2 * Auditing VFS module for samba. Log selected file operations to syslog
5 * Copyright (C) Tim Potter, 1999-2000
6 * Copyright (C) Alexander Bokovoy, 2002
7 * Copyright (C) John H Terpstra, 2003
8 * Copyright (C) Stefan (metze) Metzmacher, 2003
9 * Copyright (C) Volker Lendecke, 2004
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
27 * This module implements parseable logging for all Samba VFS operations.
29 * You use it as follows:
33 * vfs objects = full_audit
34 * full_audit:prefix = %u|%I
35 * full_audit:success = open opendir
36 * full_audit:failure = all
38 * vfs op can be "all" which means log all operations.
39 * vfs op can be "none" which means no logging.
41 * This leads to syslog entries of the form:
42 * smbd_audit: nobody|192.168.234.1|opendir|ok|.
43 * smbd_audit: nobody|192.168.234.1|open|fail (File not found)|r|x.txt
45 * where "nobody" is the connected username and "192.168.234.1" is the
46 * client's IP address.
50 * prefix: A macro expansion template prepended to the syslog entry.
52 * success: A list of VFS operations for which a successful completion should
53 * be logged. Defaults to no logging at all. The special operation "all" logs
54 * - you guessed it - everything.
56 * failure: A list of VFS operations for which failure to complete should be
57 * logged. Defaults to logging everything.
63 extern userdom_struct current_user_info;
65 static int vfs_full_audit_debug_level = DBGC_VFS;
67 struct vfs_full_audit_private_data {
68 struct bitmap *success_ops;
69 struct bitmap *failure_ops;
73 #define DBGC_CLASS vfs_full_audit_debug_level
75 /* Function prototypes */
77 static int smb_full_audit_connect(vfs_handle_struct *handle,
78 const char *svc, const char *user);
79 static void smb_full_audit_disconnect(vfs_handle_struct *handle);
80 static SMB_BIG_UINT smb_full_audit_disk_free(vfs_handle_struct *handle,
82 BOOL small_query, SMB_BIG_UINT *bsize,
83 SMB_BIG_UINT *dfree, SMB_BIG_UINT *dsize);
84 static int smb_full_audit_get_quota(struct vfs_handle_struct *handle,
85 enum SMB_QUOTA_TYPE qtype, unid_t id,
87 static int smb_full_audit_set_quota(struct vfs_handle_struct *handle,
88 enum SMB_QUOTA_TYPE qtype, unid_t id,
90 static int smb_full_audit_get_shadow_copy_data(struct vfs_handle_struct *handle,
91 struct files_struct *fsp,
92 SHADOW_COPY_DATA *shadow_copy_data, BOOL labels);
93 static int smb_full_audit_statvfs(struct vfs_handle_struct *handle,
95 struct vfs_statvfs_struct *statbuf);
97 static SMB_STRUCT_DIR *smb_full_audit_opendir(vfs_handle_struct *handle,
98 const char *fname, const char *mask, uint32 attr);
99 static SMB_STRUCT_DIRENT *smb_full_audit_readdir(vfs_handle_struct *handle,
100 SMB_STRUCT_DIR *dirp);
101 static void smb_full_audit_seekdir(vfs_handle_struct *handle,
102 SMB_STRUCT_DIR *dirp, long offset);
103 static long smb_full_audit_telldir(vfs_handle_struct *handle,
104 SMB_STRUCT_DIR *dirp);
105 static void smb_full_audit_rewinddir(vfs_handle_struct *handle,
106 SMB_STRUCT_DIR *dirp);
107 static int smb_full_audit_mkdir(vfs_handle_struct *handle,
108 const char *path, mode_t mode);
109 static int smb_full_audit_rmdir(vfs_handle_struct *handle,
111 static int smb_full_audit_closedir(vfs_handle_struct *handle,
112 SMB_STRUCT_DIR *dirp);
113 static int smb_full_audit_open(vfs_handle_struct *handle,
114 const char *fname, files_struct *fsp, int flags, mode_t mode);
115 static int smb_full_audit_close(vfs_handle_struct *handle, files_struct *fsp, int fd);
116 static ssize_t smb_full_audit_read(vfs_handle_struct *handle, files_struct *fsp,
117 int fd, void *data, size_t n);
118 static ssize_t smb_full_audit_pread(vfs_handle_struct *handle, files_struct *fsp,
119 int fd, void *data, size_t n, SMB_OFF_T offset);
120 static ssize_t smb_full_audit_write(vfs_handle_struct *handle, files_struct *fsp,
121 int fd, const void *data, size_t n);
122 static ssize_t smb_full_audit_pwrite(vfs_handle_struct *handle, files_struct *fsp,
123 int fd, const void *data, size_t n,
125 static SMB_OFF_T smb_full_audit_lseek(vfs_handle_struct *handle, files_struct *fsp,
126 int filedes, SMB_OFF_T offset, int whence);
127 static ssize_t smb_full_audit_sendfile(vfs_handle_struct *handle, int tofd,
128 files_struct *fsp, int fromfd,
129 const DATA_BLOB *hdr, SMB_OFF_T offset,
131 static int smb_full_audit_rename(vfs_handle_struct *handle,
132 const char *oldname, const char *newname);
133 static int smb_full_audit_fsync(vfs_handle_struct *handle, files_struct *fsp, int fd);
134 static int smb_full_audit_stat(vfs_handle_struct *handle,
135 const char *fname, SMB_STRUCT_STAT *sbuf);
136 static int smb_full_audit_fstat(vfs_handle_struct *handle, files_struct *fsp, int fd,
137 SMB_STRUCT_STAT *sbuf);
138 static int smb_full_audit_lstat(vfs_handle_struct *handle,
139 const char *path, SMB_STRUCT_STAT *sbuf);
140 static int smb_full_audit_unlink(vfs_handle_struct *handle,
142 static int smb_full_audit_chmod(vfs_handle_struct *handle,
143 const char *path, mode_t mode);
144 static int smb_full_audit_fchmod(vfs_handle_struct *handle, files_struct *fsp, int fd,
146 static int smb_full_audit_chown(vfs_handle_struct *handle,
147 const char *path, uid_t uid, gid_t gid);
148 static int smb_full_audit_fchown(vfs_handle_struct *handle, files_struct *fsp, int fd,
149 uid_t uid, gid_t gid);
150 static int smb_full_audit_chdir(vfs_handle_struct *handle,
152 static char *smb_full_audit_getwd(vfs_handle_struct *handle,
154 static int smb_full_audit_ntimes(vfs_handle_struct *handle,
155 const char *path, const struct timespec ts[2]);
156 static int smb_full_audit_ftruncate(vfs_handle_struct *handle, files_struct *fsp,
157 int fd, SMB_OFF_T len);
158 static BOOL smb_full_audit_lock(vfs_handle_struct *handle, files_struct *fsp, int fd,
159 int op, SMB_OFF_T offset, SMB_OFF_T count, int type);
160 static int smb_full_audit_kernel_flock(struct vfs_handle_struct *handle,
161 struct files_struct *fsp, int fd,
163 static int smb_full_audit_linux_setlease(vfs_handle_struct *handle, files_struct *fsp,
164 int fd, int leasetype);
165 static BOOL smb_full_audit_getlock(vfs_handle_struct *handle, files_struct *fsp, int fd,
166 SMB_OFF_T *poffset, SMB_OFF_T *pcount, int *ptype, pid_t *ppid);
167 static int smb_full_audit_symlink(vfs_handle_struct *handle,
168 const char *oldpath, const char *newpath);
169 static int smb_full_audit_readlink(vfs_handle_struct *handle,
170 const char *path, char *buf, size_t bufsiz);
171 static int smb_full_audit_link(vfs_handle_struct *handle,
172 const char *oldpath, const char *newpath);
173 static int smb_full_audit_mknod(vfs_handle_struct *handle,
174 const char *pathname, mode_t mode, SMB_DEV_T dev);
175 static char *smb_full_audit_realpath(vfs_handle_struct *handle,
176 const char *path, char *resolved_path);
177 static int smb_full_audit_chflags(vfs_handle_struct *handle,
178 const char *path, uint flags);
179 static size_t smb_full_audit_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
180 int fd, uint32 security_info,
182 static size_t smb_full_audit_get_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
183 const char *name, uint32 security_info,
185 static BOOL smb_full_audit_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
186 int fd, uint32 security_info_sent,
188 static BOOL smb_full_audit_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
189 const char *name, uint32 security_info_sent,
191 static int smb_full_audit_chmod_acl(vfs_handle_struct *handle,
192 const char *path, mode_t mode);
193 static int smb_full_audit_fchmod_acl(vfs_handle_struct *handle, files_struct *fsp,
194 int fd, mode_t mode);
195 static int smb_full_audit_sys_acl_get_entry(vfs_handle_struct *handle,
196 SMB_ACL_T theacl, int entry_id,
197 SMB_ACL_ENTRY_T *entry_p);
198 static int smb_full_audit_sys_acl_get_tag_type(vfs_handle_struct *handle,
199 SMB_ACL_ENTRY_T entry_d,
200 SMB_ACL_TAG_T *tag_type_p);
201 static int smb_full_audit_sys_acl_get_permset(vfs_handle_struct *handle,
202 SMB_ACL_ENTRY_T entry_d,
203 SMB_ACL_PERMSET_T *permset_p);
204 static void * smb_full_audit_sys_acl_get_qualifier(vfs_handle_struct *handle,
205 SMB_ACL_ENTRY_T entry_d);
206 static SMB_ACL_T smb_full_audit_sys_acl_get_file(vfs_handle_struct *handle,
208 SMB_ACL_TYPE_T type);
209 static SMB_ACL_T smb_full_audit_sys_acl_get_fd(vfs_handle_struct *handle,
212 static int smb_full_audit_sys_acl_clear_perms(vfs_handle_struct *handle,
213 SMB_ACL_PERMSET_T permset);
214 static int smb_full_audit_sys_acl_add_perm(vfs_handle_struct *handle,
215 SMB_ACL_PERMSET_T permset,
216 SMB_ACL_PERM_T perm);
217 static char * smb_full_audit_sys_acl_to_text(vfs_handle_struct *handle,
220 static SMB_ACL_T smb_full_audit_sys_acl_init(vfs_handle_struct *handle,
222 static int smb_full_audit_sys_acl_create_entry(vfs_handle_struct *handle,
224 SMB_ACL_ENTRY_T *pentry);
225 static int smb_full_audit_sys_acl_set_tag_type(vfs_handle_struct *handle,
226 SMB_ACL_ENTRY_T entry,
227 SMB_ACL_TAG_T tagtype);
228 static int smb_full_audit_sys_acl_set_qualifier(vfs_handle_struct *handle,
229 SMB_ACL_ENTRY_T entry,
231 static int smb_full_audit_sys_acl_set_permset(vfs_handle_struct *handle,
232 SMB_ACL_ENTRY_T entry,
233 SMB_ACL_PERMSET_T permset);
234 static int smb_full_audit_sys_acl_valid(vfs_handle_struct *handle,
236 static int smb_full_audit_sys_acl_set_file(vfs_handle_struct *handle,
237 const char *name, SMB_ACL_TYPE_T acltype,
239 static int smb_full_audit_sys_acl_set_fd(vfs_handle_struct *handle, files_struct *fsp,
240 int fd, SMB_ACL_T theacl);
241 static int smb_full_audit_sys_acl_delete_def_file(vfs_handle_struct *handle,
243 static int smb_full_audit_sys_acl_get_perm(vfs_handle_struct *handle,
244 SMB_ACL_PERMSET_T permset,
245 SMB_ACL_PERM_T perm);
246 static int smb_full_audit_sys_acl_free_text(vfs_handle_struct *handle,
248 static int smb_full_audit_sys_acl_free_acl(vfs_handle_struct *handle,
249 SMB_ACL_T posix_acl);
250 static int smb_full_audit_sys_acl_free_qualifier(vfs_handle_struct *handle,
252 SMB_ACL_TAG_T tagtype);
253 static ssize_t smb_full_audit_getxattr(struct vfs_handle_struct *handle,
255 const char *name, void *value, size_t size);
256 static ssize_t smb_full_audit_lgetxattr(struct vfs_handle_struct *handle,
257 const char *path, const char *name,
258 void *value, size_t size);
259 static ssize_t smb_full_audit_fgetxattr(struct vfs_handle_struct *handle,
260 struct files_struct *fsp, int fd,
261 const char *name, void *value, size_t size);
262 static ssize_t smb_full_audit_listxattr(struct vfs_handle_struct *handle,
263 const char *path, char *list, size_t size);
264 static ssize_t smb_full_audit_llistxattr(struct vfs_handle_struct *handle,
265 const char *path, char *list, size_t size);
266 static ssize_t smb_full_audit_flistxattr(struct vfs_handle_struct *handle,
267 struct files_struct *fsp, int fd, char *list,
269 static int smb_full_audit_removexattr(struct vfs_handle_struct *handle,
272 static int smb_full_audit_lremovexattr(struct vfs_handle_struct *handle,
275 static int smb_full_audit_fremovexattr(struct vfs_handle_struct *handle,
276 struct files_struct *fsp, int fd,
278 static int smb_full_audit_setxattr(struct vfs_handle_struct *handle,
280 const char *name, const void *value, size_t size,
282 static int smb_full_audit_lsetxattr(struct vfs_handle_struct *handle,
284 const char *name, const void *value, size_t size,
286 static int smb_full_audit_fsetxattr(struct vfs_handle_struct *handle,
287 struct files_struct *fsp, int fd, const char *name,
288 const void *value, size_t size, int flags);
290 static int smb_full_audit_aio_read(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb);
291 static int smb_full_audit_aio_write(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb);
292 static ssize_t smb_full_audit_aio_return(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb);
293 static int smb_full_audit_aio_cancel(struct vfs_handle_struct *handle, struct files_struct *fsp, int fd, SMB_STRUCT_AIOCB *aiocb);
294 static int smb_full_audit_aio_error(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb);
295 static int smb_full_audit_aio_fsync(struct vfs_handle_struct *handle, struct files_struct *fsp, int op, SMB_STRUCT_AIOCB *aiocb);
296 static int smb_full_audit_aio_suspend(struct vfs_handle_struct *handle, struct files_struct *fsp, const SMB_STRUCT_AIOCB * const aiocb[], int n, const struct timespec *ts);
300 static vfs_op_tuple audit_op_tuples[] = {
302 /* Disk operations */
304 {SMB_VFS_OP(smb_full_audit_connect), SMB_VFS_OP_CONNECT,
305 SMB_VFS_LAYER_LOGGER},
306 {SMB_VFS_OP(smb_full_audit_disconnect), SMB_VFS_OP_DISCONNECT,
307 SMB_VFS_LAYER_LOGGER},
308 {SMB_VFS_OP(smb_full_audit_disk_free), SMB_VFS_OP_DISK_FREE,
309 SMB_VFS_LAYER_LOGGER},
310 {SMB_VFS_OP(smb_full_audit_get_quota), SMB_VFS_OP_GET_QUOTA,
311 SMB_VFS_LAYER_LOGGER},
312 {SMB_VFS_OP(smb_full_audit_set_quota), SMB_VFS_OP_SET_QUOTA,
313 SMB_VFS_LAYER_LOGGER},
314 {SMB_VFS_OP(smb_full_audit_get_shadow_copy_data), SMB_VFS_OP_GET_SHADOW_COPY_DATA,
315 SMB_VFS_LAYER_LOGGER},
316 {SMB_VFS_OP(smb_full_audit_statvfs), SMB_VFS_OP_STATVFS,
317 SMB_VFS_LAYER_LOGGER},
319 /* Directory operations */
321 {SMB_VFS_OP(smb_full_audit_opendir), SMB_VFS_OP_OPENDIR,
322 SMB_VFS_LAYER_LOGGER},
323 {SMB_VFS_OP(smb_full_audit_readdir), SMB_VFS_OP_READDIR,
324 SMB_VFS_LAYER_LOGGER},
325 {SMB_VFS_OP(smb_full_audit_seekdir), SMB_VFS_OP_SEEKDIR,
326 SMB_VFS_LAYER_LOGGER},
327 {SMB_VFS_OP(smb_full_audit_telldir), SMB_VFS_OP_TELLDIR,
328 SMB_VFS_LAYER_LOGGER},
329 {SMB_VFS_OP(smb_full_audit_rewinddir), SMB_VFS_OP_REWINDDIR,
330 SMB_VFS_LAYER_LOGGER},
331 {SMB_VFS_OP(smb_full_audit_mkdir), SMB_VFS_OP_MKDIR,
332 SMB_VFS_LAYER_LOGGER},
333 {SMB_VFS_OP(smb_full_audit_rmdir), SMB_VFS_OP_RMDIR,
334 SMB_VFS_LAYER_LOGGER},
335 {SMB_VFS_OP(smb_full_audit_closedir), SMB_VFS_OP_CLOSEDIR,
336 SMB_VFS_LAYER_LOGGER},
338 /* File operations */
340 {SMB_VFS_OP(smb_full_audit_open), SMB_VFS_OP_OPEN,
341 SMB_VFS_LAYER_LOGGER},
342 {SMB_VFS_OP(smb_full_audit_close), SMB_VFS_OP_CLOSE,
343 SMB_VFS_LAYER_LOGGER},
344 {SMB_VFS_OP(smb_full_audit_read), SMB_VFS_OP_READ,
345 SMB_VFS_LAYER_LOGGER},
346 {SMB_VFS_OP(smb_full_audit_pread), SMB_VFS_OP_PREAD,
347 SMB_VFS_LAYER_LOGGER},
348 {SMB_VFS_OP(smb_full_audit_write), SMB_VFS_OP_WRITE,
349 SMB_VFS_LAYER_LOGGER},
350 {SMB_VFS_OP(smb_full_audit_pwrite), SMB_VFS_OP_PWRITE,
351 SMB_VFS_LAYER_LOGGER},
352 {SMB_VFS_OP(smb_full_audit_lseek), SMB_VFS_OP_LSEEK,
353 SMB_VFS_LAYER_LOGGER},
354 {SMB_VFS_OP(smb_full_audit_sendfile), SMB_VFS_OP_SENDFILE,
355 SMB_VFS_LAYER_LOGGER},
356 {SMB_VFS_OP(smb_full_audit_rename), SMB_VFS_OP_RENAME,
357 SMB_VFS_LAYER_LOGGER},
358 {SMB_VFS_OP(smb_full_audit_fsync), SMB_VFS_OP_FSYNC,
359 SMB_VFS_LAYER_LOGGER},
360 {SMB_VFS_OP(smb_full_audit_stat), SMB_VFS_OP_STAT,
361 SMB_VFS_LAYER_LOGGER},
362 {SMB_VFS_OP(smb_full_audit_fstat), SMB_VFS_OP_FSTAT,
363 SMB_VFS_LAYER_LOGGER},
364 {SMB_VFS_OP(smb_full_audit_lstat), SMB_VFS_OP_LSTAT,
365 SMB_VFS_LAYER_LOGGER},
366 {SMB_VFS_OP(smb_full_audit_unlink), SMB_VFS_OP_UNLINK,
367 SMB_VFS_LAYER_LOGGER},
368 {SMB_VFS_OP(smb_full_audit_chmod), SMB_VFS_OP_CHMOD,
369 SMB_VFS_LAYER_LOGGER},
370 {SMB_VFS_OP(smb_full_audit_fchmod), SMB_VFS_OP_FCHMOD,
371 SMB_VFS_LAYER_LOGGER},
372 {SMB_VFS_OP(smb_full_audit_chown), SMB_VFS_OP_CHOWN,
373 SMB_VFS_LAYER_LOGGER},
374 {SMB_VFS_OP(smb_full_audit_fchown), SMB_VFS_OP_FCHOWN,
375 SMB_VFS_LAYER_LOGGER},
376 {SMB_VFS_OP(smb_full_audit_chdir), SMB_VFS_OP_CHDIR,
377 SMB_VFS_LAYER_LOGGER},
378 {SMB_VFS_OP(smb_full_audit_getwd), SMB_VFS_OP_GETWD,
379 SMB_VFS_LAYER_LOGGER},
380 {SMB_VFS_OP(smb_full_audit_ntimes), SMB_VFS_OP_NTIMES,
381 SMB_VFS_LAYER_LOGGER},
382 {SMB_VFS_OP(smb_full_audit_ftruncate), SMB_VFS_OP_FTRUNCATE,
383 SMB_VFS_LAYER_LOGGER},
384 {SMB_VFS_OP(smb_full_audit_lock), SMB_VFS_OP_LOCK,
385 SMB_VFS_LAYER_LOGGER},
386 {SMB_VFS_OP(smb_full_audit_kernel_flock), SMB_VFS_OP_KERNEL_FLOCK,
387 SMB_VFS_LAYER_LOGGER},
388 {SMB_VFS_OP(smb_full_audit_linux_setlease), SMB_VFS_OP_LINUX_SETLEASE,
389 SMB_VFS_LAYER_LOGGER},
390 {SMB_VFS_OP(smb_full_audit_getlock), SMB_VFS_OP_GETLOCK,
391 SMB_VFS_LAYER_LOGGER},
392 {SMB_VFS_OP(smb_full_audit_symlink), SMB_VFS_OP_SYMLINK,
393 SMB_VFS_LAYER_LOGGER},
394 {SMB_VFS_OP(smb_full_audit_readlink), SMB_VFS_OP_READLINK,
395 SMB_VFS_LAYER_LOGGER},
396 {SMB_VFS_OP(smb_full_audit_link), SMB_VFS_OP_LINK,
397 SMB_VFS_LAYER_LOGGER},
398 {SMB_VFS_OP(smb_full_audit_mknod), SMB_VFS_OP_MKNOD,
399 SMB_VFS_LAYER_LOGGER},
400 {SMB_VFS_OP(smb_full_audit_realpath), SMB_VFS_OP_REALPATH,
401 SMB_VFS_LAYER_LOGGER},
402 {SMB_VFS_OP(smb_full_audit_chflags), SMB_VFS_OP_CHFLAGS,
403 SMB_VFS_LAYER_LOGGER},
405 /* NT ACL operations. */
407 {SMB_VFS_OP(smb_full_audit_fget_nt_acl), SMB_VFS_OP_FGET_NT_ACL,
408 SMB_VFS_LAYER_LOGGER},
409 {SMB_VFS_OP(smb_full_audit_get_nt_acl), SMB_VFS_OP_GET_NT_ACL,
410 SMB_VFS_LAYER_LOGGER},
411 {SMB_VFS_OP(smb_full_audit_fset_nt_acl), SMB_VFS_OP_FSET_NT_ACL,
412 SMB_VFS_LAYER_LOGGER},
413 {SMB_VFS_OP(smb_full_audit_set_nt_acl), SMB_VFS_OP_SET_NT_ACL,
414 SMB_VFS_LAYER_LOGGER},
416 /* POSIX ACL operations. */
418 {SMB_VFS_OP(smb_full_audit_chmod_acl), SMB_VFS_OP_CHMOD_ACL,
419 SMB_VFS_LAYER_LOGGER},
420 {SMB_VFS_OP(smb_full_audit_fchmod_acl), SMB_VFS_OP_FCHMOD_ACL,
421 SMB_VFS_LAYER_LOGGER},
422 {SMB_VFS_OP(smb_full_audit_sys_acl_get_entry), SMB_VFS_OP_SYS_ACL_GET_ENTRY,
423 SMB_VFS_LAYER_LOGGER},
424 {SMB_VFS_OP(smb_full_audit_sys_acl_get_tag_type), SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE,
425 SMB_VFS_LAYER_LOGGER},
426 {SMB_VFS_OP(smb_full_audit_sys_acl_get_permset), SMB_VFS_OP_SYS_ACL_GET_PERMSET,
427 SMB_VFS_LAYER_LOGGER},
428 {SMB_VFS_OP(smb_full_audit_sys_acl_get_qualifier), SMB_VFS_OP_SYS_ACL_GET_QUALIFIER,
429 SMB_VFS_LAYER_LOGGER},
430 {SMB_VFS_OP(smb_full_audit_sys_acl_get_file), SMB_VFS_OP_SYS_ACL_GET_FILE,
431 SMB_VFS_LAYER_LOGGER},
432 {SMB_VFS_OP(smb_full_audit_sys_acl_get_fd), SMB_VFS_OP_SYS_ACL_GET_FD,
433 SMB_VFS_LAYER_LOGGER},
434 {SMB_VFS_OP(smb_full_audit_sys_acl_clear_perms), SMB_VFS_OP_SYS_ACL_CLEAR_PERMS,
435 SMB_VFS_LAYER_LOGGER},
436 {SMB_VFS_OP(smb_full_audit_sys_acl_add_perm), SMB_VFS_OP_SYS_ACL_ADD_PERM,
437 SMB_VFS_LAYER_LOGGER},
438 {SMB_VFS_OP(smb_full_audit_sys_acl_to_text), SMB_VFS_OP_SYS_ACL_TO_TEXT,
439 SMB_VFS_LAYER_LOGGER},
440 {SMB_VFS_OP(smb_full_audit_sys_acl_init), SMB_VFS_OP_SYS_ACL_INIT,
441 SMB_VFS_LAYER_LOGGER},
442 {SMB_VFS_OP(smb_full_audit_sys_acl_create_entry), SMB_VFS_OP_SYS_ACL_CREATE_ENTRY,
443 SMB_VFS_LAYER_LOGGER},
444 {SMB_VFS_OP(smb_full_audit_sys_acl_set_tag_type), SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE,
445 SMB_VFS_LAYER_LOGGER},
446 {SMB_VFS_OP(smb_full_audit_sys_acl_set_qualifier), SMB_VFS_OP_SYS_ACL_SET_QUALIFIER,
447 SMB_VFS_LAYER_LOGGER},
448 {SMB_VFS_OP(smb_full_audit_sys_acl_set_permset), SMB_VFS_OP_SYS_ACL_SET_PERMSET,
449 SMB_VFS_LAYER_LOGGER},
450 {SMB_VFS_OP(smb_full_audit_sys_acl_valid), SMB_VFS_OP_SYS_ACL_VALID,
451 SMB_VFS_LAYER_LOGGER},
452 {SMB_VFS_OP(smb_full_audit_sys_acl_set_file), SMB_VFS_OP_SYS_ACL_SET_FILE,
453 SMB_VFS_LAYER_LOGGER},
454 {SMB_VFS_OP(smb_full_audit_sys_acl_set_fd), SMB_VFS_OP_SYS_ACL_SET_FD,
455 SMB_VFS_LAYER_LOGGER},
456 {SMB_VFS_OP(smb_full_audit_sys_acl_delete_def_file), SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE,
457 SMB_VFS_LAYER_LOGGER},
458 {SMB_VFS_OP(smb_full_audit_sys_acl_get_perm), SMB_VFS_OP_SYS_ACL_GET_PERM,
459 SMB_VFS_LAYER_LOGGER},
460 {SMB_VFS_OP(smb_full_audit_sys_acl_free_text), SMB_VFS_OP_SYS_ACL_FREE_TEXT,
461 SMB_VFS_LAYER_LOGGER},
462 {SMB_VFS_OP(smb_full_audit_sys_acl_free_acl), SMB_VFS_OP_SYS_ACL_FREE_ACL,
463 SMB_VFS_LAYER_LOGGER},
464 {SMB_VFS_OP(smb_full_audit_sys_acl_free_qualifier), SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER,
465 SMB_VFS_LAYER_LOGGER},
469 {SMB_VFS_OP(smb_full_audit_getxattr), SMB_VFS_OP_GETXATTR,
470 SMB_VFS_LAYER_LOGGER},
471 {SMB_VFS_OP(smb_full_audit_lgetxattr), SMB_VFS_OP_LGETXATTR,
472 SMB_VFS_LAYER_LOGGER},
473 {SMB_VFS_OP(smb_full_audit_fgetxattr), SMB_VFS_OP_FGETXATTR,
474 SMB_VFS_LAYER_LOGGER},
475 {SMB_VFS_OP(smb_full_audit_listxattr), SMB_VFS_OP_LISTXATTR,
476 SMB_VFS_LAYER_LOGGER},
477 {SMB_VFS_OP(smb_full_audit_llistxattr), SMB_VFS_OP_LLISTXATTR,
478 SMB_VFS_LAYER_LOGGER},
479 {SMB_VFS_OP(smb_full_audit_flistxattr), SMB_VFS_OP_FLISTXATTR,
480 SMB_VFS_LAYER_LOGGER},
481 {SMB_VFS_OP(smb_full_audit_removexattr), SMB_VFS_OP_REMOVEXATTR,
482 SMB_VFS_LAYER_LOGGER},
483 {SMB_VFS_OP(smb_full_audit_lremovexattr), SMB_VFS_OP_LREMOVEXATTR,
484 SMB_VFS_LAYER_LOGGER},
485 {SMB_VFS_OP(smb_full_audit_fremovexattr), SMB_VFS_OP_FREMOVEXATTR,
486 SMB_VFS_LAYER_LOGGER},
487 {SMB_VFS_OP(smb_full_audit_setxattr), SMB_VFS_OP_SETXATTR,
488 SMB_VFS_LAYER_LOGGER},
489 {SMB_VFS_OP(smb_full_audit_lsetxattr), SMB_VFS_OP_LSETXATTR,
490 SMB_VFS_LAYER_LOGGER},
491 {SMB_VFS_OP(smb_full_audit_fsetxattr), SMB_VFS_OP_FSETXATTR,
492 SMB_VFS_LAYER_LOGGER},
494 {SMB_VFS_OP(smb_full_audit_aio_read), SMB_VFS_OP_AIO_READ,
495 SMB_VFS_LAYER_LOGGER},
496 {SMB_VFS_OP(smb_full_audit_aio_write), SMB_VFS_OP_AIO_WRITE,
497 SMB_VFS_LAYER_LOGGER},
498 {SMB_VFS_OP(smb_full_audit_aio_return), SMB_VFS_OP_AIO_RETURN,
499 SMB_VFS_LAYER_LOGGER},
500 {SMB_VFS_OP(smb_full_audit_aio_cancel), SMB_VFS_OP_AIO_CANCEL,
501 SMB_VFS_LAYER_LOGGER},
502 {SMB_VFS_OP(smb_full_audit_aio_error), SMB_VFS_OP_AIO_ERROR,
503 SMB_VFS_LAYER_LOGGER},
504 {SMB_VFS_OP(smb_full_audit_aio_fsync), SMB_VFS_OP_AIO_FSYNC,
505 SMB_VFS_LAYER_LOGGER},
506 {SMB_VFS_OP(smb_full_audit_aio_suspend),SMB_VFS_OP_AIO_SUSPEND,
507 SMB_VFS_LAYER_LOGGER},
509 /* Finish VFS operations definition */
511 {SMB_VFS_OP(NULL), SMB_VFS_OP_NOOP,
515 /* The following array *must* be in the same order as defined in vfs.h */
521 { SMB_VFS_OP_CONNECT, "connect" },
522 { SMB_VFS_OP_DISCONNECT, "disconnect" },
523 { SMB_VFS_OP_DISK_FREE, "disk_free" },
524 { SMB_VFS_OP_GET_QUOTA, "get_quota" },
525 { SMB_VFS_OP_SET_QUOTA, "set_quota" },
526 { SMB_VFS_OP_GET_SHADOW_COPY_DATA, "get_shadow_copy_data" },
527 { SMB_VFS_OP_STATVFS, "statvfs" },
528 { SMB_VFS_OP_OPENDIR, "opendir" },
529 { SMB_VFS_OP_READDIR, "readdir" },
530 { SMB_VFS_OP_SEEKDIR, "seekdir" },
531 { SMB_VFS_OP_TELLDIR, "telldir" },
532 { SMB_VFS_OP_REWINDDIR, "rewinddir" },
533 { SMB_VFS_OP_MKDIR, "mkdir" },
534 { SMB_VFS_OP_RMDIR, "rmdir" },
535 { SMB_VFS_OP_CLOSEDIR, "closedir" },
536 { SMB_VFS_OP_OPEN, "open" },
537 { SMB_VFS_OP_CLOSE, "close" },
538 { SMB_VFS_OP_READ, "read" },
539 { SMB_VFS_OP_PREAD, "pread" },
540 { SMB_VFS_OP_WRITE, "write" },
541 { SMB_VFS_OP_PWRITE, "pwrite" },
542 { SMB_VFS_OP_LSEEK, "lseek" },
543 { SMB_VFS_OP_SENDFILE, "sendfile" },
544 { SMB_VFS_OP_RENAME, "rename" },
545 { SMB_VFS_OP_FSYNC, "fsync" },
546 { SMB_VFS_OP_STAT, "stat" },
547 { SMB_VFS_OP_FSTAT, "fstat" },
548 { SMB_VFS_OP_LSTAT, "lstat" },
549 { SMB_VFS_OP_UNLINK, "unlink" },
550 { SMB_VFS_OP_CHMOD, "chmod" },
551 { SMB_VFS_OP_FCHMOD, "fchmod" },
552 { SMB_VFS_OP_CHOWN, "chown" },
553 { SMB_VFS_OP_FCHOWN, "fchown" },
554 { SMB_VFS_OP_CHDIR, "chdir" },
555 { SMB_VFS_OP_GETWD, "getwd" },
556 { SMB_VFS_OP_NTIMES, "ntimes" },
557 { SMB_VFS_OP_FTRUNCATE, "ftruncate" },
558 { SMB_VFS_OP_LOCK, "lock" },
559 { SMB_VFS_OP_KERNEL_FLOCK, "kernel_flock" },
560 { SMB_VFS_OP_LINUX_SETLEASE, "linux_setlease" },
561 { SMB_VFS_OP_GETLOCK, "getlock" },
562 { SMB_VFS_OP_SYMLINK, "symlink" },
563 { SMB_VFS_OP_READLINK, "readlink" },
564 { SMB_VFS_OP_LINK, "link" },
565 { SMB_VFS_OP_MKNOD, "mknod" },
566 { SMB_VFS_OP_REALPATH, "realpath" },
567 { SMB_VFS_OP_CHFLAGS, "chflags" },
568 { SMB_VFS_OP_FGET_NT_ACL, "fget_nt_acl" },
569 { SMB_VFS_OP_GET_NT_ACL, "get_nt_acl" },
570 { SMB_VFS_OP_FSET_NT_ACL, "fset_nt_acl" },
571 { SMB_VFS_OP_SET_NT_ACL, "set_nt_acl" },
572 { SMB_VFS_OP_CHMOD_ACL, "chmod_acl" },
573 { SMB_VFS_OP_FCHMOD_ACL, "fchmod_acl" },
574 { SMB_VFS_OP_SYS_ACL_GET_ENTRY, "sys_acl_get_entry" },
575 { SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE, "sys_acl_get_tag_type" },
576 { SMB_VFS_OP_SYS_ACL_GET_PERMSET, "sys_acl_get_permset" },
577 { SMB_VFS_OP_SYS_ACL_GET_QUALIFIER, "sys_acl_get_qualifier" },
578 { SMB_VFS_OP_SYS_ACL_GET_FILE, "sys_acl_get_file" },
579 { SMB_VFS_OP_SYS_ACL_GET_FD, "sys_acl_get_fd" },
580 { SMB_VFS_OP_SYS_ACL_CLEAR_PERMS, "sys_acl_clear_perms" },
581 { SMB_VFS_OP_SYS_ACL_ADD_PERM, "sys_acl_add_perm" },
582 { SMB_VFS_OP_SYS_ACL_TO_TEXT, "sys_acl_to_text" },
583 { SMB_VFS_OP_SYS_ACL_INIT, "sys_acl_init" },
584 { SMB_VFS_OP_SYS_ACL_CREATE_ENTRY, "sys_acl_create_entry" },
585 { SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE, "sys_acl_set_tag_type" },
586 { SMB_VFS_OP_SYS_ACL_SET_QUALIFIER, "sys_acl_set_qualifier" },
587 { SMB_VFS_OP_SYS_ACL_SET_PERMSET, "sys_acl_set_permset" },
588 { SMB_VFS_OP_SYS_ACL_VALID, "sys_acl_valid" },
589 { SMB_VFS_OP_SYS_ACL_SET_FILE, "sys_acl_set_file" },
590 { SMB_VFS_OP_SYS_ACL_SET_FD, "sys_acl_set_fd" },
591 { SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE, "sys_acl_delete_def_file" },
592 { SMB_VFS_OP_SYS_ACL_GET_PERM, "sys_acl_get_perm" },
593 { SMB_VFS_OP_SYS_ACL_FREE_TEXT, "sys_acl_free_text" },
594 { SMB_VFS_OP_SYS_ACL_FREE_ACL, "sys_acl_free_acl" },
595 { SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER, "sys_acl_free_qualifier" },
596 { SMB_VFS_OP_GETXATTR, "getxattr" },
597 { SMB_VFS_OP_LGETXATTR, "lgetxattr" },
598 { SMB_VFS_OP_FGETXATTR, "fgetxattr" },
599 { SMB_VFS_OP_LISTXATTR, "listxattr" },
600 { SMB_VFS_OP_LLISTXATTR, "llistxattr" },
601 { SMB_VFS_OP_FLISTXATTR, "flistxattr" },
602 { SMB_VFS_OP_REMOVEXATTR, "removexattr" },
603 { SMB_VFS_OP_LREMOVEXATTR, "lremovexattr" },
604 { SMB_VFS_OP_FREMOVEXATTR, "fremovexattr" },
605 { SMB_VFS_OP_SETXATTR, "setxattr" },
606 { SMB_VFS_OP_LSETXATTR, "lsetxattr" },
607 { SMB_VFS_OP_FSETXATTR, "fsetxattr" },
608 { SMB_VFS_OP_AIO_READ, "aio_read" },
609 { SMB_VFS_OP_AIO_WRITE, "aio_write" },
610 { SMB_VFS_OP_AIO_RETURN,"aio_return" },
611 { SMB_VFS_OP_AIO_CANCEL,"aio_cancel" },
612 { SMB_VFS_OP_AIO_ERROR, "aio_error" },
613 { SMB_VFS_OP_AIO_FSYNC, "aio_fsync" },
614 { SMB_VFS_OP_AIO_SUSPEND,"aio_suspend" },
615 { SMB_VFS_OP_LAST, NULL }
618 static int audit_syslog_facility(vfs_handle_struct *handle)
620 static const struct enum_list enum_log_facilities[] = {
621 { LOG_USER, "USER" },
622 { LOG_LOCAL0, "LOCAL0" },
623 { LOG_LOCAL1, "LOCAL1" },
624 { LOG_LOCAL2, "LOCAL2" },
625 { LOG_LOCAL3, "LOCAL3" },
626 { LOG_LOCAL4, "LOCAL4" },
627 { LOG_LOCAL5, "LOCAL5" },
628 { LOG_LOCAL6, "LOCAL6" },
629 { LOG_LOCAL7, "LOCAL7" }
634 facility = lp_parm_enum(SNUM(handle->conn), "full_audit", "facility", enum_log_facilities, LOG_USER);
639 static int audit_syslog_priority(vfs_handle_struct *handle)
641 static const struct enum_list enum_log_priorities[] = {
642 { LOG_EMERG, "EMERG" },
643 { LOG_ALERT, "ALERT" },
644 { LOG_CRIT, "CRIT" },
646 { LOG_WARNING, "WARNING" },
647 { LOG_NOTICE, "NOTICE" },
648 { LOG_INFO, "INFO" },
649 { LOG_DEBUG, "DEBUG" }
654 priority = lp_parm_enum(SNUM(handle->conn), "full_audit", "priority", enum_log_priorities, LOG_NOTICE);
659 static char *audit_prefix(connection_struct *conn)
661 static pstring prefix;
663 pstrcpy(prefix, lp_parm_const_string(SNUM(conn), "full_audit",
665 standard_sub_advanced(lp_servicename(SNUM(conn)), conn->user,
666 conn->connectpath, conn->gid,
667 get_current_username(),
668 current_user_info.domain,
669 prefix, sizeof(prefix));
673 static BOOL log_success(vfs_handle_struct *handle, vfs_op_type op)
675 struct vfs_full_audit_private_data *pd = NULL;
677 SMB_VFS_HANDLE_GET_DATA(handle, pd,
678 struct vfs_full_audit_private_data,
681 if (pd->success_ops == NULL) {
685 return bitmap_query(pd->success_ops, op);
688 static BOOL log_failure(vfs_handle_struct *handle, vfs_op_type op)
690 struct vfs_full_audit_private_data *pd = NULL;
692 SMB_VFS_HANDLE_GET_DATA(handle, pd,
693 struct vfs_full_audit_private_data,
696 if (pd->failure_ops == NULL)
699 return bitmap_query(pd->failure_ops, op);
702 static void init_bitmap(struct bitmap **bm, const char **ops)
704 BOOL log_all = False;
709 *bm = bitmap_allocate(SMB_VFS_OP_LAST);
712 DEBUG(0, ("Could not alloc bitmap -- "
713 "defaulting to logging everything\n"));
717 while (*ops != NULL) {
721 if (strequal(*ops, "all")) {
726 if (strequal(*ops, "none")) {
730 for (i=0; i<SMB_VFS_OP_LAST; i++) {
731 if (vfs_op_names[i].name == NULL) {
732 smb_panic("vfs_full_audit.c: name table not "
733 "in sync with vfs.h\n");
736 if (strequal(*ops, vfs_op_names[i].name)) {
742 DEBUG(0, ("Could not find opname %s, logging all\n",
751 /* The query functions default to True */
757 static const char *audit_opname(vfs_op_type op)
759 if (op >= SMB_VFS_OP_LAST)
760 return "INVALID VFS OP";
761 return vfs_op_names[op].name;
764 static void do_log(vfs_op_type op, BOOL success, vfs_handle_struct *handle,
765 const char *format, ...)
771 if (success && (!log_success(handle, op)))
774 if (!success && (!log_failure(handle, op)))
778 fstrcpy(err_msg, "ok");
780 fstr_sprintf(err_msg, "fail (%s)", strerror(errno));
782 va_start(ap, format);
783 vsnprintf(op_msg, sizeof(op_msg), format, ap);
786 syslog(audit_syslog_priority(handle), "%s|%s|%s|%s\n",
787 audit_prefix(handle->conn), audit_opname(op), err_msg, op_msg);
792 /* Free function for the private data. */
794 static void free_private_data(void **p_data)
796 struct vfs_full_audit_private_data *pd = *(struct vfs_full_audit_private_data **)p_data;
798 if (pd->success_ops) {
799 bitmap_free(pd->success_ops);
801 if (pd->failure_ops) {
802 bitmap_free(pd->failure_ops);
808 /* Implementation of vfs_ops. Pass everything on to the default
809 operation but log event first. */
811 static int smb_full_audit_connect(vfs_handle_struct *handle,
812 const char *svc, const char *user)
815 struct vfs_full_audit_private_data *pd = NULL;
816 const char *none[] = { NULL };
817 const char *all [] = { "all" };
823 pd = SMB_MALLOC_P(struct vfs_full_audit_private_data);
829 openlog("smbd_audit", 0, audit_syslog_facility(handle));
831 init_bitmap(&pd->success_ops,
832 lp_parm_string_list(SNUM(handle->conn), "full_audit", "success",
834 init_bitmap(&pd->failure_ops,
835 lp_parm_string_list(SNUM(handle->conn), "full_audit", "failure",
838 /* Store the private data. */
839 SMB_VFS_HANDLE_SET_DATA(handle, pd, free_private_data,
840 struct vfs_full_audit_private_data, return -1);
842 result = SMB_VFS_NEXT_CONNECT(handle, svc, user);
844 do_log(SMB_VFS_OP_CONNECT, True, handle,
850 static void smb_full_audit_disconnect(vfs_handle_struct *handle)
852 SMB_VFS_NEXT_DISCONNECT(handle);
854 do_log(SMB_VFS_OP_DISCONNECT, True, handle,
855 "%s", lp_servicename(SNUM(handle->conn)));
857 /* The bitmaps will be disconnected when the private
863 static SMB_BIG_UINT smb_full_audit_disk_free(vfs_handle_struct *handle,
865 BOOL small_query, SMB_BIG_UINT *bsize,
866 SMB_BIG_UINT *dfree, SMB_BIG_UINT *dsize)
870 result = SMB_VFS_NEXT_DISK_FREE(handle, path, small_query, bsize,
873 /* Don't have a reasonable notion of failure here */
875 do_log(SMB_VFS_OP_DISK_FREE, True, handle, "%s", path);
880 static int smb_full_audit_get_quota(struct vfs_handle_struct *handle,
881 enum SMB_QUOTA_TYPE qtype, unid_t id,
886 result = SMB_VFS_NEXT_GET_QUOTA(handle, qtype, id, qt);
888 do_log(SMB_VFS_OP_GET_QUOTA, (result >= 0), handle, "");
894 static int smb_full_audit_set_quota(struct vfs_handle_struct *handle,
895 enum SMB_QUOTA_TYPE qtype, unid_t id,
900 result = SMB_VFS_NEXT_SET_QUOTA(handle, qtype, id, qt);
902 do_log(SMB_VFS_OP_SET_QUOTA, (result >= 0), handle, "");
907 static int smb_full_audit_get_shadow_copy_data(struct vfs_handle_struct *handle,
908 struct files_struct *fsp,
909 SHADOW_COPY_DATA *shadow_copy_data, BOOL labels)
913 result = SMB_VFS_NEXT_GET_SHADOW_COPY_DATA(handle, fsp, shadow_copy_data, labels);
915 do_log(SMB_VFS_OP_GET_SHADOW_COPY_DATA, (result >= 0), handle, "");
920 static int smb_full_audit_statvfs(struct vfs_handle_struct *handle,
922 struct vfs_statvfs_struct *statbuf)
926 result = SMB_VFS_NEXT_STATVFS(handle, path, statbuf);
928 do_log(SMB_VFS_OP_STATVFS, (result >= 0), handle, "");
933 static SMB_STRUCT_DIR *smb_full_audit_opendir(vfs_handle_struct *handle,
934 const char *fname, const char *mask, uint32 attr)
936 SMB_STRUCT_DIR *result;
938 result = SMB_VFS_NEXT_OPENDIR(handle, fname, mask, attr);
940 do_log(SMB_VFS_OP_OPENDIR, (result != NULL), handle, "%s", fname);
945 static SMB_STRUCT_DIRENT *smb_full_audit_readdir(vfs_handle_struct *handle,
946 SMB_STRUCT_DIR *dirp)
948 SMB_STRUCT_DIRENT *result;
950 result = SMB_VFS_NEXT_READDIR(handle, dirp);
952 /* This operation has no reasonable error condition
953 * (End of dir is also failure), so always succeed.
955 do_log(SMB_VFS_OP_READDIR, True, handle, "");
960 static void smb_full_audit_seekdir(vfs_handle_struct *handle,
961 SMB_STRUCT_DIR *dirp, long offset)
963 SMB_VFS_NEXT_SEEKDIR(handle, dirp, offset);
965 do_log(SMB_VFS_OP_SEEKDIR, True, handle, "");
969 static long smb_full_audit_telldir(vfs_handle_struct *handle,
970 SMB_STRUCT_DIR *dirp)
974 result = SMB_VFS_NEXT_TELLDIR(handle, dirp);
976 do_log(SMB_VFS_OP_TELLDIR, True, handle, "");
981 static void smb_full_audit_rewinddir(vfs_handle_struct *handle,
982 SMB_STRUCT_DIR *dirp)
984 SMB_VFS_NEXT_REWINDDIR(handle, dirp);
986 do_log(SMB_VFS_OP_REWINDDIR, True, handle, "");
990 static int smb_full_audit_mkdir(vfs_handle_struct *handle,
991 const char *path, mode_t mode)
995 result = SMB_VFS_NEXT_MKDIR(handle, path, mode);
997 do_log(SMB_VFS_OP_MKDIR, (result >= 0), handle, "%s", path);
1002 static int smb_full_audit_rmdir(vfs_handle_struct *handle,
1007 result = SMB_VFS_NEXT_RMDIR(handle, path);
1009 do_log(SMB_VFS_OP_RMDIR, (result >= 0), handle, "%s", path);
1014 static int smb_full_audit_closedir(vfs_handle_struct *handle,
1015 SMB_STRUCT_DIR *dirp)
1019 result = SMB_VFS_NEXT_CLOSEDIR(handle, dirp);
1021 do_log(SMB_VFS_OP_CLOSEDIR, (result >= 0), handle, "");
1026 static int smb_full_audit_open(vfs_handle_struct *handle,
1027 const char *fname, files_struct *fsp, int flags, mode_t mode)
1031 result = SMB_VFS_NEXT_OPEN(handle, fname, fsp, flags, mode);
1033 do_log(SMB_VFS_OP_OPEN, (result >= 0), handle, "%s|%s",
1034 ((flags & O_WRONLY) || (flags & O_RDWR))?"w":"r",
1040 static int smb_full_audit_close(vfs_handle_struct *handle, files_struct *fsp, int fd)
1044 result = SMB_VFS_NEXT_CLOSE(handle, fsp, fd);
1046 do_log(SMB_VFS_OP_CLOSE, (result >= 0), handle, "%s", fsp->fsp_name);
1051 static ssize_t smb_full_audit_read(vfs_handle_struct *handle, files_struct *fsp,
1052 int fd, void *data, size_t n)
1056 result = SMB_VFS_NEXT_READ(handle, fsp, fd, data, n);
1058 do_log(SMB_VFS_OP_READ, (result >= 0), handle, "%s", fsp->fsp_name);
1063 static ssize_t smb_full_audit_pread(vfs_handle_struct *handle, files_struct *fsp,
1064 int fd, void *data, size_t n, SMB_OFF_T offset)
1068 result = SMB_VFS_NEXT_PREAD(handle, fsp, fd, data, n, offset);
1070 do_log(SMB_VFS_OP_PREAD, (result >= 0), handle, "%s", fsp->fsp_name);
1075 static ssize_t smb_full_audit_write(vfs_handle_struct *handle, files_struct *fsp,
1076 int fd, const void *data, size_t n)
1080 result = SMB_VFS_NEXT_WRITE(handle, fsp, fd, data, n);
1082 do_log(SMB_VFS_OP_WRITE, (result >= 0), handle, "%s", fsp->fsp_name);
1087 static ssize_t smb_full_audit_pwrite(vfs_handle_struct *handle, files_struct *fsp,
1088 int fd, const void *data, size_t n,
1093 result = SMB_VFS_NEXT_PWRITE(handle, fsp, fd, data, n, offset);
1095 do_log(SMB_VFS_OP_PWRITE, (result >= 0), handle, "%s", fsp->fsp_name);
1100 static SMB_OFF_T smb_full_audit_lseek(vfs_handle_struct *handle, files_struct *fsp,
1101 int filedes, SMB_OFF_T offset, int whence)
1105 result = SMB_VFS_NEXT_LSEEK(handle, fsp, filedes, offset, whence);
1107 do_log(SMB_VFS_OP_LSEEK, (result != (ssize_t)-1), handle,
1108 "%s", fsp->fsp_name);
1113 static ssize_t smb_full_audit_sendfile(vfs_handle_struct *handle, int tofd,
1114 files_struct *fsp, int fromfd,
1115 const DATA_BLOB *hdr, SMB_OFF_T offset,
1120 result = SMB_VFS_NEXT_SENDFILE(handle, tofd, fsp, fromfd, hdr,
1123 do_log(SMB_VFS_OP_SENDFILE, (result >= 0), handle,
1124 "%s", fsp->fsp_name);
1129 static int smb_full_audit_rename(vfs_handle_struct *handle,
1130 const char *oldname, const char *newname)
1134 result = SMB_VFS_NEXT_RENAME(handle, oldname, newname);
1136 do_log(SMB_VFS_OP_RENAME, (result >= 0), handle, "%s|%s", oldname, newname);
1141 static int smb_full_audit_fsync(vfs_handle_struct *handle, files_struct *fsp, int fd)
1145 result = SMB_VFS_NEXT_FSYNC(handle, fsp, fd);
1147 do_log(SMB_VFS_OP_FSYNC, (result >= 0), handle, "%s", fsp->fsp_name);
1152 static int smb_full_audit_stat(vfs_handle_struct *handle,
1153 const char *fname, SMB_STRUCT_STAT *sbuf)
1157 result = SMB_VFS_NEXT_STAT(handle, fname, sbuf);
1159 do_log(SMB_VFS_OP_STAT, (result >= 0), handle, "%s", fname);
1164 static int smb_full_audit_fstat(vfs_handle_struct *handle, files_struct *fsp, int fd,
1165 SMB_STRUCT_STAT *sbuf)
1169 result = SMB_VFS_NEXT_FSTAT(handle, fsp, fd, sbuf);
1171 do_log(SMB_VFS_OP_FSTAT, (result >= 0), handle, "%s", fsp->fsp_name);
1176 static int smb_full_audit_lstat(vfs_handle_struct *handle,
1177 const char *path, SMB_STRUCT_STAT *sbuf)
1181 result = SMB_VFS_NEXT_LSTAT(handle, path, sbuf);
1183 do_log(SMB_VFS_OP_LSTAT, (result >= 0), handle, "%s", path);
1188 static int smb_full_audit_unlink(vfs_handle_struct *handle,
1193 result = SMB_VFS_NEXT_UNLINK(handle, path);
1195 do_log(SMB_VFS_OP_UNLINK, (result >= 0), handle, "%s", path);
1200 static int smb_full_audit_chmod(vfs_handle_struct *handle,
1201 const char *path, mode_t mode)
1205 result = SMB_VFS_NEXT_CHMOD(handle, path, mode);
1207 do_log(SMB_VFS_OP_CHMOD, (result >= 0), handle, "%s|%o", path, mode);
1212 static int smb_full_audit_fchmod(vfs_handle_struct *handle, files_struct *fsp, int fd,
1217 result = SMB_VFS_NEXT_FCHMOD(handle, fsp, fd, mode);
1219 do_log(SMB_VFS_OP_FCHMOD, (result >= 0), handle,
1220 "%s|%o", fsp->fsp_name, mode);
1225 static int smb_full_audit_chown(vfs_handle_struct *handle,
1226 const char *path, uid_t uid, gid_t gid)
1230 result = SMB_VFS_NEXT_CHOWN(handle, path, uid, gid);
1232 do_log(SMB_VFS_OP_CHOWN, (result >= 0), handle, "%s|%ld|%ld",
1233 path, (long int)uid, (long int)gid);
1238 static int smb_full_audit_fchown(vfs_handle_struct *handle, files_struct *fsp, int fd,
1239 uid_t uid, gid_t gid)
1243 result = SMB_VFS_NEXT_FCHOWN(handle, fsp, fd, uid, gid);
1245 do_log(SMB_VFS_OP_FCHOWN, (result >= 0), handle, "%s|%ld|%ld",
1246 fsp->fsp_name, (long int)uid, (long int)gid);
1251 static int smb_full_audit_chdir(vfs_handle_struct *handle,
1256 result = SMB_VFS_NEXT_CHDIR(handle, path);
1258 do_log(SMB_VFS_OP_CHDIR, (result >= 0), handle, "chdir|%s", path);
1263 static char *smb_full_audit_getwd(vfs_handle_struct *handle,
1268 result = SMB_VFS_NEXT_GETWD(handle, path);
1270 do_log(SMB_VFS_OP_GETWD, (result != NULL), handle, "%s", path);
1275 static int smb_full_audit_ntimes(vfs_handle_struct *handle,
1276 const char *path, const struct timespec ts[2])
1280 result = SMB_VFS_NEXT_NTIMES(handle, path, ts);
1282 do_log(SMB_VFS_OP_NTIMES, (result >= 0), handle, "%s", path);
1287 static int smb_full_audit_ftruncate(vfs_handle_struct *handle, files_struct *fsp,
1288 int fd, SMB_OFF_T len)
1292 result = SMB_VFS_NEXT_FTRUNCATE(handle, fsp, fd, len);
1294 do_log(SMB_VFS_OP_FTRUNCATE, (result >= 0), handle,
1295 "%s", fsp->fsp_name);
1300 static BOOL smb_full_audit_lock(vfs_handle_struct *handle, files_struct *fsp, int fd,
1301 int op, SMB_OFF_T offset, SMB_OFF_T count, int type)
1305 result = SMB_VFS_NEXT_LOCK(handle, fsp, fd, op, offset, count, type);
1307 do_log(SMB_VFS_OP_LOCK, (result >= 0), handle, "%s", fsp->fsp_name);
1312 static int smb_full_audit_kernel_flock(struct vfs_handle_struct *handle,
1313 struct files_struct *fsp, int fd,
1318 result = SMB_VFS_NEXT_KERNEL_FLOCK(handle, fsp, fd, share_mode);
1320 do_log(SMB_VFS_OP_KERNEL_FLOCK, (result >= 0), handle, "%s",
1326 static int smb_full_audit_linux_setlease(vfs_handle_struct *handle, files_struct *fsp,
1327 int fd, int leasetype)
1331 result = SMB_VFS_NEXT_LINUX_SETLEASE(handle, fsp, fd, leasetype);
1333 do_log(SMB_VFS_OP_LINUX_SETLEASE, (result >= 0), handle, "%s",
1339 static BOOL smb_full_audit_getlock(vfs_handle_struct *handle, files_struct *fsp, int fd,
1340 SMB_OFF_T *poffset, SMB_OFF_T *pcount, int *ptype, pid_t *ppid)
1344 result = SMB_VFS_NEXT_GETLOCK(handle, fsp, fd, poffset, pcount, ptype, ppid);
1346 do_log(SMB_VFS_OP_GETLOCK, (result >= 0), handle, "%s", fsp->fsp_name);
1351 static int smb_full_audit_symlink(vfs_handle_struct *handle,
1352 const char *oldpath, const char *newpath)
1356 result = SMB_VFS_NEXT_SYMLINK(handle, oldpath, newpath);
1358 do_log(SMB_VFS_OP_SYMLINK, (result >= 0), handle,
1359 "%s|%s", oldpath, newpath);
1364 static int smb_full_audit_readlink(vfs_handle_struct *handle,
1365 const char *path, char *buf, size_t bufsiz)
1369 result = SMB_VFS_NEXT_READLINK(handle, path, buf, bufsiz);
1371 do_log(SMB_VFS_OP_READLINK, (result >= 0), handle, "%s", path);
1376 static int smb_full_audit_link(vfs_handle_struct *handle,
1377 const char *oldpath, const char *newpath)
1381 result = SMB_VFS_NEXT_LINK(handle, oldpath, newpath);
1383 do_log(SMB_VFS_OP_LINK, (result >= 0), handle,
1384 "%s|%s", oldpath, newpath);
1389 static int smb_full_audit_mknod(vfs_handle_struct *handle,
1390 const char *pathname, mode_t mode, SMB_DEV_T dev)
1394 result = SMB_VFS_NEXT_MKNOD(handle, pathname, mode, dev);
1396 do_log(SMB_VFS_OP_MKNOD, (result >= 0), handle, "%s", pathname);
1401 static char *smb_full_audit_realpath(vfs_handle_struct *handle,
1402 const char *path, char *resolved_path)
1406 result = SMB_VFS_NEXT_REALPATH(handle, path, resolved_path);
1408 do_log(SMB_VFS_OP_REALPATH, (result != NULL), handle, "%s", path);
1413 static int smb_full_audit_chflags(vfs_handle_struct *handle,
1414 const char *path, uint flags)
1418 result = SMB_VFS_NEXT_CHFLAGS(handle, path, flags);
1420 do_log(SMB_VFS_OP_CHFLAGS, (result != 0), handle, "%s", path);
1425 static size_t smb_full_audit_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
1426 int fd, uint32 security_info,
1431 result = SMB_VFS_NEXT_FGET_NT_ACL(handle, fsp, fd, security_info,
1434 do_log(SMB_VFS_OP_FGET_NT_ACL, (result > 0), handle,
1435 "%s", fsp->fsp_name);
1440 static size_t smb_full_audit_get_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
1441 const char *name, uint32 security_info,
1446 result = SMB_VFS_NEXT_GET_NT_ACL(handle, fsp, name, security_info,
1449 do_log(SMB_VFS_OP_GET_NT_ACL, (result > 0), handle,
1450 "%s", fsp->fsp_name);
1455 static BOOL smb_full_audit_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
1456 int fd, uint32 security_info_sent,
1461 result = SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, fd, security_info_sent,
1464 do_log(SMB_VFS_OP_FSET_NT_ACL, result, handle, "%s", fsp->fsp_name);
1469 static BOOL smb_full_audit_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
1470 const char *name, uint32 security_info_sent,
1475 result = SMB_VFS_NEXT_SET_NT_ACL(handle, fsp, name, security_info_sent,
1478 do_log(SMB_VFS_OP_SET_NT_ACL, result, handle, "%s", fsp->fsp_name);
1483 static int smb_full_audit_chmod_acl(vfs_handle_struct *handle,
1484 const char *path, mode_t mode)
1488 result = SMB_VFS_NEXT_CHMOD_ACL(handle, path, mode);
1490 do_log(SMB_VFS_OP_CHMOD_ACL, (result >= 0), handle,
1491 "%s|%o", path, mode);
1496 static int smb_full_audit_fchmod_acl(vfs_handle_struct *handle, files_struct *fsp,
1497 int fd, mode_t mode)
1501 result = SMB_VFS_NEXT_FCHMOD_ACL(handle, fsp, fd, mode);
1503 do_log(SMB_VFS_OP_FCHMOD_ACL, (result >= 0), handle,
1504 "%s|%o", fsp->fsp_name, mode);
1509 static int smb_full_audit_sys_acl_get_entry(vfs_handle_struct *handle,
1511 SMB_ACL_T theacl, int entry_id,
1512 SMB_ACL_ENTRY_T *entry_p)
1516 result = SMB_VFS_NEXT_SYS_ACL_GET_ENTRY(handle, theacl, entry_id,
1519 do_log(SMB_VFS_OP_SYS_ACL_GET_ENTRY, (result >= 0), handle,
1525 static int smb_full_audit_sys_acl_get_tag_type(vfs_handle_struct *handle,
1527 SMB_ACL_ENTRY_T entry_d,
1528 SMB_ACL_TAG_T *tag_type_p)
1532 result = SMB_VFS_NEXT_SYS_ACL_GET_TAG_TYPE(handle, entry_d,
1535 do_log(SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE, (result >= 0), handle,
1541 static int smb_full_audit_sys_acl_get_permset(vfs_handle_struct *handle,
1543 SMB_ACL_ENTRY_T entry_d,
1544 SMB_ACL_PERMSET_T *permset_p)
1548 result = SMB_VFS_NEXT_SYS_ACL_GET_PERMSET(handle, entry_d,
1551 do_log(SMB_VFS_OP_SYS_ACL_GET_PERMSET, (result >= 0), handle,
1557 static void * smb_full_audit_sys_acl_get_qualifier(vfs_handle_struct *handle,
1559 SMB_ACL_ENTRY_T entry_d)
1563 result = SMB_VFS_NEXT_SYS_ACL_GET_QUALIFIER(handle, entry_d);
1565 do_log(SMB_VFS_OP_SYS_ACL_GET_QUALIFIER, (result != NULL), handle,
1571 static SMB_ACL_T smb_full_audit_sys_acl_get_file(vfs_handle_struct *handle,
1573 SMB_ACL_TYPE_T type)
1577 result = SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p, type);
1579 do_log(SMB_VFS_OP_SYS_ACL_GET_FILE, (result != NULL), handle,
1585 static SMB_ACL_T smb_full_audit_sys_acl_get_fd(vfs_handle_struct *handle,
1586 files_struct *fsp, int fd)
1590 result = SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp, fd);
1592 do_log(SMB_VFS_OP_SYS_ACL_GET_FD, (result != NULL), handle,
1593 "%s", fsp->fsp_name);
1598 static int smb_full_audit_sys_acl_clear_perms(vfs_handle_struct *handle,
1600 SMB_ACL_PERMSET_T permset)
1604 result = SMB_VFS_NEXT_SYS_ACL_CLEAR_PERMS(handle, permset);
1606 do_log(SMB_VFS_OP_SYS_ACL_CLEAR_PERMS, (result >= 0), handle,
1612 static int smb_full_audit_sys_acl_add_perm(vfs_handle_struct *handle,
1614 SMB_ACL_PERMSET_T permset,
1615 SMB_ACL_PERM_T perm)
1619 result = SMB_VFS_NEXT_SYS_ACL_ADD_PERM(handle, permset, perm);
1621 do_log(SMB_VFS_OP_SYS_ACL_ADD_PERM, (result >= 0), handle,
1627 static char * smb_full_audit_sys_acl_to_text(vfs_handle_struct *handle,
1633 result = SMB_VFS_NEXT_SYS_ACL_TO_TEXT(handle, theacl, plen);
1635 do_log(SMB_VFS_OP_SYS_ACL_TO_TEXT, (result != NULL), handle,
1641 static SMB_ACL_T smb_full_audit_sys_acl_init(vfs_handle_struct *handle,
1647 result = SMB_VFS_NEXT_SYS_ACL_INIT(handle, count);
1649 do_log(SMB_VFS_OP_SYS_ACL_INIT, (result != NULL), handle,
1655 static int smb_full_audit_sys_acl_create_entry(vfs_handle_struct *handle,
1657 SMB_ACL_ENTRY_T *pentry)
1661 result = SMB_VFS_NEXT_SYS_ACL_CREATE_ENTRY(handle, pacl, pentry);
1663 do_log(SMB_VFS_OP_SYS_ACL_CREATE_ENTRY, (result >= 0), handle,
1669 static int smb_full_audit_sys_acl_set_tag_type(vfs_handle_struct *handle,
1671 SMB_ACL_ENTRY_T entry,
1672 SMB_ACL_TAG_T tagtype)
1676 result = SMB_VFS_NEXT_SYS_ACL_SET_TAG_TYPE(handle, entry,
1679 do_log(SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE, (result >= 0), handle,
1685 static int smb_full_audit_sys_acl_set_qualifier(vfs_handle_struct *handle,
1687 SMB_ACL_ENTRY_T entry,
1692 result = SMB_VFS_NEXT_SYS_ACL_SET_QUALIFIER(handle, entry, qual);
1694 do_log(SMB_VFS_OP_SYS_ACL_SET_QUALIFIER, (result >= 0), handle,
1700 static int smb_full_audit_sys_acl_set_permset(vfs_handle_struct *handle,
1702 SMB_ACL_ENTRY_T entry,
1703 SMB_ACL_PERMSET_T permset)
1707 result = SMB_VFS_NEXT_SYS_ACL_SET_PERMSET(handle, entry, permset);
1709 do_log(SMB_VFS_OP_SYS_ACL_SET_PERMSET, (result >= 0), handle,
1715 static int smb_full_audit_sys_acl_valid(vfs_handle_struct *handle,
1721 result = SMB_VFS_NEXT_SYS_ACL_VALID(handle, theacl);
1723 do_log(SMB_VFS_OP_SYS_ACL_VALID, (result >= 0), handle,
1729 static int smb_full_audit_sys_acl_set_file(vfs_handle_struct *handle,
1731 const char *name, SMB_ACL_TYPE_T acltype,
1736 result = SMB_VFS_NEXT_SYS_ACL_SET_FILE(handle, name, acltype,
1739 do_log(SMB_VFS_OP_SYS_ACL_SET_FILE, (result >= 0), handle,
1745 static int smb_full_audit_sys_acl_set_fd(vfs_handle_struct *handle, files_struct *fsp,
1746 int fd, SMB_ACL_T theacl)
1750 result = SMB_VFS_NEXT_SYS_ACL_SET_FD(handle, fsp, fd, theacl);
1752 do_log(SMB_VFS_OP_SYS_ACL_SET_FD, (result >= 0), handle,
1753 "%s", fsp->fsp_name);
1758 static int smb_full_audit_sys_acl_delete_def_file(vfs_handle_struct *handle,
1764 result = SMB_VFS_NEXT_SYS_ACL_DELETE_DEF_FILE(handle, path);
1766 do_log(SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE, (result >= 0), handle,
1772 static int smb_full_audit_sys_acl_get_perm(vfs_handle_struct *handle,
1774 SMB_ACL_PERMSET_T permset,
1775 SMB_ACL_PERM_T perm)
1779 result = SMB_VFS_NEXT_SYS_ACL_GET_PERM(handle, permset, perm);
1781 do_log(SMB_VFS_OP_SYS_ACL_GET_PERM, (result >= 0), handle,
1787 static int smb_full_audit_sys_acl_free_text(vfs_handle_struct *handle,
1793 result = SMB_VFS_NEXT_SYS_ACL_FREE_TEXT(handle, text);
1795 do_log(SMB_VFS_OP_SYS_ACL_FREE_TEXT, (result >= 0), handle,
1801 static int smb_full_audit_sys_acl_free_acl(vfs_handle_struct *handle,
1803 SMB_ACL_T posix_acl)
1807 result = SMB_VFS_NEXT_SYS_ACL_FREE_ACL(handle, posix_acl);
1809 do_log(SMB_VFS_OP_SYS_ACL_FREE_ACL, (result >= 0), handle,
1815 static int smb_full_audit_sys_acl_free_qualifier(vfs_handle_struct *handle,
1817 SMB_ACL_TAG_T tagtype)
1821 result = SMB_VFS_NEXT_SYS_ACL_FREE_QUALIFIER(handle, qualifier,
1824 do_log(SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER, (result >= 0), handle,
1830 static ssize_t smb_full_audit_getxattr(struct vfs_handle_struct *handle,
1832 const char *name, void *value, size_t size)
1836 result = SMB_VFS_NEXT_GETXATTR(handle, path, name, value, size);
1838 do_log(SMB_VFS_OP_GETXATTR, (result >= 0), handle,
1839 "%s|%s", path, name);
1844 static ssize_t smb_full_audit_lgetxattr(struct vfs_handle_struct *handle,
1845 const char *path, const char *name,
1846 void *value, size_t size)
1850 result = SMB_VFS_NEXT_LGETXATTR(handle, path, name, value, size);
1852 do_log(SMB_VFS_OP_LGETXATTR, (result >= 0), handle,
1853 "%s|%s", path, name);
1858 static ssize_t smb_full_audit_fgetxattr(struct vfs_handle_struct *handle,
1859 struct files_struct *fsp, int fd,
1860 const char *name, void *value, size_t size)
1864 result = SMB_VFS_NEXT_FGETXATTR(handle, fsp, fd, name, value, size);
1866 do_log(SMB_VFS_OP_FGETXATTR, (result >= 0), handle,
1867 "%s|%s", fsp->fsp_name, name);
1872 static ssize_t smb_full_audit_listxattr(struct vfs_handle_struct *handle,
1873 const char *path, char *list, size_t size)
1877 result = SMB_VFS_NEXT_LISTXATTR(handle, path, list, size);
1879 do_log(SMB_VFS_OP_LISTXATTR, (result >= 0), handle, "%s", path);
1884 static ssize_t smb_full_audit_llistxattr(struct vfs_handle_struct *handle,
1885 const char *path, char *list, size_t size)
1889 result = SMB_VFS_NEXT_LLISTXATTR(handle, path, list, size);
1891 do_log(SMB_VFS_OP_LLISTXATTR, (result >= 0), handle, "%s", path);
1896 static ssize_t smb_full_audit_flistxattr(struct vfs_handle_struct *handle,
1897 struct files_struct *fsp, int fd, char *list,
1902 result = SMB_VFS_NEXT_FLISTXATTR(handle, fsp, fd, list, size);
1904 do_log(SMB_VFS_OP_FLISTXATTR, (result >= 0), handle,
1905 "%s", fsp->fsp_name);
1910 static int smb_full_audit_removexattr(struct vfs_handle_struct *handle,
1916 result = SMB_VFS_NEXT_REMOVEXATTR(handle, path, name);
1918 do_log(SMB_VFS_OP_REMOVEXATTR, (result >= 0), handle,
1919 "%s|%s", path, name);
1924 static int smb_full_audit_lremovexattr(struct vfs_handle_struct *handle,
1930 result = SMB_VFS_NEXT_LREMOVEXATTR(handle, path, name);
1932 do_log(SMB_VFS_OP_LREMOVEXATTR, (result >= 0), handle,
1933 "%s|%s", path, name);
1938 static int smb_full_audit_fremovexattr(struct vfs_handle_struct *handle,
1939 struct files_struct *fsp, int fd,
1944 result = SMB_VFS_NEXT_FREMOVEXATTR(handle, fsp, fd, name);
1946 do_log(SMB_VFS_OP_FREMOVEXATTR, (result >= 0), handle,
1947 "%s|%s", fsp->fsp_name, name);
1952 static int smb_full_audit_setxattr(struct vfs_handle_struct *handle,
1954 const char *name, const void *value, size_t size,
1959 result = SMB_VFS_NEXT_SETXATTR(handle, path, name, value, size,
1962 do_log(SMB_VFS_OP_SETXATTR, (result >= 0), handle,
1963 "%s|%s", path, name);
1968 static int smb_full_audit_lsetxattr(struct vfs_handle_struct *handle,
1970 const char *name, const void *value, size_t size,
1975 result = SMB_VFS_NEXT_LSETXATTR(handle, path, name, value, size,
1978 do_log(SMB_VFS_OP_LSETXATTR, (result >= 0), handle,
1979 "%s|%s", path, name);
1984 static int smb_full_audit_fsetxattr(struct vfs_handle_struct *handle,
1985 struct files_struct *fsp, int fd, const char *name,
1986 const void *value, size_t size, int flags)
1990 result = SMB_VFS_NEXT_FSETXATTR(handle, fsp, fd, name, value, size,
1993 do_log(SMB_VFS_OP_FSETXATTR, (result >= 0), handle,
1994 "%s|%s", fsp->fsp_name, name);
1999 static int smb_full_audit_aio_read(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb)
2003 result = SMB_VFS_NEXT_AIO_READ(handle, fsp, aiocb);
2004 do_log(SMB_VFS_OP_AIO_READ, (result >= 0), handle,
2005 "%s", fsp->fsp_name);
2010 static int smb_full_audit_aio_write(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb)
2014 result = SMB_VFS_NEXT_AIO_WRITE(handle, fsp, aiocb);
2015 do_log(SMB_VFS_OP_AIO_WRITE, (result >= 0), handle,
2016 "%s", fsp->fsp_name);
2021 static ssize_t smb_full_audit_aio_return(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb)
2025 result = SMB_VFS_NEXT_AIO_RETURN(handle, fsp, aiocb);
2026 do_log(SMB_VFS_OP_AIO_RETURN, (result >= 0), handle,
2027 "%s", fsp->fsp_name);
2032 static int smb_full_audit_aio_cancel(struct vfs_handle_struct *handle, struct files_struct *fsp, int fd, SMB_STRUCT_AIOCB *aiocb)
2036 result = SMB_VFS_NEXT_AIO_CANCEL(handle, fsp, fd, aiocb);
2037 do_log(SMB_VFS_OP_AIO_CANCEL, (result >= 0), handle,
2038 "%s", fsp->fsp_name);
2043 static int smb_full_audit_aio_error(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb)
2047 result = SMB_VFS_NEXT_AIO_ERROR(handle, fsp, aiocb);
2048 do_log(SMB_VFS_OP_AIO_ERROR, (result >= 0), handle,
2049 "%s", fsp->fsp_name);
2054 static int smb_full_audit_aio_fsync(struct vfs_handle_struct *handle, struct files_struct *fsp, int op, SMB_STRUCT_AIOCB *aiocb)
2058 result = SMB_VFS_NEXT_AIO_FSYNC(handle, fsp, op, aiocb);
2059 do_log(SMB_VFS_OP_AIO_FSYNC, (result >= 0), handle,
2060 "%s", fsp->fsp_name);
2065 static int smb_full_audit_aio_suspend(struct vfs_handle_struct *handle, struct files_struct *fsp, const SMB_STRUCT_AIOCB * const aiocb[], int n, const struct timespec *ts)
2069 result = SMB_VFS_NEXT_AIO_SUSPEND(handle, fsp, aiocb, n, ts);
2070 do_log(SMB_VFS_OP_AIO_SUSPEND, (result >= 0), handle,
2071 "%s", fsp->fsp_name);
2077 NTSTATUS vfs_full_audit_init(void);
2078 NTSTATUS vfs_full_audit_init(void)
2080 NTSTATUS ret = smb_register_vfs(SMB_VFS_INTERFACE_VERSION,
2081 "full_audit", audit_op_tuples);
2083 if (!NT_STATUS_IS_OK(ret))
2086 vfs_full_audit_debug_level = debug_add_class("full_audit");
2087 if (vfs_full_audit_debug_level == -1) {
2088 vfs_full_audit_debug_level = DBGC_VFS;
2089 DEBUG(0, ("vfs_full_audit: Couldn't register custom debugging "
2092 DEBUG(10, ("vfs_full_audit: Debug class number of "
2093 "'full_audit': %d\n", vfs_full_audit_debug_level));
git.samba.org / kamenim / samba-autobuild / .git / blob