80 BOOL small_query, SMB_BIG_UINT *bsize,
81 SMB_BIG_UINT *dfree, SMB_BIG_UINT *dsize);
82 static int smb_full_audit_get_quota(struct vfs_handle_struct *handle,
83 enum SMB_QUOTA_TYPE qtype, unid_t id,
85 static int smb_full_audit_set_quota(struct vfs_handle_struct *handle,
86 enum SMB_QUOTA_TYPE qtype, unid_t id,
88 static int smb_full_audit_get_shadow_copy_data(struct vfs_handle_struct *handle,
89 struct files_struct *fsp,
90 SHADOW_COPY_DATA *shadow_copy_data, BOOL labels);
91 static int smb_full_audit_statvfs(struct vfs_handle_struct *handle,
93 struct vfs_statvfs_struct *statbuf);
95 static SMB_STRUCT_DIR *smb_full_audit_opendir(vfs_handle_struct *handle,
96 const char *fname, const char *mask, uint32 attr);
97 static SMB_STRUCT_DIRENT *smb_full_audit_readdir(vfs_handle_struct *handle,
98 SMB_STRUCT_DIR *dirp);
99 static void smb_full_audit_seekdir(vfs_handle_struct *handle,
100 SMB_STRUCT_DIR *dirp, long offset);
101 static long smb_full_audit_telldir(vfs_handle_struct *handle,
102 SMB_STRUCT_DIR *dirp);
103 static void smb_full_audit_rewinddir(vfs_handle_struct *handle,
104 SMB_STRUCT_DIR *dirp);
105 static int smb_full_audit_mkdir(vfs_handle_struct *handle,
106 const char *path, mode_t mode);
107 static int smb_full_audit_rmdir(vfs_handle_struct *handle,
109 static int smb_full_audit_closedir(vfs_handle_struct *handle,
110 SMB_STRUCT_DIR *dirp);
111 static int smb_full_audit_open(vfs_handle_struct *handle,
112 const char *fname, files_struct *fsp, int flags, mode_t mode);
113 static int smb_full_audit_close(vfs_handle_struct *handle, files_struct *fsp, int fd);
114 static ssize_t smb_full_audit_read(vfs_handle_struct *handle, files_struct *fsp,
115 int fd, void *data, size_t n);
116 static ssize_t smb_full_audit_pread(vfs_handle_struct *handle, files_struct *fsp,
117 int fd, void *data, size_t n, SMB_OFF_T offset);
118 static ssize_t smb_full_audit_write(vfs_handle_struct *handle, files_struct *fsp,
119 int fd, const void *data, size_t n);
120 static ssize_t smb_full_audit_pwrite(vfs_handle_struct *handle, files_struct *fsp,
121 int fd, const void *data, size_t n,
123 static SMB_OFF_T smb_full_audit_lseek(vfs_handle_struct *handle, files_struct *fsp,
124 int filedes, SMB_OFF_T offset, int whence);
125 static ssize_t smb_full_audit_sendfile(vfs_handle_struct *handle, int tofd,
126 files_struct *fsp, int fromfd,
127 const DATA_BLOB *hdr, SMB_OFF_T offset,
129 static int smb_full_audit_rename(vfs_handle_struct *handle,
130 const char *oldname, const char *newname);
131 static int smb_full_audit_fsync(vfs_handle_struct *handle, files_struct *fsp, int fd);
132 static int smb_full_audit_stat(vfs_handle_struct *handle,
133 const char *fname, SMB_STRUCT_STAT *sbuf);
134 static int smb_full_audit_fstat(vfs_handle_struct *handle, files_struct *fsp, int fd,
135 SMB_STRUCT_STAT *sbuf);
136 static int smb_full_audit_lstat(vfs_handle_struct *handle,
137 const char *path, SMB_STRUCT_STAT *sbuf);
138 static int smb_full_audit_unlink(vfs_handle_struct *handle,
140 static int smb_full_audit_chmod(vfs_handle_struct *handle,
141 const char *path, mode_t mode);
142 static int smb_full_audit_fchmod(vfs_handle_struct *handle, files_struct *fsp, int fd,
144 static int smb_full_audit_chown(vfs_handle_struct *handle,
145 const char *path, uid_t uid, gid_t gid);
146 static int smb_full_audit_fchown(vfs_handle_struct *handle, files_struct *fsp, int fd,
147 uid_t uid, gid_t gid);
148 static int smb_full_audit_chdir(vfs_handle_struct *handle,
150 static char *smb_full_audit_getwd(vfs_handle_struct *handle,
152 static int smb_full_audit_utime(vfs_handle_struct *handle,
153 const char *path, struct utimbuf *times);
154 static int smb_full_audit_ftruncate(vfs_handle_struct *handle, files_struct *fsp,
155 int fd, SMB_OFF_T len);
156 static BOOL smb_full_audit_lock(vfs_handle_struct *handle, files_struct *fsp, int fd,
157 int op, SMB_OFF_T offset, SMB_OFF_T count, int type);
158 static BOOL smb_full_audit_getlock(vfs_handle_struct *handle, files_struct *fsp, int fd,
159 SMB_OFF_T *poffset, SMB_OFF_T *pcount, int *ptype, pid_t *ppid);
160 static int smb_full_audit_symlink(vfs_handle_struct *handle,
161 const char *oldpath, const char *newpath);
162 static int smb_full_audit_readlink(vfs_handle_struct *handle,
163 const char *path, char *buf, size_t bufsiz);
164 static int smb_full_audit_link(vfs_handle_struct *handle,
165 const char *oldpath, const char *newpath);
166 static int smb_full_audit_mknod(vfs_handle_struct *handle,
167 const char *pathname, mode_t mode, SMB_DEV_T dev);
168 static char *smb_full_audit_realpath(vfs_handle_struct *handle,
169 const char *path, char *resolved_path);
170 static size_t smb_full_audit_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
171 int fd, uint32 security_info,
173 static size_t smb_full_audit_get_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
174 const char *name, uint32 security_info,
176 static BOOL smb_full_audit_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
177 int fd, uint32 security_info_sent,
179 static BOOL smb_full_audit_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
180 const char *name, uint32 security_info_sent,
182 static int smb_full_audit_chmod_acl(vfs_handle_struct *handle,
183 const char *path, mode_t mode);
184 static int smb_full_audit_fchmod_acl(vfs_handle_struct *handle, files_struct *fsp,
185 int fd, mode_t mode);
186 static int smb_full_audit_sys_acl_get_entry(vfs_handle_struct *handle,
187 SMB_ACL_T theacl, int entry_id,
188 SMB_ACL_ENTRY_T *entry_p);
189 static int smb_full_audit_sys_acl_get_tag_type(vfs_handle_struct *handle,
190 SMB_ACL_ENTRY_T entry_d,
191 SMB_ACL_TAG_T *tag_type_p);
192 static int smb_full_audit_sys_acl_get_permset(vfs_handle_struct *handle,
193 SMB_ACL_ENTRY_T entry_d,
194 SMB_ACL_PERMSET_T *permset_p);
195 static void * smb_full_audit_sys_acl_get_qualifier(vfs_handle_struct *handle,
196 SMB_ACL_ENTRY_T entry_d);
197 static SMB_ACL_T smb_full_audit_sys_acl_get_file(vfs_handle_struct *handle,
199 SMB_ACL_TYPE_T type);
200 static SMB_ACL_T smb_full_audit_sys_acl_get_fd(vfs_handle_struct *handle,
203 static int smb_full_audit_sys_acl_clear_perms(vfs_handle_struct *handle,
204 SMB_ACL_PERMSET_T permset);
205 static int smb_full_audit_sys_acl_add_perm(vfs_handle_struct *handle,
206 SMB_ACL_PERMSET_T permset,
207 SMB_ACL_PERM_T perm);
208 static char * smb_full_audit_sys_acl_to_text(vfs_handle_struct *handle,
211 static SMB_ACL_T smb_full_audit_sys_acl_init(vfs_handle_struct *handle,
213 static int smb_full_audit_sys_acl_create_entry(vfs_handle_struct *handle,
215 SMB_ACL_ENTRY_T *pentry);
216 static int smb_full_audit_sys_acl_set_tag_type(vfs_handle_struct *handle,
217 SMB_ACL_ENTRY_T entry,
218 SMB_ACL_TAG_T tagtype);
219 static int smb_full_audit_sys_acl_set_qualifier(vfs_handle_struct *handle,
220 SMB_ACL_ENTRY_T entry,
222 static int smb_full_audit_sys_acl_set_permset(vfs_handle_struct *handle,
223 SMB_ACL_ENTRY_T entry,
224 SMB_ACL_PERMSET_T permset);
225 static int smb_full_audit_sys_acl_valid(vfs_handle_struct *handle,
227 static int smb_full_audit_sys_acl_set_file(vfs_handle_struct *handle,
228 const char *name, SMB_ACL_TYPE_T acltype,
230 static int smb_full_audit_sys_acl_set_fd(vfs_handle_struct *handle, files_struct *fsp,
231 int fd, SMB_ACL_T theacl);
232 static int smb_full_audit_sys_acl_delete_def_file(vfs_handle_struct *handle,
234 static int smb_full_audit_sys_acl_get_perm(vfs_handle_struct *handle,
235 SMB_ACL_PERMSET_T permset,
236 SMB_ACL_PERM_T perm);
237 static int smb_full_audit_sys_acl_free_text(vfs_handle_struct *handle,
239 static int smb_full_audit_sys_acl_free_acl(vfs_handle_struct *handle,
240 SMB_ACL_T posix_acl);
241 static int smb_full_audit_sys_acl_free_qualifier(vfs_handle_struct *handle,
243 SMB_ACL_TAG_T tagtype);
244 static ssize_t smb_full_audit_getxattr(struct vfs_handle_struct *handle,
246 const char *name, void *value, size_t size);
247 static ssize_t smb_full_audit_lgetxattr(struct vfs_handle_struct *handle,
248 const char *path, const char *name,
249 void *value, size_t size);
250 static ssize_t smb_full_audit_fgetxattr(struct vfs_handle_struct *handle,
251 struct files_struct *fsp, int fd,
252 const char *name, void *value, size_t size);
253 static ssize_t smb_full_audit_listxattr(struct vfs_handle_struct *handle,
254 const char *path, char *list, size_t size);
255 static ssize_t smb_full_audit_llistxattr(struct vfs_handle_struct *handle,
256 const char *path, char *list, size_t size);
257 static ssize_t smb_full_audit_flistxattr(struct vfs_handle_struct *handle,
258 struct files_struct *fsp, int fd, char *list,
260 static int smb_full_audit_removexattr(struct vfs_handle_struct *handle,
263 static int smb_full_audit_lremovexattr(struct vfs_handle_struct *handle,
266 static int smb_full_audit_fremovexattr(struct vfs_handle_struct *handle,
267 struct files_struct *fsp, int fd,
269 static int smb_full_audit_setxattr(struct vfs_handle_struct *handle,
271 const char *name, const void *value, size_t size,
273 static int smb_full_audit_lsetxattr(struct vfs_handle_struct *handle,
275 const char *name, const void *value, size_t size,
277 static int smb_full_audit_fsetxattr(struct vfs_handle_struct *handle,
278 struct files_struct *fsp, int fd, const char *name,
279 const void *value, size_t size, int flags);
281 static int smb_full_audit_aio_read(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb);
282 static int smb_full_audit_aio_write(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb);
283 static ssize_t smb_full_audit_aio_return(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb);
284 static int smb_full_audit_aio_cancel(struct vfs_handle_struct *handle, struct files_struct *fsp, int fd, SMB_STRUCT_AIOCB *aiocb);
285 static int smb_full_audit_aio_error(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb);
286 static int smb_full_audit_aio_fsync(struct vfs_handle_struct *handle, struct files_struct *fsp, int op, SMB_STRUCT_AIOCB *aiocb);
287 static int smb_full_audit_aio_suspend(struct vfs_handle_struct *handle, struct files_struct *fsp, const SMB_STRUCT_AIOCB * const aiocb[], int n, const struct timespec *ts);
291 static vfs_op_tuple audit_op_tuples[] = {
293 /* Disk operations */
295 {SMB_VFS_OP(smb_full_audit_connect), SMB_VFS_OP_CONNECT,
296 SMB_VFS_LAYER_LOGGER},
297 {SMB_VFS_OP(smb_full_audit_disconnect), SMB_VFS_OP_DISCONNECT,
298 SMB_VFS_LAYER_LOGGER},
299 {SMB_VFS_OP(smb_full_audit_disk_free), SMB_VFS_OP_DISK_FREE,
300 SMB_VFS_LAYER_LOGGER},
301 {SMB_VFS_OP(smb_full_audit_get_quota), SMB_VFS_OP_GET_QUOTA,
302 SMB_VFS_LAYER_LOGGER},
303 {SMB_VFS_OP(smb_full_audit_set_quota), SMB_VFS_OP_SET_QUOTA,
304 SMB_VFS_LAYER_LOGGER},
305 {SMB_VFS_OP(smb_full_audit_get_shadow_copy_data), SMB_VFS_OP_GET_SHADOW_COPY_DATA,
306 SMB_VFS_LAYER_LOGGER},
307 {SMB_VFS_OP(smb_full_audit_statvfs), SMB_VFS_OP_STATVFS,
308 SMB_VFS_LAYER_LOGGER},
310 /* Directory operations */
312 {SMB_VFS_OP(smb_full_audit_opendir), SMB_VFS_OP_OPENDIR,
313 SMB_VFS_LAYER_LOGGER},
314 {SMB_VFS_OP(smb_full_audit_readdir), SMB_VFS_OP_READDIR,
315 SMB_VFS_LAYER_LOGGER},
316 {SMB_VFS_OP(smb_full_audit_seekdir), SMB_VFS_OP_SEEKDIR,
317 SMB_VFS_LAYER_LOGGER},
318 {SMB_VFS_OP(smb_full_audit_telldir), SMB_VFS_OP_TELLDIR,
319 SMB_VFS_LAYER_LOGGER},
320 {SMB_VFS_OP(smb_full_audit_rewinddir), SMB_VFS_OP_REWINDDIR,
321 SMB_VFS_LAYER_LOGGER},
322 {SMB_VFS_OP(smb_full_audit_mkdir), SMB_VFS_OP_MKDIR,
323 SMB_VFS_LAYER_LOGGER},
324 {SMB_VFS_OP(smb_full_audit_rmdir), SMB_VFS_OP_RMDIR,
325 SMB_VFS_LAYER_LOGGER},
326 {SMB_VFS_OP(smb_full_audit_closedir), SMB_VFS_OP_CLOSEDIR,
327 SMB_VFS_LAYER_LOGGER},
329 /* File operations */
331 {SMB_VFS_OP(smb_full_audit_open), SMB_VFS_OP_OPEN,
332 SMB_VFS_LAYER_LOGGER},
333 {SMB_VFS_OP(smb_full_audit_close), SMB_VFS_OP_CLOSE,
334 SMB_VFS_LAYER_LOGGER},
335 {SMB_VFS_OP(smb_full_audit_read), SMB_VFS_OP_READ,
336 SMB_VFS_LAYER_LOGGER},
337 {SMB_VFS_OP(smb_full_audit_pread), SMB_VFS_OP_PREAD,
338 SMB_VFS_LAYER_LOGGER},
339 {SMB_VFS_OP(smb_full_audit_write), SMB_VFS_OP_WRITE,
340 SMB_VFS_LAYER_LOGGER},
341 {SMB_VFS_OP(smb_full_audit_pwrite), SMB_VFS_OP_PWRITE,
342 SMB_VFS_LAYER_LOGGER},
343 {SMB_VFS_OP(smb_full_audit_lseek), SMB_VFS_OP_LSEEK,
344 SMB_VFS_LAYER_LOGGER},
345 {SMB_VFS_OP(smb_full_audit_sendfile), SMB_VFS_OP_SENDFILE,
346 SMB_VFS_LAYER_LOGGER},
347 {SMB_VFS_OP(smb_full_audit_rename), SMB_VFS_OP_RENAME,
348 SMB_VFS_LAYER_LOGGER},
349 {SMB_VFS_OP(smb_full_audit_fsync), SMB_VFS_OP_FSYNC,
350 SMB_VFS_LAYER_LOGGER},
351 {SMB_VFS_OP(smb_full_audit_stat), SMB_VFS_OP_STAT,
352 SMB_VFS_LAYER_LOGGER},
353 {SMB_VFS_OP(smb_full_audit_fstat), SMB_VFS_OP_FSTAT,
354 SMB_VFS_LAYER_LOGGER},
355 {SMB_VFS_OP(smb_full_audit_lstat), SMB_VFS_OP_LSTAT,
356 SMB_VFS_LAYER_LOGGER},
357 {SMB_VFS_OP(smb_full_audit_unlink), SMB_VFS_OP_UNLINK,
358 SMB_VFS_LAYER_LOGGER},
359 {SMB_VFS_OP(smb_full_audit_chmod), SMB_VFS_OP_CHMOD,
360 SMB_VFS_LAYER_LOGGER},
361 {SMB_VFS_OP(smb_full_audit_fchmod), SMB_VFS_OP_FCHMOD,
362 SMB_VFS_LAYER_LOGGER},
363 {SMB_VFS_OP(smb_full_audit_chown), SMB_VFS_OP_CHOWN,
364 SMB_VFS_LAYER_LOGGER},
365 {SMB_VFS_OP(smb_full_audit_fchown), SMB_VFS_OP_FCHOWN,
366 SMB_VFS_LAYER_LOGGER},
367 {SMB_VFS_OP(smb_full_audit_chdir), SMB_VFS_OP_CHDIR,
368 SMB_VFS_LAYER_LOGGER},
369 {SMB_VFS_OP(smb_full_audit_getwd), SMB_VFS_OP_GETWD,
370 SMB_VFS_LAYER_LOGGER},
371 {SMB_VFS_OP(smb_full_audit_utime), SMB_VFS_OP_UTIME,
372 SMB_VFS_LAYER_LOGGER},
373 {SMB_VFS_OP(smb_full_audit_ftruncate), SMB_VFS_OP_FTRUNCATE,
374 SMB_VFS_LAYER_LOGGER},
375 {SMB_VFS_OP(smb_full_audit_lock), SMB_VFS_OP_LOCK,
376 SMB_VFS_LAYER_LOGGER},
377 {SMB_VFS_OP(smb_full_audit_getlock), SMB_VFS_OP_GETLOCK,
378 SMB_VFS_LAYER_LOGGER},
379 {SMB_VFS_OP(smb_full_audit_symlink), SMB_VFS_OP_SYMLINK,
380 SMB_VFS_LAYER_LOGGER},
381 {SMB_VFS_OP(smb_full_audit_readlink), SMB_VFS_OP_READLINK,
382 SMB_VFS_LAYER_LOGGER},
383 {SMB_VFS_OP(smb_full_audit_link), SMB_VFS_OP_LINK,
384 SMB_VFS_LAYER_LOGGER},
385 {SMB_VFS_OP(smb_full_audit_mknod), SMB_VFS_OP_MKNOD,
386 SMB_VFS_LAYER_LOGGER},
387 {SMB_VFS_OP(smb_full_audit_realpath), SMB_VFS_OP_REALPATH,
388 SMB_VFS_LAYER_LOGGER},
390 /* NT ACL operations. */
392 {SMB_VFS_OP(smb_full_audit_fget_nt_acl), SMB_VFS_OP_FGET_NT_ACL,
393 SMB_VFS_LAYER_LOGGER},
394 {SMB_VFS_OP(smb_full_audit_get_nt_acl), SMB_VFS_OP_GET_NT_ACL,
395 SMB_VFS_LAYER_LOGGER},
396 {SMB_VFS_OP(smb_full_audit_fset_nt_acl), SMB_VFS_OP_FSET_NT_ACL,
397 SMB_VFS_LAYER_LOGGER},
398 {SMB_VFS_OP(smb_full_audit_set_nt_acl), SMB_VFS_OP_SET_NT_ACL,
399 SMB_VFS_LAYER_LOGGER},
401 /* POSIX ACL operations. */
403 {SMB_VFS_OP(smb_full_audit_chmod_acl), SMB_VFS_OP_CHMOD_ACL,
404 SMB_VFS_LAYER_LOGGER},
405 {SMB_VFS_OP(smb_full_audit_fchmod_acl), SMB_VFS_OP_FCHMOD_ACL,
406 SMB_VFS_LAYER_LOGGER},
407 {SMB_VFS_OP(smb_full_audit_sys_acl_get_entry), SMB_VFS_OP_SYS_ACL_GET_ENTRY,
408 SMB_VFS_LAYER_LOGGER},
409 {SMB_VFS_OP(smb_full_audit_sys_acl_get_tag_type), SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE,
410 SMB_VFS_LAYER_LOGGER},
411 {SMB_VFS_OP(smb_full_audit_sys_acl_get_permset), SMB_VFS_OP_SYS_ACL_GET_PERMSET,
412 SMB_VFS_LAYER_LOGGER},
413 {SMB_VFS_OP(smb_full_audit_sys_acl_get_qualifier), SMB_VFS_OP_SYS_ACL_GET_QUALIFIER,
414 SMB_VFS_LAYER_LOGGER},
415 {SMB_VFS_OP(smb_full_audit_sys_acl_get_file), SMB_VFS_OP_SYS_ACL_GET_FILE,
416 SMB_VFS_LAYER_LOGGER},
417 {SMB_VFS_OP(smb_full_audit_sys_acl_get_fd), SMB_VFS_OP_SYS_ACL_GET_FD,
418 SMB_VFS_LAYER_LOGGER},
419 {SMB_VFS_OP(smb_full_audit_sys_acl_clear_perms), SMB_VFS_OP_SYS_ACL_CLEAR_PERMS,
420 SMB_VFS_LAYER_LOGGER},
421 {SMB_VFS_OP(smb_full_audit_sys_acl_add_perm), SMB_VFS_OP_SYS_ACL_ADD_PERM,
422 SMB_VFS_LAYER_LOGGER},
423 {SMB_VFS_OP(smb_full_audit_sys_acl_to_text), SMB_VFS_OP_SYS_ACL_TO_TEXT,
424 SMB_VFS_LAYER_LOGGER},
425 {SMB_VFS_OP(smb_full_audit_sys_acl_init), SMB_VFS_OP_SYS_ACL_INIT,
426 SMB_VFS_LAYER_LOGGER},
427 {SMB_VFS_OP(smb_full_audit_sys_acl_create_entry), SMB_VFS_OP_SYS_ACL_CREATE_ENTRY,
428 SMB_VFS_LAYER_LOGGER},
429 {SMB_VFS_OP(smb_full_audit_sys_acl_set_tag_type), SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE,
430 SMB_VFS_LAYER_LOGGER},
431 {SMB_VFS_OP(smb_full_audit_sys_acl_set_qualifier), SMB_VFS_OP_SYS_ACL_SET_QUALIFIER,
432 SMB_VFS_LAYER_LOGGER},
433 {SMB_VFS_OP(smb_full_audit_sys_acl_set_permset), SMB_VFS_OP_SYS_ACL_SET_PERMSET,
434 SMB_VFS_LAYER_LOGGER},
435 {SMB_VFS_OP(smb_full_audit_sys_acl_valid), SMB_VFS_OP_SYS_ACL_VALID,
436 SMB_VFS_LAYER_LOGGER},
437 {SMB_VFS_OP(smb_full_audit_sys_acl_set_file), SMB_VFS_OP_SYS_ACL_SET_FILE,
438 SMB_VFS_LAYER_LOGGER},
439 {SMB_VFS_OP(smb_full_audit_sys_acl_set_fd), SMB_VFS_OP_SYS_ACL_SET_FD,
440 SMB_VFS_LAYER_LOGGER},
441 {SMB_VFS_OP(smb_full_audit_sys_acl_delete_def_file), SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE,
442 SMB_VFS_LAYER_LOGGER},
443 {SMB_VFS_OP(smb_full_audit_sys_acl_get_perm), SMB_VFS_OP_SYS_ACL_GET_PERM,
444 SMB_VFS_LAYER_LOGGER},
445 {SMB_VFS_OP(smb_full_audit_sys_acl_free_text), SMB_VFS_OP_SYS_ACL_FREE_TEXT,
446 SMB_VFS_LAYER_LOGGER},
447 {SMB_VFS_OP(smb_full_audit_sys_acl_free_acl), SMB_VFS_OP_SYS_ACL_FREE_ACL,
448 SMB_VFS_LAYER_LOGGER},
449 {SMB_VFS_OP(smb_full_audit_sys_acl_free_qualifier), SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER,
450 SMB_VFS_LAYER_LOGGER},
454 {SMB_VFS_OP(smb_full_audit_getxattr), SMB_VFS_OP_GETXATTR,
455 SMB_VFS_LAYER_LOGGER},
456 {SMB_VFS_OP(smb_full_audit_lgetxattr), SMB_VFS_OP_LGETXATTR,
457 SMB_VFS_LAYER_LOGGER},
458 {SMB_VFS_OP(smb_full_audit_fgetxattr), SMB_VFS_OP_FGETXATTR,
459 SMB_VFS_LAYER_LOGGER},
460 {SMB_VFS_OP(smb_full_audit_listxattr), SMB_VFS_OP_LISTXATTR,
461 SMB_VFS_LAYER_LOGGER},
462 {SMB_VFS_OP(smb_full_audit_llistxattr), SMB_VFS_OP_LLISTXATTR,
463 SMB_VFS_LAYER_LOGGER},
464 {SMB_VFS_OP(smb_full_audit_flistxattr), SMB_VFS_OP_FLISTXATTR,
465 SMB_VFS_LAYER_LOGGER},
466 {SMB_VFS_OP(smb_full_audit_removexattr), SMB_VFS_OP_REMOVEXATTR,
467 SMB_VFS_LAYER_LOGGER},
468 {SMB_VFS_OP(smb_full_audit_lremovexattr), SMB_VFS_OP_LREMOVEXATTR,
469 SMB_VFS_LAYER_LOGGER},
470 {SMB_VFS_OP(smb_full_audit_fremovexattr), SMB_VFS_OP_FREMOVEXATTR,
471 SMB_VFS_LAYER_LOGGER},
472 {SMB_VFS_OP(smb_full_audit_setxattr), SMB_VFS_OP_SETXATTR,
473 SMB_VFS_LAYER_LOGGER},
474 {SMB_VFS_OP(smb_full_audit_lsetxattr), SMB_VFS_OP_LSETXATTR,
475 SMB_VFS_LAYER_LOGGER},
476 {SMB_VFS_OP(smb_full_audit_fsetxattr), SMB_VFS_OP_FSETXATTR,
477 SMB_VFS_LAYER_LOGGER},
479 {SMB_VFS_OP(smb_full_audit_aio_read), SMB_VFS_OP_AIO_READ,
480 SMB_VFS_LAYER_LOGGER},
481 {SMB_VFS_OP(smb_full_audit_aio_write), SMB_VFS_OP_AIO_WRITE,
482 SMB_VFS_LAYER_LOGGER},
483 {SMB_VFS_OP(smb_full_audit_aio_return), SMB_VFS_OP_AIO_RETURN,
484 SMB_VFS_LAYER_LOGGER},
485 {SMB_VFS_OP(smb_full_audit_aio_cancel), SMB_VFS_OP_AIO_CANCEL,
486 SMB_VFS_LAYER_LOGGER},
487 {SMB_VFS_OP(smb_full_audit_aio_error), SMB_VFS_OP_AIO_ERROR,
488 SMB_VFS_LAYER_LOGGER},
489 {SMB_VFS_OP(smb_full_audit_aio_fsync), SMB_VFS_OP_AIO_FSYNC,
490 SMB_VFS_LAYER_LOGGER},
491 {SMB_VFS_OP(smb_full_audit_aio_suspend),SMB_VFS_OP_AIO_SUSPEND,
492 SMB_VFS_LAYER_LOGGER},
494 /* Finish VFS operations definition */
496 {SMB_VFS_OP(NULL), SMB_VFS_OP_NOOP,
500 /* The following array *must* be in the same order as defined in vfs.h */
506 { SMB_VFS_OP_CONNECT, "connect" },
507 { SMB_VFS_OP_DISCONNECT, "disconnect" },
508 { SMB_VFS_OP_DISK_FREE, "disk_free" },
509 { SMB_VFS_OP_GET_QUOTA, "get_quota" },
510 { SMB_VFS_OP_SET_QUOTA, "set_quota" },
511 { SMB_VFS_OP_GET_SHADOW_COPY_DATA, "get_shadow_copy_data" },
512 { SMB_VFS_OP_STATVFS, "statvfs" },
513 { SMB_VFS_OP_OPENDIR, "opendir" },
514 { SMB_VFS_OP_READDIR, "readdir" },
515 { SMB_VFS_OP_SEEKDIR, "seekdir" },
516 { SMB_VFS_OP_TELLDIR, "telldir" },
517 { SMB_VFS_OP_REWINDDIR, "rewinddir" },
518 { SMB_VFS_OP_MKDIR, "mkdir" },
519 { SMB_VFS_OP_RMDIR, "rmdir" },
520 { SMB_VFS_OP_CLOSEDIR, "closedir" },
521 { SMB_VFS_OP_OPEN, "open" },
522 { SMB_VFS_OP_CLOSE, "close" },
523 { SMB_VFS_OP_READ, "read" },
524 { SMB_VFS_OP_PREAD, "pread" },
525 { SMB_VFS_OP_WRITE, "write" },
526 { SMB_VFS_OP_PWRITE, "pwrite" },
527 { SMB_VFS_OP_LSEEK, "lseek" },
528 { SMB_VFS_OP_SENDFILE, "sendfile" },
529 { SMB_VFS_OP_RENAME, "rename" },
530 { SMB_VFS_OP_FSYNC, "fsync" },
531 { SMB_VFS_OP_STAT, "stat" },
532 { SMB_VFS_OP_FSTAT, "fstat" },
533 { SMB_VFS_OP_LSTAT, "lstat" },
534 { SMB_VFS_OP_UNLINK, "unlink" },
535 { SMB_VFS_OP_CHMOD, "chmod" },
536 { SMB_VFS_OP_FCHMOD, "fchmod" },
537 { SMB_VFS_OP_CHOWN, "chown" },
538 { SMB_VFS_OP_FCHOWN, "fchown" },
539 { SMB_VFS_OP_CHDIR, "chdir" },
540 { SMB_VFS_OP_GETWD, "getwd" },
541 { SMB_VFS_OP_UTIME, "utime" },
542 { SMB_VFS_OP_FTRUNCATE, "ftruncate" },
543 { SMB_VFS_OP_LOCK, "lock" },
544 { SMB_VFS_OP_GETLOCK, "getlock" },
545 { SMB_VFS_OP_SYMLINK, "symlink" },
546 { SMB_VFS_OP_READLINK, "readlink" },
547 { SMB_VFS_OP_LINK, "link" },
548 { SMB_VFS_OP_MKNOD, "mknod" },
549 { SMB_VFS_OP_REALPATH, "realpath" },
550 { SMB_VFS_OP_FGET_NT_ACL, "fget_nt_acl" },
551 { SMB_VFS_OP_GET_NT_ACL, "get_nt_acl" },
552 { SMB_VFS_OP_FSET_NT_ACL, "fset_nt_acl" },
553 { SMB_VFS_OP_SET_NT_ACL, "set_nt_acl" },
554 { SMB_VFS_OP_CHMOD_ACL, "chmod_acl" },
555 { SMB_VFS_OP_FCHMOD_ACL, "fchmod_acl" },
556 { SMB_VFS_OP_SYS_ACL_GET_ENTRY, "sys_acl_get_entry" },
557 { SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE, "sys_acl_get_tag_type" },
558 { SMB_VFS_OP_SYS_ACL_GET_PERMSET, "sys_acl_get_permset" },
559 { SMB_VFS_OP_SYS_ACL_GET_QUALIFIER, "sys_acl_get_qualifier" },
560 { SMB_VFS_OP_SYS_ACL_GET_FILE, "sys_acl_get_file" },
561 { SMB_VFS_OP_SYS_ACL_GET_FD, "sys_acl_get_fd" },
562 { SMB_VFS_OP_SYS_ACL_CLEAR_PERMS, "sys_acl_clear_perms" },
563 { SMB_VFS_OP_SYS_ACL_ADD_PERM, "sys_acl_add_perm" },
564 { SMB_VFS_OP_SYS_ACL_TO_TEXT, "sys_acl_to_text" },
565 { SMB_VFS_OP_SYS_ACL_INIT, "sys_acl_init" },
566 { SMB_VFS_OP_SYS_ACL_CREATE_ENTRY, "sys_acl_create_entry" },
567 { SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE, "sys_acl_set_tag_type" },
568 { SMB_VFS_OP_SYS_ACL_SET_QUALIFIER, "sys_acl_set_qualifier" },
569 { SMB_VFS_OP_SYS_ACL_SET_PERMSET, "sys_acl_set_permset" },
570 { SMB_VFS_OP_SYS_ACL_VALID, "sys_acl_valid" },
571 { SMB_VFS_OP_SYS_ACL_SET_FILE, "sys_acl_set_file" },
572 { SMB_VFS_OP_SYS_ACL_SET_FD, "sys_acl_set_fd" },
573 { SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE, "sys_acl_delete_def_file" },
574 { SMB_VFS_OP_SYS_ACL_GET_PERM, "sys_acl_get_perm" },
575 { SMB_VFS_OP_SYS_ACL_FREE_TEXT, "sys_acl_free_text" },
576 { SMB_VFS_OP_SYS_ACL_FREE_ACL, "sys_acl_free_acl" },
577 { SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER, "sys_acl_free_qualifier" },
578 { SMB_VFS_OP_GETXATTR, "getxattr" },
579 { SMB_VFS_OP_LGETXATTR, "lgetxattr" },
580 { SMB_VFS_OP_FGETXATTR, "fgetxattr" },
581 { SMB_VFS_OP_LISTXATTR, "listxattr" },
582 { SMB_VFS_OP_LLISTXATTR, "llistxattr" },
583 { SMB_VFS_OP_FLISTXATTR, "flistxattr" },
584 { SMB_VFS_OP_REMOVEXATTR, "removexattr" },
585 { SMB_VFS_OP_LREMOVEXATTR, "lremovexattr" },
586 { SMB_VFS_OP_FREMOVEXATTR, "fremovexattr" },
587 { SMB_VFS_OP_SETXATTR, "setxattr" },
588 { SMB_VFS_OP_LSETXATTR, "lsetxattr" },
589 { SMB_VFS_OP_FSETXATTR, "fsetxattr" },
590 { SMB_VFS_OP_AIO_READ, "aio_read" },
591 { SMB_VFS_OP_AIO_WRITE, "aio_write" },
592 { SMB_VFS_OP_AIO_RETURN,"aio_return" },
593 { SMB_VFS_OP_AIO_CANCEL,"aio_cancel" },
594 { SMB_VFS_OP_AIO_ERROR, "aio_error" },
595 { SMB_VFS_OP_AIO_FSYNC, "aio_fsync" },
596 { SMB_VFS_OP_AIO_SUSPEND,"aio_suspend" },
597 { SMB_VFS_OP_LAST, NULL }
600 static int audit_syslog_facility(vfs_handle_struct *handle)
602 static const struct enum_list enum_log_facilities[] = {
603 { LOG_USER, "USER" },
604 { LOG_LOCAL0, "LOCAL0" },
605 { LOG_LOCAL1, "LOCAL1" },
606 { LOG_LOCAL2, "LOCAL2" },
607 { LOG_LOCAL3, "LOCAL3" },
608 { LOG_LOCAL4, "LOCAL4" },
609 { LOG_LOCAL5, "LOCAL5" },
610 { LOG_LOCAL6, "LOCAL6" },
611 { LOG_LOCAL7, "LOCAL7" }
616 facility = lp_parm_enum(SNUM(handle->conn), "full_audit", "facility", enum_log_facilities, LOG_USER);
621 static int audit_syslog_priority(vfs_handle_struct *handle)
623 static const struct enum_list enum_log_priorities[] = {
624 { LOG_EMERG, "EMERG" },
625 { LOG_ALERT, "ALERT" },
626 { LOG_CRIT, "CRIT" },
628 { LOG_WARNING, "WARNING" },
629 { LOG_NOTICE, "NOTICE" },
630 { LOG_INFO, "INFO" },
631 { LOG_DEBUG, "DEBUG" }
636 priority = lp_parm_enum(SNUM(handle->conn), "full_audit", "priority", enum_log_priorities, LOG_NOTICE);
641 static char *audit_prefix(connection_struct *conn)
643 static pstring prefix;
644 extern userdom_struct current_user_info;
646 pstrcpy(prefix, lp_parm_const_string(SNUM(conn), "full_audit",
648 standard_sub_advanced(lp_servicename(SNUM(conn)), conn->user,
649 conn->connectpath, conn->gid,
650 get_current_username(),
651 current_user_info.domain,
652 prefix, sizeof(prefix));
656 static BOOL log_success(vfs_handle_struct *handle, vfs_op_type op)
658 struct vfs_full_audit_private_data *pd = NULL;
660 SMB_VFS_HANDLE_GET_DATA(handle, pd,
661 struct vfs_full_audit_private_data,
664 if (pd->success_ops == NULL) {
668 return bitmap_query(pd->success_ops, op);
671 static BOOL log_failure(vfs_handle_struct *handle, vfs_op_type op)
673 struct vfs_full_audit_private_data *pd = NULL;
675 SMB_VFS_HANDLE_GET_DATA(handle, pd,
676 struct vfs_full_audit_private_data,
679 if (pd->failure_ops == NULL)
682 return bitmap_query(pd->failure_ops, op);
685 static void init_bitmap(struct bitmap **bm, const char **ops)
687 BOOL log_all = False;
692 *bm = bitmap_allocate(SMB_VFS_OP_LAST);
695 DEBUG(0, ("Could not alloc bitmap -- "
696 "defaulting to logging everything\n"));
700 while (*ops != NULL) {
704 if (strequal(*ops, "all")) {
709 if (strequal(*ops, "none")) {
713 for (i=0; i<SMB_VFS_OP_LAST; i++) {
714 if (vfs_op_names[i].name == NULL) {
715 smb_panic("vfs_full_audit.c: name table not "
716 "in sync with vfs.h\n");
719 if (strequal(*ops, vfs_op_names[i].name)) {
725 DEBUG(0, ("Could not find opname %s, logging all\n",
734 /* The query functions default to True */
740 static const char *audit_opname(vfs_op_type op)
742 if (op >= SMB_VFS_OP_LAST)
743 return "INVALID VFS OP";
744 return vfs_op_names[op].name;
747 static void do_log(vfs_op_type op, BOOL success, vfs_handle_struct *handle,
748 const char *format, ...)
754 if (success && (!log_success(handle, op)))
757 if (!success && (!log_failure(handle, op)))
761 fstrcpy(err_msg, "ok");
763 fstr_sprintf(err_msg, "fail (%s)", strerror(errno));
765 va_start(ap, format);
766 vsnprintf(op_msg, sizeof(op_msg), format, ap);
769 syslog(audit_syslog_priority(handle), "%s|%s|%s|%s\n",
770 audit_prefix(handle->conn), audit_opname(op), err_msg, op_msg);
775 /* Free function for the private data. */
777 static void free_private_data(void **p_data)
779 struct vfs_full_audit_private_data *pd = *(struct vfs_full_audit_private_data **)p_data;
781 if (pd->success_ops) {
782 bitmap_free(pd->success_ops);
784 if (pd->failure_ops) {
785 bitmap_free(pd->failure_ops);
791 /* Implementation of vfs_ops. Pass everything on to the default
792 operation but log event first. */
794 static int smb_full_audit_connect(vfs_handle_struct *handle,
795 const char *svc, const char *user)
798 struct vfs_full_audit_private_data *pd = NULL;
799 const char *none[] = { NULL };
800 const char *all [] = { "all" };
806 pd = SMB_MALLOC_P(struct vfs_full_audit_private_data);
812 openlog("smbd_audit", 0, audit_syslog_facility(handle));
814 init_bitmap(&pd->success_ops,
815 lp_parm_string_list(SNUM(handle->conn), "full_audit", "success",
817 init_bitmap(&pd->failure_ops,
818 lp_parm_string_list(SNUM(handle->conn), "full_audit", "failure",
821 /* Store the private data. */
822 SMB_VFS_HANDLE_SET_DATA(handle, pd, free_private_data,
823 struct vfs_full_audit_private_data, return -1);
825 result = SMB_VFS_NEXT_CONNECT(handle, svc, user);
827 do_log(SMB_VFS_OP_CONNECT, True, handle,
833 static void smb_full_audit_disconnect(vfs_handle_struct *handle)
835 SMB_VFS_NEXT_DISCONNECT(handle);
837 do_log(SMB_VFS_OP_DISCONNECT, True, handle,
838 "%s", lp_servicename(SNUM(handle->conn)));
840 /* The bitmaps will be disconnected when the private
846 static SMB_BIG_UINT smb_full_audit_disk_free(vfs_handle_struct *handle,
848 BOOL small_query, SMB_BIG_UINT *bsize,
849 SMB_BIG_UINT *dfree, SMB_BIG_UINT *dsize)
853 result = SMB_VFS_NEXT_DISK_FREE(handle, path, small_query, bsize,
856 /* Don't have a reasonable notion of failure here */
858 do_log(SMB_VFS_OP_DISK_FREE, True, handle, "%s", path);
863 static int smb_full_audit_get_quota(struct vfs_handle_struct *handle,
864 enum SMB_QUOTA_TYPE qtype, unid_t id,
869 result = SMB_VFS_NEXT_GET_QUOTA(handle, qtype, id, qt);
871 do_log(SMB_VFS_OP_GET_QUOTA, (result >= 0), handle, "");
877 static int smb_full_audit_set_quota(struct vfs_handle_struct *handle,
878 enum SMB_QUOTA_TYPE qtype, unid_t id,
883 result = SMB_VFS_NEXT_SET_QUOTA(handle, qtype, id, qt);
885 do_log(SMB_VFS_OP_SET_QUOTA, (result >= 0), handle, "");
890 static int smb_full_audit_get_shadow_copy_data(struct vfs_handle_struct *handle,
891 struct files_struct *fsp,
892 SHADOW_COPY_DATA *shadow_copy_data, BOOL labels)
896 result = SMB_VFS_NEXT_GET_SHADOW_COPY_DATA(handle, fsp, shadow_copy_data, labels);
898 do_log(SMB_VFS_OP_GET_SHADOW_COPY_DATA, (result >= 0), handle, "");
903 static int smb_full_audit_statvfs(struct vfs_handle_struct *handle,
905 struct vfs_statvfs_struct *statbuf)
909 result = SMB_VFS_NEXT_STATVFS(handle, path, statbuf);
911 do_log(SMB_VFS_OP_STATVFS, (result >= 0), handle, "");
916 static SMB_STRUCT_DIR *smb_full_audit_opendir(vfs_handle_struct *handle,
917 const char *fname, const char *mask, uint32 attr)
919 SMB_STRUCT_DIR *result;
921 result = SMB_VFS_NEXT_OPENDIR(handle, fname, mask, attr);
923 do_log(SMB_VFS_OP_OPENDIR, (result != NULL), handle, "%s", fname);
928 static SMB_STRUCT_DIRENT *smb_full_audit_readdir(vfs_handle_struct *handle,
929 SMB_STRUCT_DIR *dirp)
931 SMB_STRUCT_DIRENT *result;
933 result = SMB_VFS_NEXT_READDIR(handle, dirp);
935 /* This operation has no reasonable error condition
936 * (End of dir is also failure), so always succeed.
938 do_log(SMB_VFS_OP_READDIR, True, handle, "");
943 static void smb_full_audit_seekdir(vfs_handle_struct *handle,
944 SMB_STRUCT_DIR *dirp, long offset)
946 SMB_VFS_NEXT_SEEKDIR(handle, dirp, offset);
948 do_log(SMB_VFS_OP_SEEKDIR, True, handle, "");
952 static long smb_full_audit_telldir(vfs_handle_struct *handle,
953 SMB_STRUCT_DIR *dirp)
957 result = SMB_VFS_NEXT_TELLDIR(handle, dirp);
959 do_log(SMB_VFS_OP_TELLDIR, True, handle, "");
964 static void smb_full_audit_rewinddir(vfs_handle_struct *handle,
965 SMB_STRUCT_DIR *dirp)
967 SMB_VFS_NEXT_REWINDDIR(handle, dirp);
969 do_log(SMB_VFS_OP_REWINDDIR, True, handle, "");
973 static int smb_full_audit_mkdir(vfs_handle_struct *handle,
974 const char *path, mode_t mode)
978 result = SMB_VFS_NEXT_MKDIR(handle, path, mode);
980 do_log(SMB_VFS_OP_MKDIR, (result >= 0), handle, "%s", path);
985 static int smb_full_audit_rmdir(vfs_handle_struct *handle,
990 result = SMB_VFS_NEXT_RMDIR(handle, path);
992 do_log(SMB_VFS_OP_RMDIR, (result >= 0), handle, "%s", path);
997 static int smb_full_audit_closedir(vfs_handle_struct *handle,
998 SMB_STRUCT_DIR *dirp)
1002 result = SMB_VFS_NEXT_CLOSEDIR(handle, dirp);
1004 do_log(SMB_VFS_OP_CLOSEDIR, (result >= 0), handle, "");
1009 static int smb_full_audit_open(vfs_handle_struct *handle,
1010 const char *fname, files_struct *fsp, int flags, mode_t mode)
1014 result = SMB_VFS_NEXT_OPEN(handle, fname, fsp, flags, mode);
1016 do_log(SMB_VFS_OP_OPEN, (result >= 0), handle, "%s|%s",
1017 ((flags & O_WRONLY) || (flags & O_RDWR))?"w":"r",
1023 static int smb_full_audit_close(vfs_handle_struct *handle, files_struct *fsp, int fd)
1027 result = SMB_VFS_NEXT_CLOSE(handle, fsp, fd);
1029 do_log(SMB_VFS_OP_CLOSE, (result >= 0), handle, "%s", fsp->fsp_name);
1034 static ssize_t smb_full_audit_read(vfs_handle_struct *handle, files_struct *fsp,
1035 int fd, void *data, size_t n)
1039 result = SMB_VFS_NEXT_READ(handle, fsp, fd, data, n);
1041 do_log(SMB_VFS_OP_READ, (result >= 0), handle, "%s", fsp->fsp_name);
1046 static ssize_t smb_full_audit_pread(vfs_handle_struct *handle, files_struct *fsp,
1047 int fd, void *data, size_t n, SMB_OFF_T offset)
1051 result = SMB_VFS_NEXT_PREAD(handle, fsp, fd, data, n, offset);
1053 do_log(SMB_VFS_OP_PREAD, (result >= 0), handle, "%s", fsp->fsp_name);
1058 static ssize_t smb_full_audit_write(vfs_handle_struct *handle, files_struct *fsp,
1059 int fd, const void *data, size_t n)
1063 result = SMB_VFS_NEXT_WRITE(handle, fsp, fd, data, n);
1065 do_log(SMB_VFS_OP_WRITE, (result >= 0), handle, "%s", fsp->fsp_name);
1070 static ssize_t smb_full_audit_pwrite(vfs_handle_struct *handle, files_struct *fsp,
1071 int fd, const void *data, size_t n,
1076 result = SMB_VFS_NEXT_PWRITE(handle, fsp, fd, data, n, offset);
1078 do_log(SMB_VFS_OP_PWRITE, (result >= 0), handle, "%s", fsp->fsp_name);
1083 static SMB_OFF_T smb_full_audit_lseek(vfs_handle_struct *handle, files_struct *fsp,
1084 int filedes, SMB_OFF_T offset, int whence)
1088 result = SMB_VFS_NEXT_LSEEK(handle, fsp, filedes, offset, whence);
1090 do_log(SMB_VFS_OP_LSEEK, (result != (ssize_t)-1), handle,
1091 "%s", fsp->fsp_name);
1096 static ssize_t smb_full_audit_sendfile(vfs_handle_struct *handle, int tofd,
1097 files_struct *fsp, int fromfd,
1098 const DATA_BLOB *hdr, SMB_OFF_T offset,
1103 result = SMB_VFS_NEXT_SENDFILE(handle, tofd, fsp, fromfd, hdr,
1106 do_log(SMB_VFS_OP_SENDFILE, (result >= 0), handle,
1107 "%s", fsp->fsp_name);
1112 static int smb_full_audit_rename(vfs_handle_struct *handle,
1113 const char *oldname, const char *newname)
1117 result = SMB_VFS_NEXT_RENAME(handle, oldname, newname);
1119 do_log(SMB_VFS_OP_RENAME, (result >= 0), handle, "%s|%s", oldname, newname);
1124 static int smb_full_audit_fsync(vfs_handle_struct *handle, files_struct *fsp, int fd)
1128 result = SMB_VFS_NEXT_FSYNC(handle, fsp, fd);
1130 do_log(SMB_VFS_OP_FSYNC, (result >= 0), handle, "%s", fsp->fsp_name);
1135 static int smb_full_audit_stat(vfs_handle_struct *handle,
1136 const char *fname, SMB_STRUCT_STAT *sbuf)
1140 result = SMB_VFS_NEXT_STAT(handle, fname, sbuf);
1142 do_log(SMB_VFS_OP_STAT, (result >= 0), handle, "%s", fname);
1147 static int smb_full_audit_fstat(vfs_handle_struct *handle, files_struct *fsp, int fd,
1148 SMB_STRUCT_STAT *sbuf)
1152 result = SMB_VFS_NEXT_FSTAT(handle, fsp, fd, sbuf);
1154 do_log(SMB_VFS_OP_FSTAT, (result >= 0), handle, "%s", fsp->fsp_name);
1159 static int smb_full_audit_lstat(vfs_handle_struct *handle,
1160 const char *path, SMB_STRUCT_STAT *sbuf)
1164 result = SMB_VFS_NEXT_LSTAT(handle, path, sbuf);
1166 do_log(SMB_VFS_OP_LSTAT, (result >= 0), handle, "%s", path);
1171 static int smb_full_audit_unlink(vfs_handle_struct *handle,
1176 result = SMB_VFS_NEXT_UNLINK(handle, path);
1178 do_log(SMB_VFS_OP_UNLINK, (result >= 0), handle, "%s", path);
1183 static int smb_full_audit_chmod(vfs_handle_struct *handle,
1184 const char *path, mode_t mode)
1188 result = SMB_VFS_NEXT_CHMOD(handle, path, mode);
1190 do_log(SMB_VFS_OP_CHMOD, (result >= 0), handle, "%s|%o", path, mode);
1195 static int smb_full_audit_fchmod(vfs_handle_struct *handle, files_struct *fsp, int fd,
1200 result = SMB_VFS_NEXT_FCHMOD(handle, fsp, fd, mode);
1202 do_log(SMB_VFS_OP_FCHMOD, (result >= 0), handle,
1203 "%s|%o", fsp->fsp_name, mode);
1208 static int smb_full_audit_chown(vfs_handle_struct *handle,
1209 const char *path, uid_t uid, gid_t gid)
1213 result = SMB_VFS_NEXT_CHOWN(handle, path, uid, gid);
1215 do_log(SMB_VFS_OP_CHOWN, (result >= 0), handle, "%s|%ld|%ld",
1216 path, (long int)uid, (long int)gid);
1221 static int smb_full_audit_fchown(vfs_handle_struct *handle, files_struct *fsp, int fd,
1222 uid_t uid, gid_t gid)
1226 result = SMB_VFS_NEXT_FCHOWN(handle, fsp, fd, uid, gid);
1228 do_log(SMB_VFS_OP_FCHOWN, (result >= 0), handle, "%s|%ld|%ld",
1229 fsp->fsp_name, (long int)uid, (long int)gid);
1234 static int smb_full_audit_chdir(vfs_handle_struct *handle,
1239 result = SMB_VFS_NEXT_CHDIR(handle, path);
1241 do_log(SMB_VFS_OP_CHDIR, (result >= 0), handle, "chdir|%s", path);
1246 static char *smb_full_audit_getwd(vfs_handle_struct *handle,
1251 result = SMB_VFS_NEXT_GETWD(handle, path);
1253 do_log(SMB_VFS_OP_GETWD, (result != NULL), handle, "%s", path);
1258 static int smb_full_audit_utime(vfs_handle_struct *handle,
1259 const char *path, struct utimbuf *times)
1263 result = SMB_VFS_NEXT_UTIME(handle, path, times);
1265 do_log(SMB_VFS_OP_UTIME, (result >= 0), handle, "%s", path);
1270 static int smb_full_audit_ftruncate(vfs_handle_struct *handle, files_struct *fsp,
1271 int fd, SMB_OFF_T len)
1275 result = SMB_VFS_NEXT_FTRUNCATE(handle, fsp, fd, len);
1277 do_log(SMB_VFS_OP_FTRUNCATE, (result >= 0), handle,
1278 "%s", fsp->fsp_name);
1283 static BOOL smb_full_audit_lock(vfs_handle_struct *handle, files_struct *fsp, int fd,
1284 int op, SMB_OFF_T offset, SMB_OFF_T count, int type)
1288 result = SMB_VFS_NEXT_LOCK(handle, fsp, fd, op, offset, count, type);
1290 do_log(SMB_VFS_OP_LOCK, (result >= 0), handle, "%s", fsp->fsp_name);
1295 static BOOL smb_full_audit_getlock(vfs_handle_struct *handle, files_struct *fsp, int fd,
1296 SMB_OFF_T *poffset, SMB_OFF_T *pcount, int *ptype, pid_t *ppid)
1300 result = SMB_VFS_NEXT_GETLOCK(handle, fsp, fd, poffset, pcount, ptype, ppid);
1302 do_log(SMB_VFS_OP_GETLOCK, (result >= 0), handle, "%s", fsp->fsp_name);
1307 static int smb_full_audit_symlink(vfs_handle_struct *handle,
1308 const char *oldpath, const char *newpath)
1312 result = SMB_VFS_NEXT_SYMLINK(handle, oldpath, newpath);
1314 do_log(SMB_VFS_OP_SYMLINK, (result >= 0), handle,
1315 "%s|%s", oldpath, newpath);
1320 static int smb_full_audit_readlink(vfs_handle_struct *handle,
1321 const char *path, char *buf, size_t bufsiz)
1325 result = SMB_VFS_NEXT_READLINK(handle, path, buf, bufsiz);
1327 do_log(SMB_VFS_OP_READLINK, (result >= 0), handle, "%s", path);
1332 static int smb_full_audit_link(vfs_handle_struct *handle,
1333 const char *oldpath, const char *newpath)
1337 result = SMB_VFS_NEXT_LINK(handle, oldpath, newpath);
1339 do_log(SMB_VFS_OP_LINK, (result >= 0), handle,
1340 "%s|%s", oldpath, newpath);
1345 static int smb_full_audit_mknod(vfs_handle_struct *handle,
1346 const char *pathname, mode_t mode, SMB_DEV_T dev)
1350 result = SMB_VFS_NEXT_MKNOD(handle, pathname, mode, dev);
1352 do_log(SMB_VFS_OP_MKNOD, (result >= 0), handle, "%s", pathname);
1357 static char *smb_full_audit_realpath(vfs_handle_struct *handle,
1358 const char *path, char *resolved_path)
1362 result = SMB_VFS_NEXT_REALPATH(handle, path, resolved_path);
1364 do_log(SMB_VFS_OP_REALPATH, (result != NULL), handle, "%s", path);
1369 static size_t smb_full_audit_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
1370 int fd, uint32 security_info,
1375 result = SMB_VFS_NEXT_FGET_NT_ACL(handle, fsp, fd, security_info,
1378 do_log(SMB_VFS_OP_FGET_NT_ACL, (result > 0), handle,
1379 "%s", fsp->fsp_name);
1384 static size_t smb_full_audit_get_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
1385 const char *name, uint32 security_info,
1390 result = SMB_VFS_NEXT_GET_NT_ACL(handle, fsp, name, security_info,
1393 do_log(SMB_VFS_OP_GET_NT_ACL, (result > 0), handle,
1394 "%s", fsp->fsp_name);
1399 static BOOL smb_full_audit_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
1400 int fd, uint32 security_info_sent,
1405 result = SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, fd, security_info_sent,
1408 do_log(SMB_VFS_OP_FSET_NT_ACL, result, handle, "%s", fsp->fsp_name);
1413 static BOOL smb_full_audit_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
1414 const char *name, uint32 security_info_sent,
1419 result = SMB_VFS_NEXT_SET_NT_ACL(handle, fsp, name, security_info_sent,
1422 do_log(SMB_VFS_OP_SET_NT_ACL, result, handle, "%s", fsp->fsp_name);
1427 static int smb_full_audit_chmod_acl(vfs_handle_struct *handle,
1428 const char *path, mode_t mode)
1432 result = SMB_VFS_NEXT_CHMOD_ACL(handle, path, mode);
1434 do_log(SMB_VFS_OP_CHMOD_ACL, (result >= 0), handle,
1435 "%s|%o", path, mode);
1440 static int smb_full_audit_fchmod_acl(vfs_handle_struct *handle, files_struct *fsp,
1441 int fd, mode_t mode)
1445 result = SMB_VFS_NEXT_FCHMOD_ACL(handle, fsp, fd, mode);
1447 do_log(SMB_VFS_OP_FCHMOD_ACL, (result >= 0), handle,
1448 "%s|%o", fsp->fsp_name, mode);
1453 static int smb_full_audit_sys_acl_get_entry(vfs_handle_struct *handle,
1455 SMB_ACL_T theacl, int entry_id,
1456 SMB_ACL_ENTRY_T *entry_p)
1460 result = SMB_VFS_NEXT_SYS_ACL_GET_ENTRY(handle, theacl, entry_id,
1463 do_log(SMB_VFS_OP_SYS_ACL_GET_ENTRY, (result >= 0), handle,
1469 static int smb_full_audit_sys_acl_get_tag_type(vfs_handle_struct *handle,
1471 SMB_ACL_ENTRY_T entry_d,
1472 SMB_ACL_TAG_T *tag_type_p)
1476 result = SMB_VFS_NEXT_SYS_ACL_GET_TAG_TYPE(handle, entry_d,
1479 do_log(SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE, (result >= 0), handle,
1485 static int smb_full_audit_sys_acl_get_permset(vfs_handle_struct *handle,
1487 SMB_ACL_ENTRY_T entry_d,
1488 SMB_ACL_PERMSET_T *permset_p)
1492 result = SMB_VFS_NEXT_SYS_ACL_GET_PERMSET(handle, entry_d,
1495 do_log(SMB_VFS_OP_SYS_ACL_GET_PERMSET, (result >= 0), handle,
1501 static void * smb_full_audit_sys_acl_get_qualifier(vfs_handle_struct *handle,
1503 SMB_ACL_ENTRY_T entry_d)
1507 result = SMB_VFS_NEXT_SYS_ACL_GET_QUALIFIER(handle, entry_d);
1509 do_log(SMB_VFS_OP_SYS_ACL_GET_QUALIFIER, (result != NULL), handle,
1515 static SMB_ACL_T smb_full_audit_sys_acl_get_file(vfs_handle_struct *handle,
1517 SMB_ACL_TYPE_T type)
1521 result = SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p, type);
1523 do_log(SMB_VFS_OP_SYS_ACL_GET_FILE, (result != NULL), handle,
1529 static SMB_ACL_T smb_full_audit_sys_acl_get_fd(vfs_handle_struct *handle,
1530 files_struct *fsp, int fd)
1534 result = SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp, fd);
1536 do_log(SMB_VFS_OP_SYS_ACL_GET_FD, (result != NULL), handle,
1537 "%s", fsp->fsp_name);
1542 static int smb_full_audit_sys_acl_clear_perms(vfs_handle_struct *handle,
1544 SMB_ACL_PERMSET_T permset)
1548 result = SMB_VFS_NEXT_SYS_ACL_CLEAR_PERMS(handle, permset);
1550 do_log(SMB_VFS_OP_SYS_ACL_CLEAR_PERMS, (result >= 0), handle,
1556 static int smb_full_audit_sys_acl_add_perm(vfs_handle_struct *handle,
1558 SMB_ACL_PERMSET_T permset,
1559 SMB_ACL_PERM_T perm)
1563 result = SMB_VFS_NEXT_SYS_ACL_ADD_PERM(handle, permset, perm);
1565 do_log(SMB_VFS_OP_SYS_ACL_ADD_PERM, (result >= 0), handle,
1571 static char * smb_full_audit_sys_acl_to_text(vfs_handle_struct *handle,
1577 result = SMB_VFS_NEXT_SYS_ACL_TO_TEXT(handle, theacl, plen);
1579 do_log(SMB_VFS_OP_SYS_ACL_TO_TEXT, (result != NULL), handle,
1585 static SMB_ACL_T smb_full_audit_sys_acl_init(vfs_handle_struct *handle,
1591 result = SMB_VFS_NEXT_SYS_ACL_INIT(handle, count);
1593 do_log(SMB_VFS_OP_SYS_ACL_INIT, (result != NULL), handle,
1599 static int smb_full_audit_sys_acl_create_entry(vfs_handle_struct *handle,
1601 SMB_ACL_ENTRY_T *pentry)
1605 result = SMB_VFS_NEXT_SYS_ACL_CREATE_ENTRY(handle, pacl, pentry);
1607 do_log(SMB_VFS_OP_SYS_ACL_CREATE_ENTRY, (result >= 0), handle,
1613 static int smb_full_audit_sys_acl_set_tag_type(vfs_handle_struct *handle,
1615 SMB_ACL_ENTRY_T entry,
1616 SMB_ACL_TAG_T tagtype)
1620 result = SMB_VFS_NEXT_SYS_ACL_SET_TAG_TYPE(handle, entry,
1623 do_log(SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE, (result >= 0), handle,
1629 static int smb_full_audit_sys_acl_set_qualifier(vfs_handle_struct *handle,
1631 SMB_ACL_ENTRY_T entry,
1636 result = SMB_VFS_NEXT_SYS_ACL_SET_QUALIFIER(handle, entry, qual);
1638 do_log(SMB_VFS_OP_SYS_ACL_SET_QUALIFIER, (result >= 0), handle,
1644 static int smb_full_audit_sys_acl_set_permset(vfs_handle_struct *handle,
1646 SMB_ACL_ENTRY_T entry,
1647 SMB_ACL_PERMSET_T permset)
1651 result = SMB_VFS_NEXT_SYS_ACL_SET_PERMSET(handle, entry, permset);
1653 do_log(SMB_VFS_OP_SYS_ACL_SET_PERMSET, (result >= 0), handle,
1659 static int smb_full_audit_sys_acl_valid(vfs_handle_struct *handle,
1665 result = SMB_VFS_NEXT_SYS_ACL_VALID(handle, theacl);
1667 do_log(SMB_VFS_OP_SYS_ACL_VALID, (result >= 0), handle,
1673 static int smb_full_audit_sys_acl_set_file(vfs_handle_struct *handle,
1675 const char *name, SMB_ACL_TYPE_T acltype,
1680 result = SMB_VFS_NEXT_SYS_ACL_SET_FILE(handle, name, acltype,
1683 do_log(SMB_VFS_OP_SYS_ACL_SET_FILE, (result >= 0), handle,
1689 static int smb_full_audit_sys_acl_set_fd(vfs_handle_struct *handle, files_struct *fsp,
1690 int fd, SMB_ACL_T theacl)
1694 result = SMB_VFS_NEXT_SYS_ACL_SET_FD(handle, fsp, fd, theacl);
1696 do_log(SMB_VFS_OP_SYS_ACL_SET_FD, (result >= 0), handle,
1697 "%s", fsp->fsp_name);
1702 static int smb_full_audit_sys_acl_delete_def_file(vfs_handle_struct *handle,
1708 result = SMB_VFS_NEXT_SYS_ACL_DELETE_DEF_FILE(handle, path);
1710 do_log(SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE, (result >= 0), handle,
1716 static int smb_full_audit_sys_acl_get_perm(vfs_handle_struct *handle,
1718 SMB_ACL_PERMSET_T permset,
1719 SMB_ACL_PERM_T perm)
1723 result = SMB_VFS_NEXT_SYS_ACL_GET_PERM(handle, permset, perm);
1725 do_log(SMB_VFS_OP_SYS_ACL_GET_PERM, (result >= 0), handle,
1731 static int smb_full_audit_sys_acl_free_text(vfs_handle_struct *handle,
1737 result = SMB_VFS_NEXT_SYS_ACL_FREE_TEXT(handle, text);
1739 do_log(SMB_VFS_OP_SYS_ACL_FREE_TEXT, (result >= 0), handle,
1745 static int smb_full_audit_sys_acl_free_acl(vfs_handle_struct *handle,
1747 SMB_ACL_T posix_acl)
1751 result = SMB_VFS_NEXT_SYS_ACL_FREE_ACL(handle, posix_acl);
1753 do_log(SMB_VFS_OP_SYS_ACL_FREE_ACL, (result >= 0), handle,
1759 static int smb_full_audit_sys_acl_free_qualifier(vfs_handle_struct *handle,
1761 SMB_ACL_TAG_T tagtype)
1765 result = SMB_VFS_NEXT_SYS_ACL_FREE_QUALIFIER(handle, qualifier,
1768 do_log(SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER, (result >= 0), handle,
1774 static ssize_t smb_full_audit_getxattr(struct vfs_handle_struct *handle,
1776 const char *name, void *value, size_t size)
1780 result = SMB_VFS_NEXT_GETXATTR(handle, path, name, value, size);
1782 do_log(SMB_VFS_OP_GETXATTR, (result >= 0), handle,
1783 "%s|%s", path, name);
1788 static ssize_t smb_full_audit_lgetxattr(struct vfs_handle_struct *handle,
1789 const char *path, const char *name,
1790 void *value, size_t size)
1794 result = SMB_VFS_NEXT_LGETXATTR(handle, path, name, value, size);
1796 do_log(SMB_VFS_OP_LGETXATTR, (result >= 0), handle,
1797 "%s|%s", path, name);
1802 static ssize_t smb_full_audit_fgetxattr(struct vfs_handle_struct *handle,
1803 struct files_struct *fsp, int fd,
1804 const char *name, void *value, size_t size)
1808 result = SMB_VFS_NEXT_FGETXATTR(handle, fsp, fd, name, value, size);
1810 do_log(SMB_VFS_OP_FGETXATTR, (result >= 0), handle,
1811 "%s|%s", fsp->fsp_name, name);
1816 static ssize_t smb_full_audit_listxattr(struct vfs_handle_struct *handle,
1817 const char *path, char *list, size_t size)
1821 result = SMB_VFS_NEXT_LISTXATTR(handle, path, list, size);
1823 do_log(SMB_VFS_OP_LISTXATTR, (result >= 0), handle, "%s", path);
1828 static ssize_t smb_full_audit_llistxattr(struct vfs_handle_struct *handle,
1829 const char *path, char *list, size_t size)
1833 result = SMB_VFS_NEXT_LLISTXATTR(handle, path, list, size);
1835 do_log(SMB_VFS_OP_LLISTXATTR, (result >= 0), handle, "%s", path);
1840 static ssize_t smb_full_audit_flistxattr(struct vfs_handle_struct *handle,
1841 struct files_struct *fsp, int fd, char *list,
1846 result = SMB_VFS_NEXT_FLISTXATTR(handle, fsp, fd, list, size);
1848 do_log(SMB_VFS_OP_FLISTXATTR, (result >= 0), handle,
1849 "%s", fsp->fsp_name);
1854 static int smb_full_audit_removexattr(struct vfs_handle_struct *handle,
1860 result = SMB_VFS_NEXT_REMOVEXATTR(handle, path, name);
1862 do_log(SMB_VFS_OP_REMOVEXATTR, (result >= 0), handle,
1863 "%s|%s", path, name);
1868 static int smb_full_audit_lremovexattr(struct vfs_handle_struct *handle,
1874 result = SMB_VFS_NEXT_LREMOVEXATTR(handle, path, name);
1876 do_log(SMB_VFS_OP_LREMOVEXATTR, (result >= 0), handle,
1877 "%s|%s", path, name);
1882 static int smb_full_audit_fremovexattr(struct vfs_handle_struct *handle,
1883 struct files_struct *fsp, int fd,
1888 result = SMB_VFS_NEXT_FREMOVEXATTR(handle, fsp, fd, name);
1890 do_log(SMB_VFS_OP_FREMOVEXATTR, (result >= 0), handle,
1891 "%s|%s", fsp->fsp_name, name);
1896 static int smb_full_audit_setxattr(struct vfs_handle_struct *handle,
1898 const char *name, const void *value, size_t size,
1903 result = SMB_VFS_NEXT_SETXATTR(handle, path, name, value, size,
1906 do_log(SMB_VFS_OP_SETXATTR, (result >= 0), handle,
1907 "%s|%s", path, name);
1912 static int smb_full_audit_lsetxattr(struct vfs_handle_struct *handle,
1914 const char *name, const void *value, size_t size,
1919 result = SMB_VFS_NEXT_LSETXATTR(handle, path, name, value, size,
1922 do_log(SMB_VFS_OP_LSETXATTR, (result >= 0), handle,
1923 "%s|%s", path, name);
1928 static int smb_full_audit_fsetxattr(struct vfs_handle_struct *handle,
1929 struct files_struct *fsp, int fd, const char *name,
1930 const void *value, size_t size, int flags)
1934 result = SMB_VFS_NEXT_FSETXATTR(handle, fsp, fd, name, value, size,
1937 do_log(SMB_VFS_OP_FSETXATTR, (result >= 0), handle,
1938 "%s|%s", fsp->fsp_name, name);
1943 static int smb_full_audit_aio_read(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb)
1947 result = SMB_VFS_NEXT_AIO_READ(handle, fsp, aiocb);
1948 do_log(SMB_VFS_OP_AIO_READ, (result >= 0), handle,
1949 "%s", fsp->fsp_name);
1954 static int smb_full_audit_aio_write(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb)
1958 result = SMB_VFS_NEXT_AIO_WRITE(handle, fsp, aiocb);
1959 do_log(SMB_VFS_OP_AIO_WRITE, (result >= 0), handle,
1960 "%s", fsp->fsp_name);
1965 static ssize_t smb_full_audit_aio_return(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb)
1969 result = SMB_VFS_NEXT_AIO_RETURN(handle, fsp, aiocb);
1970 do_log(SMB_VFS_OP_AIO_RETURN, (result >= 0), handle,
1971 "%s", fsp->fsp_name);
1976 static int smb_full_audit_aio_cancel(struct vfs_handle_struct *handle, struct files_struct *fsp, int fd, SMB_STRUCT_AIOCB *aiocb)
1980 result = SMB_VFS_NEXT_AIO_CANCEL(handle, fsp, fd, aiocb);
1981 do_log(SMB_VFS_OP_AIO_CANCEL, (result >= 0), handle,
1982 "%s", fsp->fsp_name);
1987 static int smb_full_audit_aio_error(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb)
1991 result = SMB_VFS_NEXT_AIO_ERROR(handle, fsp, aiocb);
1992 do_log(SMB_VFS_OP_AIO_ERROR, (result >= 0), handle,
1993 "%s", fsp->fsp_name);
1998 static int smb_full_audit_aio_fsync(struct vfs_handle_struct *handle, struct files_struct *fsp, int op, SMB_STRUCT_AIOCB *aiocb)
2002 result = SMB_VFS_NEXT_AIO_FSYNC(handle, fsp, op, aiocb);
2003 do_log(SMB_VFS_OP_AIO_FSYNC, (result >= 0), handle,
2004 "%s", fsp->fsp_name);
2009 static int smb_full_audit_aio_suspend(struct vfs_handle_struct *handle, struct files_struct *fsp, const SMB_STRUCT_AIOCB * const aiocb[], int n, const struct timespec *ts)
2013 result = SMB_VFS_NEXT_AIO_SUSPEND(handle, fsp, aiocb, n, ts);
2014 do_log(SMB_VFS_OP_AIO_SUSPEND, (result >= 0), handle,
2015 "%s", fsp->fsp_name);
2021 NTSTATUS vfs_full_audit_init(void)
2023 NTSTATUS ret = smb_register_vfs(SMB_VFS_INTERFACE_VERSION,
2024 "full_audit", audit_op_tuples);
2026 if (!NT_STATUS_IS_OK(ret))
2029 vfs_full_audit_debug_level = debug_add_class("full_audit");
2030 if (vfs_full_audit_debug_level == -1) {
2031 vfs_full_audit_debug_level = DBGC_VFS;
2032 DEBUG(0, ("vfs_full_audit: Couldn't register custom debugging "
2035 DEBUG(10, ("vfs_full_audit: Debug class number of "
2036 "'full_audit': %d\n", vfs_full_audit_debug_level));
git.samba.org / samba.git / blob