2 * Auditing VFS module for samba. Log selected file operations to syslog
5 * Copyright (C) Tim Potter, 1999-2000
6 * Copyright (C) Alexander Bokovoy, 2002
7 * Copyright (C) John H Terpstra, 2003
8 * Copyright (C) Stefan (metze) Metzmacher, 2003
9 * Copyright (C) Volker Lendecke, 2004
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 3 of the License, or
14 * (at your option) any later version.
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, see <http://www.gnu.org/licenses/>.
26 * This module implements parseable logging for all Samba VFS operations.
28 * You use it as follows:
32 * vfs objects = full_audit
33 * full_audit:prefix = %u|%I
34 * full_audit:success = open opendir
35 * full_audit:failure = all
37 * vfs op can be "all" which means log all operations.
38 * vfs op can be "none" which means no logging.
40 * This leads to syslog entries of the form:
41 * smbd_audit: nobody|192.168.234.1|opendir|ok|.
42 * smbd_audit: nobody|192.168.234.1|open|fail (File not found)|r|x.txt
44 * where "nobody" is the connected username and "192.168.234.1" is the
45 * client's IP address.
49 * prefix: A macro expansion template prepended to the syslog entry.
51 * success: A list of VFS operations for which a successful completion should
52 * be logged. Defaults to no logging at all. The special operation "all" logs
53 * - you guessed it - everything.
55 * failure: A list of VFS operations for which failure to complete should be
56 * logged. Defaults to logging everything.
61 #include "system/filesys.h"
62 #include "system/syslog.h"
63 #include "smbd/smbd.h"
64 #include "../librpc/gen_ndr/ndr_netlogon.h"
67 static int vfs_full_audit_debug_level = DBGC_VFS;
69 struct vfs_full_audit_private_data {
70 struct bitmap *success_ops;
71 struct bitmap *failure_ops;
75 #define DBGC_CLASS vfs_full_audit_debug_level
77 typedef enum _vfs_op_type {
82 SMB_VFS_OP_CONNECT = 0,
83 SMB_VFS_OP_DISCONNECT,
87 SMB_VFS_OP_GET_SHADOW_COPY_DATA,
89 SMB_VFS_OP_FS_CAPABILITIES,
91 /* Directory operations */
102 SMB_VFS_OP_INIT_SEARCH_OP,
104 /* File operations */
107 SMB_VFS_OP_CREATE_FILE,
121 SMB_VFS_OP_GET_ALLOC_SIZE,
131 SMB_VFS_OP_FTRUNCATE,
132 SMB_VFS_OP_FALLOCATE,
134 SMB_VFS_OP_KERNEL_FLOCK,
135 SMB_VFS_OP_LINUX_SETLEASE,
142 SMB_VFS_OP_NOTIFY_WATCH,
144 SMB_VFS_OP_FILE_ID_CREATE,
145 SMB_VFS_OP_STREAMINFO,
146 SMB_VFS_OP_GET_REAL_FILENAME,
147 SMB_VFS_OP_CONNECTPATH,
148 SMB_VFS_OP_BRL_LOCK_WINDOWS,
149 SMB_VFS_OP_BRL_UNLOCK_WINDOWS,
150 SMB_VFS_OP_BRL_CANCEL_WINDOWS,
151 SMB_VFS_OP_STRICT_LOCK,
152 SMB_VFS_OP_STRICT_UNLOCK,
153 SMB_VFS_OP_TRANSLATE_NAME,
155 /* NT ACL operations. */
157 SMB_VFS_OP_FGET_NT_ACL,
158 SMB_VFS_OP_GET_NT_ACL,
159 SMB_VFS_OP_FSET_NT_ACL,
161 /* POSIX ACL operations. */
163 SMB_VFS_OP_CHMOD_ACL,
164 SMB_VFS_OP_FCHMOD_ACL,
166 SMB_VFS_OP_SYS_ACL_GET_ENTRY,
167 SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE,
168 SMB_VFS_OP_SYS_ACL_GET_PERMSET,
169 SMB_VFS_OP_SYS_ACL_GET_QUALIFIER,
170 SMB_VFS_OP_SYS_ACL_GET_FILE,
171 SMB_VFS_OP_SYS_ACL_GET_FD,
172 SMB_VFS_OP_SYS_ACL_CLEAR_PERMS,
173 SMB_VFS_OP_SYS_ACL_ADD_PERM,
174 SMB_VFS_OP_SYS_ACL_TO_TEXT,
175 SMB_VFS_OP_SYS_ACL_INIT,
176 SMB_VFS_OP_SYS_ACL_CREATE_ENTRY,
177 SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE,
178 SMB_VFS_OP_SYS_ACL_SET_QUALIFIER,
179 SMB_VFS_OP_SYS_ACL_SET_PERMSET,
180 SMB_VFS_OP_SYS_ACL_VALID,
181 SMB_VFS_OP_SYS_ACL_SET_FILE,
182 SMB_VFS_OP_SYS_ACL_SET_FD,
183 SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE,
184 SMB_VFS_OP_SYS_ACL_GET_PERM,
185 SMB_VFS_OP_SYS_ACL_FREE_TEXT,
186 SMB_VFS_OP_SYS_ACL_FREE_ACL,
187 SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER,
191 SMB_VFS_OP_LGETXATTR,
192 SMB_VFS_OP_FGETXATTR,
193 SMB_VFS_OP_LISTXATTR,
194 SMB_VFS_OP_LLISTXATTR,
195 SMB_VFS_OP_FLISTXATTR,
196 SMB_VFS_OP_REMOVEXATTR,
197 SMB_VFS_OP_LREMOVEXATTR,
198 SMB_VFS_OP_FREMOVEXATTR,
200 SMB_VFS_OP_LSETXATTR,
201 SMB_VFS_OP_FSETXATTR,
205 SMB_VFS_OP_AIO_WRITE,
206 SMB_VFS_OP_AIO_RETURN,
207 SMB_VFS_OP_AIO_CANCEL,
208 SMB_VFS_OP_AIO_ERROR,
209 SMB_VFS_OP_AIO_FSYNC,
210 SMB_VFS_OP_AIO_SUSPEND,
211 SMB_VFS_OP_AIO_FORCE,
213 /* offline operations */
214 SMB_VFS_OP_IS_OFFLINE,
215 SMB_VFS_OP_SET_OFFLINE,
217 /* This should always be last enum value */
222 /* The following array *must* be in the same order as defined in vfs.h */
228 { SMB_VFS_OP_CONNECT, "connect" },
229 { SMB_VFS_OP_DISCONNECT, "disconnect" },
230 { SMB_VFS_OP_DISK_FREE, "disk_free" },
231 { SMB_VFS_OP_GET_QUOTA, "get_quota" },
232 { SMB_VFS_OP_SET_QUOTA, "set_quota" },
233 { SMB_VFS_OP_GET_SHADOW_COPY_DATA, "get_shadow_copy_data" },
234 { SMB_VFS_OP_STATVFS, "statvfs" },
235 { SMB_VFS_OP_FS_CAPABILITIES, "fs_capabilities" },
236 { SMB_VFS_OP_OPENDIR, "opendir" },
237 { SMB_VFS_OP_FDOPENDIR, "fdopendir" },
238 { SMB_VFS_OP_READDIR, "readdir" },
239 { SMB_VFS_OP_SEEKDIR, "seekdir" },
240 { SMB_VFS_OP_TELLDIR, "telldir" },
241 { SMB_VFS_OP_REWINDDIR, "rewinddir" },
242 { SMB_VFS_OP_MKDIR, "mkdir" },
243 { SMB_VFS_OP_RMDIR, "rmdir" },
244 { SMB_VFS_OP_CLOSEDIR, "closedir" },
245 { SMB_VFS_OP_INIT_SEARCH_OP, "init_search_op" },
246 { SMB_VFS_OP_OPEN, "open" },
247 { SMB_VFS_OP_CREATE_FILE, "create_file" },
248 { SMB_VFS_OP_CLOSE, "close" },
249 { SMB_VFS_OP_READ, "read" },
250 { SMB_VFS_OP_PREAD, "pread" },
251 { SMB_VFS_OP_WRITE, "write" },
252 { SMB_VFS_OP_PWRITE, "pwrite" },
253 { SMB_VFS_OP_LSEEK, "lseek" },
254 { SMB_VFS_OP_SENDFILE, "sendfile" },
255 { SMB_VFS_OP_RECVFILE, "recvfile" },
256 { SMB_VFS_OP_RENAME, "rename" },
257 { SMB_VFS_OP_FSYNC, "fsync" },
258 { SMB_VFS_OP_STAT, "stat" },
259 { SMB_VFS_OP_FSTAT, "fstat" },
260 { SMB_VFS_OP_LSTAT, "lstat" },
261 { SMB_VFS_OP_GET_ALLOC_SIZE, "get_alloc_size" },
262 { SMB_VFS_OP_UNLINK, "unlink" },
263 { SMB_VFS_OP_CHMOD, "chmod" },
264 { SMB_VFS_OP_FCHMOD, "fchmod" },
265 { SMB_VFS_OP_CHOWN, "chown" },
266 { SMB_VFS_OP_FCHOWN, "fchown" },
267 { SMB_VFS_OP_LCHOWN, "lchown" },
268 { SMB_VFS_OP_CHDIR, "chdir" },
269 { SMB_VFS_OP_GETWD, "getwd" },
270 { SMB_VFS_OP_NTIMES, "ntimes" },
271 { SMB_VFS_OP_FTRUNCATE, "ftruncate" },
272 { SMB_VFS_OP_FALLOCATE,"fallocate" },
273 { SMB_VFS_OP_LOCK, "lock" },
274 { SMB_VFS_OP_KERNEL_FLOCK, "kernel_flock" },
275 { SMB_VFS_OP_LINUX_SETLEASE, "linux_setlease" },
276 { SMB_VFS_OP_GETLOCK, "getlock" },
277 { SMB_VFS_OP_SYMLINK, "symlink" },
278 { SMB_VFS_OP_READLINK, "readlink" },
279 { SMB_VFS_OP_LINK, "link" },
280 { SMB_VFS_OP_MKNOD, "mknod" },
281 { SMB_VFS_OP_REALPATH, "realpath" },
282 { SMB_VFS_OP_NOTIFY_WATCH, "notify_watch" },
283 { SMB_VFS_OP_CHFLAGS, "chflags" },
284 { SMB_VFS_OP_FILE_ID_CREATE, "file_id_create" },
285 { SMB_VFS_OP_STREAMINFO, "streaminfo" },
286 { SMB_VFS_OP_GET_REAL_FILENAME, "get_real_filename" },
287 { SMB_VFS_OP_CONNECTPATH, "connectpath" },
288 { SMB_VFS_OP_BRL_LOCK_WINDOWS, "brl_lock_windows" },
289 { SMB_VFS_OP_BRL_UNLOCK_WINDOWS, "brl_unlock_windows" },
290 { SMB_VFS_OP_BRL_CANCEL_WINDOWS, "brl_cancel_windows" },
291 { SMB_VFS_OP_STRICT_LOCK, "strict_lock" },
292 { SMB_VFS_OP_STRICT_UNLOCK, "strict_unlock" },
293 { SMB_VFS_OP_TRANSLATE_NAME, "translate_name" },
294 { SMB_VFS_OP_FGET_NT_ACL, "fget_nt_acl" },
295 { SMB_VFS_OP_GET_NT_ACL, "get_nt_acl" },
296 { SMB_VFS_OP_FSET_NT_ACL, "fset_nt_acl" },
297 { SMB_VFS_OP_CHMOD_ACL, "chmod_acl" },
298 { SMB_VFS_OP_FCHMOD_ACL, "fchmod_acl" },
299 { SMB_VFS_OP_SYS_ACL_GET_ENTRY, "sys_acl_get_entry" },
300 { SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE, "sys_acl_get_tag_type" },
301 { SMB_VFS_OP_SYS_ACL_GET_PERMSET, "sys_acl_get_permset" },
302 { SMB_VFS_OP_SYS_ACL_GET_QUALIFIER, "sys_acl_get_qualifier" },
303 { SMB_VFS_OP_SYS_ACL_GET_FILE, "sys_acl_get_file" },
304 { SMB_VFS_OP_SYS_ACL_GET_FD, "sys_acl_get_fd" },
305 { SMB_VFS_OP_SYS_ACL_CLEAR_PERMS, "sys_acl_clear_perms" },
306 { SMB_VFS_OP_SYS_ACL_ADD_PERM, "sys_acl_add_perm" },
307 { SMB_VFS_OP_SYS_ACL_TO_TEXT, "sys_acl_to_text" },
308 { SMB_VFS_OP_SYS_ACL_INIT, "sys_acl_init" },
309 { SMB_VFS_OP_SYS_ACL_CREATE_ENTRY, "sys_acl_create_entry" },
310 { SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE, "sys_acl_set_tag_type" },
311 { SMB_VFS_OP_SYS_ACL_SET_QUALIFIER, "sys_acl_set_qualifier" },
312 { SMB_VFS_OP_SYS_ACL_SET_PERMSET, "sys_acl_set_permset" },
313 { SMB_VFS_OP_SYS_ACL_VALID, "sys_acl_valid" },
314 { SMB_VFS_OP_SYS_ACL_SET_FILE, "sys_acl_set_file" },
315 { SMB_VFS_OP_SYS_ACL_SET_FD, "sys_acl_set_fd" },
316 { SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE, "sys_acl_delete_def_file" },
317 { SMB_VFS_OP_SYS_ACL_GET_PERM, "sys_acl_get_perm" },
318 { SMB_VFS_OP_SYS_ACL_FREE_TEXT, "sys_acl_free_text" },
319 { SMB_VFS_OP_SYS_ACL_FREE_ACL, "sys_acl_free_acl" },
320 { SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER, "sys_acl_free_qualifier" },
321 { SMB_VFS_OP_GETXATTR, "getxattr" },
322 { SMB_VFS_OP_LGETXATTR, "lgetxattr" },
323 { SMB_VFS_OP_FGETXATTR, "fgetxattr" },
324 { SMB_VFS_OP_LISTXATTR, "listxattr" },
325 { SMB_VFS_OP_LLISTXATTR, "llistxattr" },
326 { SMB_VFS_OP_FLISTXATTR, "flistxattr" },
327 { SMB_VFS_OP_REMOVEXATTR, "removexattr" },
328 { SMB_VFS_OP_LREMOVEXATTR, "lremovexattr" },
329 { SMB_VFS_OP_FREMOVEXATTR, "fremovexattr" },
330 { SMB_VFS_OP_SETXATTR, "setxattr" },
331 { SMB_VFS_OP_LSETXATTR, "lsetxattr" },
332 { SMB_VFS_OP_FSETXATTR, "fsetxattr" },
333 { SMB_VFS_OP_AIO_READ, "aio_read" },
334 { SMB_VFS_OP_AIO_WRITE, "aio_write" },
335 { SMB_VFS_OP_AIO_RETURN,"aio_return" },
336 { SMB_VFS_OP_AIO_CANCEL,"aio_cancel" },
337 { SMB_VFS_OP_AIO_ERROR, "aio_error" },
338 { SMB_VFS_OP_AIO_FSYNC, "aio_fsync" },
339 { SMB_VFS_OP_AIO_SUSPEND,"aio_suspend" },
340 { SMB_VFS_OP_AIO_FORCE, "aio_force" },
341 { SMB_VFS_OP_IS_OFFLINE, "is_offline" },
342 { SMB_VFS_OP_SET_OFFLINE, "set_offline" },
343 { SMB_VFS_OP_LAST, NULL }
346 static int audit_syslog_facility(vfs_handle_struct *handle)
348 static const struct enum_list enum_log_facilities[] = {
349 { LOG_USER, "USER" },
350 { LOG_LOCAL0, "LOCAL0" },
351 { LOG_LOCAL1, "LOCAL1" },
352 { LOG_LOCAL2, "LOCAL2" },
353 { LOG_LOCAL3, "LOCAL3" },
354 { LOG_LOCAL4, "LOCAL4" },
355 { LOG_LOCAL5, "LOCAL5" },
356 { LOG_LOCAL6, "LOCAL6" },
357 { LOG_LOCAL7, "LOCAL7" }
362 facility = lp_parm_enum(SNUM(handle->conn), "full_audit", "facility", enum_log_facilities, LOG_USER);
367 static int audit_syslog_priority(vfs_handle_struct *handle)
369 static const struct enum_list enum_log_priorities[] = {
370 { LOG_EMERG, "EMERG" },
371 { LOG_ALERT, "ALERT" },
372 { LOG_CRIT, "CRIT" },
374 { LOG_WARNING, "WARNING" },
375 { LOG_NOTICE, "NOTICE" },
376 { LOG_INFO, "INFO" },
377 { LOG_DEBUG, "DEBUG" }
382 priority = lp_parm_enum(SNUM(handle->conn), "full_audit", "priority",
383 enum_log_priorities, LOG_NOTICE);
384 if (priority == -1) {
385 priority = LOG_WARNING;
391 static char *audit_prefix(TALLOC_CTX *ctx, connection_struct *conn)
396 prefix = talloc_strdup(ctx,
397 lp_parm_const_string(SNUM(conn), "full_audit",
402 result = talloc_sub_advanced(ctx,
403 lp_servicename(SNUM(conn)),
404 conn->session_info->unix_name,
406 conn->session_info->utok.gid,
407 conn->session_info->sanitized_username,
408 conn->session_info->info3->base.domain.string,
414 static bool log_success(vfs_handle_struct *handle, vfs_op_type op)
416 struct vfs_full_audit_private_data *pd = NULL;
418 SMB_VFS_HANDLE_GET_DATA(handle, pd,
419 struct vfs_full_audit_private_data,
422 if (pd->success_ops == NULL) {
426 return bitmap_query(pd->success_ops, op);
429 static bool log_failure(vfs_handle_struct *handle, vfs_op_type op)
431 struct vfs_full_audit_private_data *pd = NULL;
433 SMB_VFS_HANDLE_GET_DATA(handle, pd,
434 struct vfs_full_audit_private_data,
437 if (pd->failure_ops == NULL)
440 return bitmap_query(pd->failure_ops, op);
443 static struct bitmap *init_bitmap(TALLOC_CTX *mem_ctx, const char **ops)
451 bm = bitmap_talloc(mem_ctx, SMB_VFS_OP_LAST);
453 DEBUG(0, ("Could not alloc bitmap -- "
454 "defaulting to logging everything\n"));
458 for (; *ops != NULL; ops += 1) {
463 if (strequal(*ops, "all")) {
464 for (i=0; i<SMB_VFS_OP_LAST; i++) {
470 if (strequal(*ops, "none")) {
480 for (i=0; i<SMB_VFS_OP_LAST; i++) {
481 if (vfs_op_names[i].name == NULL) {
482 smb_panic("vfs_full_audit.c: name table not "
483 "in sync with vfs.h\n");
485 if (strequal(op, vfs_op_names[i].name)) {
494 if (i == SMB_VFS_OP_LAST) {
495 DEBUG(0, ("Could not find opname %s, logging all\n",
504 static const char *audit_opname(vfs_op_type op)
506 if (op >= SMB_VFS_OP_LAST)
507 return "INVALID VFS OP";
508 return vfs_op_names[op].name;
511 static TALLOC_CTX *tmp_do_log_ctx;
513 * Get us a temporary talloc context usable just for DEBUG arguments
515 static TALLOC_CTX *do_log_ctx(void)
517 if (tmp_do_log_ctx == NULL) {
518 tmp_do_log_ctx = talloc_named_const(NULL, 0, "do_log_ctx");
520 return tmp_do_log_ctx;
523 static void do_log(vfs_op_type op, bool success, vfs_handle_struct *handle,
524 const char *format, ...)
527 char *audit_pre = NULL;
532 if (success && (!log_success(handle, op)))
535 if (!success && (!log_failure(handle, op)))
539 fstrcpy(err_msg, "ok");
541 fstr_sprintf(err_msg, "fail (%s)", strerror(errno));
543 va_start(ap, format);
544 op_msg = talloc_vasprintf(talloc_tos(), format, ap);
552 * Specify the facility to interoperate with other syslog callers
553 * (smbd for example).
555 priority = audit_syslog_priority(handle) |
556 audit_syslog_facility(handle);
558 audit_pre = audit_prefix(talloc_tos(), handle->conn);
559 syslog(priority, "%s|%s|%s|%s\n",
560 audit_pre ? audit_pre : "",
561 audit_opname(op), err_msg, op_msg);
564 TALLOC_FREE(audit_pre);
566 TALLOC_FREE(tmp_do_log_ctx);
572 * Return a string using the do_log_ctx()
574 static const char *smb_fname_str_do_log(const struct smb_filename *smb_fname)
579 if (smb_fname == NULL) {
582 status = get_full_smb_filename(do_log_ctx(), smb_fname, &fname);
583 if (!NT_STATUS_IS_OK(status)) {
590 * Return an fsp debug string using the do_log_ctx()
592 static const char *fsp_str_do_log(const struct files_struct *fsp)
594 return smb_fname_str_do_log(fsp->fsp_name);
597 /* Implementation of vfs_ops. Pass everything on to the default
598 operation but log event first. */
600 static int smb_full_audit_connect(vfs_handle_struct *handle,
601 const char *svc, const char *user)
604 struct vfs_full_audit_private_data *pd = NULL;
606 result = SMB_VFS_NEXT_CONNECT(handle, svc, user);
611 pd = TALLOC_ZERO_P(handle, struct vfs_full_audit_private_data);
613 SMB_VFS_NEXT_DISCONNECT(handle);
618 openlog("smbd_audit", 0, audit_syslog_facility(handle));
621 pd->success_ops = init_bitmap(
622 pd, lp_parm_string_list(SNUM(handle->conn), "full_audit",
624 pd->failure_ops = init_bitmap(
625 pd, lp_parm_string_list(SNUM(handle->conn), "full_audit",
628 /* Store the private data. */
629 SMB_VFS_HANDLE_SET_DATA(handle, pd, NULL,
630 struct vfs_full_audit_private_data, return -1);
632 do_log(SMB_VFS_OP_CONNECT, True, handle,
638 static void smb_full_audit_disconnect(vfs_handle_struct *handle)
640 SMB_VFS_NEXT_DISCONNECT(handle);
642 do_log(SMB_VFS_OP_DISCONNECT, True, handle,
643 "%s", lp_servicename(SNUM(handle->conn)));
645 /* The bitmaps will be disconnected when the private
651 static uint64_t smb_full_audit_disk_free(vfs_handle_struct *handle,
653 bool small_query, uint64_t *bsize,
654 uint64_t *dfree, uint64_t *dsize)
658 result = SMB_VFS_NEXT_DISK_FREE(handle, path, small_query, bsize,
661 /* Don't have a reasonable notion of failure here */
663 do_log(SMB_VFS_OP_DISK_FREE, True, handle, "%s", path);
668 static int smb_full_audit_get_quota(struct vfs_handle_struct *handle,
669 enum SMB_QUOTA_TYPE qtype, unid_t id,
674 result = SMB_VFS_NEXT_GET_QUOTA(handle, qtype, id, qt);
676 do_log(SMB_VFS_OP_GET_QUOTA, (result >= 0), handle, "");
682 static int smb_full_audit_set_quota(struct vfs_handle_struct *handle,
683 enum SMB_QUOTA_TYPE qtype, unid_t id,
688 result = SMB_VFS_NEXT_SET_QUOTA(handle, qtype, id, qt);
690 do_log(SMB_VFS_OP_SET_QUOTA, (result >= 0), handle, "");
695 static int smb_full_audit_get_shadow_copy_data(struct vfs_handle_struct *handle,
696 struct files_struct *fsp,
697 SHADOW_COPY_DATA *shadow_copy_data, bool labels)
701 result = SMB_VFS_NEXT_GET_SHADOW_COPY_DATA(handle, fsp, shadow_copy_data, labels);
703 do_log(SMB_VFS_OP_GET_SHADOW_COPY_DATA, (result >= 0), handle, "");
708 static int smb_full_audit_statvfs(struct vfs_handle_struct *handle,
710 struct vfs_statvfs_struct *statbuf)
714 result = SMB_VFS_NEXT_STATVFS(handle, path, statbuf);
716 do_log(SMB_VFS_OP_STATVFS, (result >= 0), handle, "");
721 static uint32_t smb_full_audit_fs_capabilities(struct vfs_handle_struct *handle, enum timestamp_set_resolution *p_ts_res)
725 result = SMB_VFS_NEXT_FS_CAPABILITIES(handle, p_ts_res);
727 do_log(SMB_VFS_OP_FS_CAPABILITIES, true, handle, "");
732 static SMB_STRUCT_DIR *smb_full_audit_opendir(vfs_handle_struct *handle,
733 const char *fname, const char *mask, uint32 attr)
735 SMB_STRUCT_DIR *result;
737 result = SMB_VFS_NEXT_OPENDIR(handle, fname, mask, attr);
739 do_log(SMB_VFS_OP_OPENDIR, (result != NULL), handle, "%s", fname);
744 static SMB_STRUCT_DIR *smb_full_audit_fdopendir(vfs_handle_struct *handle,
745 files_struct *fsp, const char *mask, uint32 attr)
747 SMB_STRUCT_DIR *result;
749 result = SMB_VFS_NEXT_FDOPENDIR(handle, fsp, mask, attr);
751 do_log(SMB_VFS_OP_FDOPENDIR, (result != NULL), handle, "%s",
752 fsp_str_do_log(fsp));
757 static SMB_STRUCT_DIRENT *smb_full_audit_readdir(vfs_handle_struct *handle,
758 SMB_STRUCT_DIR *dirp, SMB_STRUCT_STAT *sbuf)
760 SMB_STRUCT_DIRENT *result;
762 result = SMB_VFS_NEXT_READDIR(handle, dirp, sbuf);
764 /* This operation has no reasonable error condition
765 * (End of dir is also failure), so always succeed.
767 do_log(SMB_VFS_OP_READDIR, True, handle, "");
772 static void smb_full_audit_seekdir(vfs_handle_struct *handle,
773 SMB_STRUCT_DIR *dirp, long offset)
775 SMB_VFS_NEXT_SEEKDIR(handle, dirp, offset);
777 do_log(SMB_VFS_OP_SEEKDIR, True, handle, "");
781 static long smb_full_audit_telldir(vfs_handle_struct *handle,
782 SMB_STRUCT_DIR *dirp)
786 result = SMB_VFS_NEXT_TELLDIR(handle, dirp);
788 do_log(SMB_VFS_OP_TELLDIR, True, handle, "");
793 static void smb_full_audit_rewinddir(vfs_handle_struct *handle,
794 SMB_STRUCT_DIR *dirp)
796 SMB_VFS_NEXT_REWINDDIR(handle, dirp);
798 do_log(SMB_VFS_OP_REWINDDIR, True, handle, "");
802 static int smb_full_audit_mkdir(vfs_handle_struct *handle,
803 const char *path, mode_t mode)
807 result = SMB_VFS_NEXT_MKDIR(handle, path, mode);
809 do_log(SMB_VFS_OP_MKDIR, (result >= 0), handle, "%s", path);
814 static int smb_full_audit_rmdir(vfs_handle_struct *handle,
819 result = SMB_VFS_NEXT_RMDIR(handle, path);
821 do_log(SMB_VFS_OP_RMDIR, (result >= 0), handle, "%s", path);
826 static int smb_full_audit_closedir(vfs_handle_struct *handle,
827 SMB_STRUCT_DIR *dirp)
831 result = SMB_VFS_NEXT_CLOSEDIR(handle, dirp);
833 do_log(SMB_VFS_OP_CLOSEDIR, (result >= 0), handle, "");
838 static void smb_full_audit_init_search_op(vfs_handle_struct *handle,
839 SMB_STRUCT_DIR *dirp)
841 SMB_VFS_NEXT_INIT_SEARCH_OP(handle, dirp);
843 do_log(SMB_VFS_OP_INIT_SEARCH_OP, True, handle, "");
847 static int smb_full_audit_open(vfs_handle_struct *handle,
848 struct smb_filename *smb_fname,
849 files_struct *fsp, int flags, mode_t mode)
853 result = SMB_VFS_NEXT_OPEN(handle, smb_fname, fsp, flags, mode);
855 do_log(SMB_VFS_OP_OPEN, (result >= 0), handle, "%s|%s",
856 ((flags & O_WRONLY) || (flags & O_RDWR))?"w":"r",
857 smb_fname_str_do_log(smb_fname));
862 static NTSTATUS smb_full_audit_create_file(vfs_handle_struct *handle,
863 struct smb_request *req,
864 uint16_t root_dir_fid,
865 struct smb_filename *smb_fname,
866 uint32_t access_mask,
867 uint32_t share_access,
868 uint32_t create_disposition,
869 uint32_t create_options,
870 uint32_t file_attributes,
871 uint32_t oplock_request,
872 uint64_t allocation_size,
873 uint32_t private_flags,
874 struct security_descriptor *sd,
875 struct ea_list *ea_list,
876 files_struct **result_fsp,
880 const char* str_create_disposition;
882 switch (create_disposition) {
884 str_create_disposition = "supersede";
886 case FILE_OVERWRITE_IF:
887 str_create_disposition = "overwrite_if";
890 str_create_disposition = "open";
893 str_create_disposition = "overwrite";
896 str_create_disposition = "create";
899 str_create_disposition = "open_if";
902 str_create_disposition = "unknown";
905 result = SMB_VFS_NEXT_CREATE_FILE(
908 root_dir_fid, /* root_dir_fid */
909 smb_fname, /* fname */
910 access_mask, /* access_mask */
911 share_access, /* share_access */
912 create_disposition, /* create_disposition*/
913 create_options, /* create_options */
914 file_attributes, /* file_attributes */
915 oplock_request, /* oplock_request */
916 allocation_size, /* allocation_size */
919 ea_list, /* ea_list */
920 result_fsp, /* result */
923 do_log(SMB_VFS_OP_CREATE_FILE, (NT_STATUS_IS_OK(result)), handle,
924 "0x%x|%s|%s|%s", access_mask,
925 create_options & FILE_DIRECTORY_FILE ? "dir" : "file",
926 str_create_disposition, smb_fname_str_do_log(smb_fname));
931 static int smb_full_audit_close(vfs_handle_struct *handle, files_struct *fsp)
935 result = SMB_VFS_NEXT_CLOSE(handle, fsp);
937 do_log(SMB_VFS_OP_CLOSE, (result >= 0), handle, "%s",
938 fsp_str_do_log(fsp));
943 static ssize_t smb_full_audit_read(vfs_handle_struct *handle, files_struct *fsp,
944 void *data, size_t n)
948 result = SMB_VFS_NEXT_READ(handle, fsp, data, n);
950 do_log(SMB_VFS_OP_READ, (result >= 0), handle, "%s",
951 fsp_str_do_log(fsp));
956 static ssize_t smb_full_audit_pread(vfs_handle_struct *handle, files_struct *fsp,
957 void *data, size_t n, SMB_OFF_T offset)
961 result = SMB_VFS_NEXT_PREAD(handle, fsp, data, n, offset);
963 do_log(SMB_VFS_OP_PREAD, (result >= 0), handle, "%s",
964 fsp_str_do_log(fsp));
969 static ssize_t smb_full_audit_write(vfs_handle_struct *handle, files_struct *fsp,
970 const void *data, size_t n)
974 result = SMB_VFS_NEXT_WRITE(handle, fsp, data, n);
976 do_log(SMB_VFS_OP_WRITE, (result >= 0), handle, "%s",
977 fsp_str_do_log(fsp));
982 static ssize_t smb_full_audit_pwrite(vfs_handle_struct *handle, files_struct *fsp,
983 const void *data, size_t n,
988 result = SMB_VFS_NEXT_PWRITE(handle, fsp, data, n, offset);
990 do_log(SMB_VFS_OP_PWRITE, (result >= 0), handle, "%s",
991 fsp_str_do_log(fsp));
996 static SMB_OFF_T smb_full_audit_lseek(vfs_handle_struct *handle, files_struct *fsp,
997 SMB_OFF_T offset, int whence)
1001 result = SMB_VFS_NEXT_LSEEK(handle, fsp, offset, whence);
1003 do_log(SMB_VFS_OP_LSEEK, (result != (ssize_t)-1), handle,
1004 "%s", fsp_str_do_log(fsp));
1009 static ssize_t smb_full_audit_sendfile(vfs_handle_struct *handle, int tofd,
1010 files_struct *fromfsp,
1011 const DATA_BLOB *hdr, SMB_OFF_T offset,
1016 result = SMB_VFS_NEXT_SENDFILE(handle, tofd, fromfsp, hdr, offset, n);
1018 do_log(SMB_VFS_OP_SENDFILE, (result >= 0), handle,
1019 "%s", fsp_str_do_log(fromfsp));
1024 static ssize_t smb_full_audit_recvfile(vfs_handle_struct *handle, int fromfd,
1025 files_struct *tofsp,
1031 result = SMB_VFS_NEXT_RECVFILE(handle, fromfd, tofsp, offset, n);
1033 do_log(SMB_VFS_OP_RECVFILE, (result >= 0), handle,
1034 "%s", fsp_str_do_log(tofsp));
1039 static int smb_full_audit_rename(vfs_handle_struct *handle,
1040 const struct smb_filename *smb_fname_src,
1041 const struct smb_filename *smb_fname_dst)
1045 result = SMB_VFS_NEXT_RENAME(handle, smb_fname_src, smb_fname_dst);
1047 do_log(SMB_VFS_OP_RENAME, (result >= 0), handle, "%s|%s",
1048 smb_fname_str_do_log(smb_fname_src),
1049 smb_fname_str_do_log(smb_fname_dst));
1054 static int smb_full_audit_fsync(vfs_handle_struct *handle, files_struct *fsp)
1058 result = SMB_VFS_NEXT_FSYNC(handle, fsp);
1060 do_log(SMB_VFS_OP_FSYNC, (result >= 0), handle, "%s",
1061 fsp_str_do_log(fsp));
1066 static int smb_full_audit_stat(vfs_handle_struct *handle,
1067 struct smb_filename *smb_fname)
1071 result = SMB_VFS_NEXT_STAT(handle, smb_fname);
1073 do_log(SMB_VFS_OP_STAT, (result >= 0), handle, "%s",
1074 smb_fname_str_do_log(smb_fname));
1079 static int smb_full_audit_fstat(vfs_handle_struct *handle, files_struct *fsp,
1080 SMB_STRUCT_STAT *sbuf)
1084 result = SMB_VFS_NEXT_FSTAT(handle, fsp, sbuf);
1086 do_log(SMB_VFS_OP_FSTAT, (result >= 0), handle, "%s",
1087 fsp_str_do_log(fsp));
1092 static int smb_full_audit_lstat(vfs_handle_struct *handle,
1093 struct smb_filename *smb_fname)
1097 result = SMB_VFS_NEXT_LSTAT(handle, smb_fname);
1099 do_log(SMB_VFS_OP_LSTAT, (result >= 0), handle, "%s",
1100 smb_fname_str_do_log(smb_fname));
1105 static uint64_t smb_full_audit_get_alloc_size(vfs_handle_struct *handle,
1106 files_struct *fsp, const SMB_STRUCT_STAT *sbuf)
1110 result = SMB_VFS_NEXT_GET_ALLOC_SIZE(handle, fsp, sbuf);
1112 do_log(SMB_VFS_OP_GET_ALLOC_SIZE, (result != (uint64_t)-1), handle,
1118 static int smb_full_audit_unlink(vfs_handle_struct *handle,
1119 const struct smb_filename *smb_fname)
1123 result = SMB_VFS_NEXT_UNLINK(handle, smb_fname);
1125 do_log(SMB_VFS_OP_UNLINK, (result >= 0), handle, "%s",
1126 smb_fname_str_do_log(smb_fname));
1131 static int smb_full_audit_chmod(vfs_handle_struct *handle,
1132 const char *path, mode_t mode)
1136 result = SMB_VFS_NEXT_CHMOD(handle, path, mode);
1138 do_log(SMB_VFS_OP_CHMOD, (result >= 0), handle, "%s|%o", path, mode);
1143 static int smb_full_audit_fchmod(vfs_handle_struct *handle, files_struct *fsp,
1148 result = SMB_VFS_NEXT_FCHMOD(handle, fsp, mode);
1150 do_log(SMB_VFS_OP_FCHMOD, (result >= 0), handle,
1151 "%s|%o", fsp_str_do_log(fsp), mode);
1156 static int smb_full_audit_chown(vfs_handle_struct *handle,
1157 const char *path, uid_t uid, gid_t gid)
1161 result = SMB_VFS_NEXT_CHOWN(handle, path, uid, gid);
1163 do_log(SMB_VFS_OP_CHOWN, (result >= 0), handle, "%s|%ld|%ld",
1164 path, (long int)uid, (long int)gid);
1169 static int smb_full_audit_fchown(vfs_handle_struct *handle, files_struct *fsp,
1170 uid_t uid, gid_t gid)
1174 result = SMB_VFS_NEXT_FCHOWN(handle, fsp, uid, gid);
1176 do_log(SMB_VFS_OP_FCHOWN, (result >= 0), handle, "%s|%ld|%ld",
1177 fsp_str_do_log(fsp), (long int)uid, (long int)gid);
1182 static int smb_full_audit_lchown(vfs_handle_struct *handle,
1183 const char *path, uid_t uid, gid_t gid)
1187 result = SMB_VFS_NEXT_LCHOWN(handle, path, uid, gid);
1189 do_log(SMB_VFS_OP_LCHOWN, (result >= 0), handle, "%s|%ld|%ld",
1190 path, (long int)uid, (long int)gid);
1195 static int smb_full_audit_chdir(vfs_handle_struct *handle,
1200 result = SMB_VFS_NEXT_CHDIR(handle, path);
1202 do_log(SMB_VFS_OP_CHDIR, (result >= 0), handle, "chdir|%s", path);
1207 static char *smb_full_audit_getwd(vfs_handle_struct *handle,
1212 result = SMB_VFS_NEXT_GETWD(handle, path);
1214 do_log(SMB_VFS_OP_GETWD, (result != NULL), handle, "%s", path);
1219 static int smb_full_audit_ntimes(vfs_handle_struct *handle,
1220 const struct smb_filename *smb_fname,
1221 struct smb_file_time *ft)
1225 result = SMB_VFS_NEXT_NTIMES(handle, smb_fname, ft);
1227 do_log(SMB_VFS_OP_NTIMES, (result >= 0), handle, "%s",
1228 smb_fname_str_do_log(smb_fname));
1233 static int smb_full_audit_ftruncate(vfs_handle_struct *handle, files_struct *fsp,
1238 result = SMB_VFS_NEXT_FTRUNCATE(handle, fsp, len);
1240 do_log(SMB_VFS_OP_FTRUNCATE, (result >= 0), handle,
1241 "%s", fsp_str_do_log(fsp));
1246 static int smb_full_audit_fallocate(vfs_handle_struct *handle, files_struct *fsp,
1247 enum vfs_fallocate_mode mode,
1253 result = SMB_VFS_NEXT_FALLOCATE(handle, fsp, mode, offset, len);
1255 do_log(SMB_VFS_OP_FALLOCATE, (result >= 0), handle,
1256 "%s", fsp_str_do_log(fsp));
1261 static bool smb_full_audit_lock(vfs_handle_struct *handle, files_struct *fsp,
1262 int op, SMB_OFF_T offset, SMB_OFF_T count, int type)
1266 result = SMB_VFS_NEXT_LOCK(handle, fsp, op, offset, count, type);
1268 do_log(SMB_VFS_OP_LOCK, result, handle, "%s", fsp_str_do_log(fsp));
1273 static int smb_full_audit_kernel_flock(struct vfs_handle_struct *handle,
1274 struct files_struct *fsp,
1275 uint32 share_mode, uint32 access_mask)
1279 result = SMB_VFS_NEXT_KERNEL_FLOCK(handle, fsp, share_mode, access_mask);
1281 do_log(SMB_VFS_OP_KERNEL_FLOCK, (result >= 0), handle, "%s",
1282 fsp_str_do_log(fsp));
1287 static int smb_full_audit_linux_setlease(vfs_handle_struct *handle, files_struct *fsp,
1292 result = SMB_VFS_NEXT_LINUX_SETLEASE(handle, fsp, leasetype);
1294 do_log(SMB_VFS_OP_LINUX_SETLEASE, (result >= 0), handle, "%s",
1295 fsp_str_do_log(fsp));
1300 static bool smb_full_audit_getlock(vfs_handle_struct *handle, files_struct *fsp,
1301 SMB_OFF_T *poffset, SMB_OFF_T *pcount, int *ptype, pid_t *ppid)
1305 result = SMB_VFS_NEXT_GETLOCK(handle, fsp, poffset, pcount, ptype, ppid);
1307 do_log(SMB_VFS_OP_GETLOCK, result, handle, "%s", fsp_str_do_log(fsp));
1312 static int smb_full_audit_symlink(vfs_handle_struct *handle,
1313 const char *oldpath, const char *newpath)
1317 result = SMB_VFS_NEXT_SYMLINK(handle, oldpath, newpath);
1319 do_log(SMB_VFS_OP_SYMLINK, (result >= 0), handle,
1320 "%s|%s", oldpath, newpath);
1325 static int smb_full_audit_readlink(vfs_handle_struct *handle,
1326 const char *path, char *buf, size_t bufsiz)
1330 result = SMB_VFS_NEXT_READLINK(handle, path, buf, bufsiz);
1332 do_log(SMB_VFS_OP_READLINK, (result >= 0), handle, "%s", path);
1337 static int smb_full_audit_link(vfs_handle_struct *handle,
1338 const char *oldpath, const char *newpath)
1342 result = SMB_VFS_NEXT_LINK(handle, oldpath, newpath);
1344 do_log(SMB_VFS_OP_LINK, (result >= 0), handle,
1345 "%s|%s", oldpath, newpath);
1350 static int smb_full_audit_mknod(vfs_handle_struct *handle,
1351 const char *pathname, mode_t mode, SMB_DEV_T dev)
1355 result = SMB_VFS_NEXT_MKNOD(handle, pathname, mode, dev);
1357 do_log(SMB_VFS_OP_MKNOD, (result >= 0), handle, "%s", pathname);
1362 static char *smb_full_audit_realpath(vfs_handle_struct *handle,
1367 result = SMB_VFS_NEXT_REALPATH(handle, path);
1369 do_log(SMB_VFS_OP_REALPATH, (result != NULL), handle, "%s", path);
1374 static NTSTATUS smb_full_audit_notify_watch(struct vfs_handle_struct *handle,
1375 struct sys_notify_context *ctx,
1376 struct notify_entry *e,
1377 void (*callback)(struct sys_notify_context *ctx,
1379 struct notify_event *ev),
1380 void *private_data, void *handle_p)
1384 result = SMB_VFS_NEXT_NOTIFY_WATCH(handle, ctx, e, callback, private_data, handle_p);
1386 do_log(SMB_VFS_OP_NOTIFY_WATCH, NT_STATUS_IS_OK(result), handle, "");
1391 static int smb_full_audit_chflags(vfs_handle_struct *handle,
1392 const char *path, unsigned int flags)
1396 result = SMB_VFS_NEXT_CHFLAGS(handle, path, flags);
1398 do_log(SMB_VFS_OP_CHFLAGS, (result != 0), handle, "%s", path);
1403 static struct file_id smb_full_audit_file_id_create(struct vfs_handle_struct *handle,
1404 const SMB_STRUCT_STAT *sbuf)
1406 struct file_id id_zero;
1407 struct file_id result;
1409 ZERO_STRUCT(id_zero);
1411 result = SMB_VFS_NEXT_FILE_ID_CREATE(handle, sbuf);
1413 do_log(SMB_VFS_OP_FILE_ID_CREATE,
1414 !file_id_equal(&id_zero, &result),
1415 handle, "%s", file_id_string_tos(&result));
1420 static NTSTATUS smb_full_audit_streaminfo(vfs_handle_struct *handle,
1421 struct files_struct *fsp,
1423 TALLOC_CTX *mem_ctx,
1424 unsigned int *pnum_streams,
1425 struct stream_struct **pstreams)
1429 result = SMB_VFS_NEXT_STREAMINFO(handle, fsp, fname, mem_ctx,
1430 pnum_streams, pstreams);
1432 do_log(SMB_VFS_OP_STREAMINFO, NT_STATUS_IS_OK(result), handle,
1438 static int smb_full_audit_get_real_filename(struct vfs_handle_struct *handle,
1441 TALLOC_CTX *mem_ctx,
1446 result = SMB_VFS_NEXT_GET_REAL_FILENAME(handle, path, name, mem_ctx,
1449 do_log(SMB_VFS_OP_GET_REAL_FILENAME, (result == 0), handle,
1450 "%s/%s->%s", path, name, (result == 0) ? "" : *found_name);
1455 static const char *smb_full_audit_connectpath(vfs_handle_struct *handle,
1460 result = SMB_VFS_NEXT_CONNECTPATH(handle, fname);
1462 do_log(SMB_VFS_OP_CONNECTPATH, result != NULL, handle,
1468 static NTSTATUS smb_full_audit_brl_lock_windows(struct vfs_handle_struct *handle,
1469 struct byte_range_lock *br_lck,
1470 struct lock_struct *plock,
1472 struct blocking_lock_record *blr)
1476 result = SMB_VFS_NEXT_BRL_LOCK_WINDOWS(handle, br_lck, plock,
1477 blocking_lock, blr);
1479 do_log(SMB_VFS_OP_BRL_LOCK_WINDOWS, NT_STATUS_IS_OK(result), handle,
1480 "%s:%llu-%llu. type=%d. blocking=%d", fsp_str_do_log(br_lck->fsp),
1481 plock->start, plock->size, plock->lock_type, blocking_lock );
1486 static bool smb_full_audit_brl_unlock_windows(struct vfs_handle_struct *handle,
1487 struct messaging_context *msg_ctx,
1488 struct byte_range_lock *br_lck,
1489 const struct lock_struct *plock)
1493 result = SMB_VFS_NEXT_BRL_UNLOCK_WINDOWS(handle, msg_ctx, br_lck,
1496 do_log(SMB_VFS_OP_BRL_UNLOCK_WINDOWS, (result == 0), handle,
1497 "%s:%llu-%llu:%d", fsp_str_do_log(br_lck->fsp), plock->start,
1498 plock->size, plock->lock_type);
1503 static bool smb_full_audit_brl_cancel_windows(struct vfs_handle_struct *handle,
1504 struct byte_range_lock *br_lck,
1505 struct lock_struct *plock,
1506 struct blocking_lock_record *blr)
1510 result = SMB_VFS_NEXT_BRL_CANCEL_WINDOWS(handle, br_lck, plock, blr);
1512 do_log(SMB_VFS_OP_BRL_CANCEL_WINDOWS, (result == 0), handle,
1513 "%s:%llu-%llu:%d", fsp_str_do_log(br_lck->fsp), plock->start,
1519 static bool smb_full_audit_strict_lock(struct vfs_handle_struct *handle,
1520 struct files_struct *fsp,
1521 struct lock_struct *plock)
1525 result = SMB_VFS_NEXT_STRICT_LOCK(handle, fsp, plock);
1527 do_log(SMB_VFS_OP_STRICT_LOCK, result, handle,
1528 "%s:%llu-%llu:%d", fsp_str_do_log(fsp), plock->start,
1534 static void smb_full_audit_strict_unlock(struct vfs_handle_struct *handle,
1535 struct files_struct *fsp,
1536 struct lock_struct *plock)
1538 SMB_VFS_NEXT_STRICT_UNLOCK(handle, fsp, plock);
1540 do_log(SMB_VFS_OP_STRICT_UNLOCK, true, handle,
1541 "%s:%llu-%llu:%d", fsp_str_do_log(fsp), plock->start,
1547 static NTSTATUS smb_full_audit_translate_name(struct vfs_handle_struct *handle,
1549 enum vfs_translate_direction direction,
1550 TALLOC_CTX *mem_ctx,
1555 result = SMB_VFS_NEXT_TRANSLATE_NAME(handle, name, direction, mem_ctx,
1558 do_log(SMB_VFS_OP_TRANSLATE_NAME, NT_STATUS_IS_OK(result), handle, "");
1563 static NTSTATUS smb_full_audit_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
1564 uint32 security_info,
1565 struct security_descriptor **ppdesc)
1569 result = SMB_VFS_NEXT_FGET_NT_ACL(handle, fsp, security_info, ppdesc);
1571 do_log(SMB_VFS_OP_FGET_NT_ACL, NT_STATUS_IS_OK(result), handle,
1572 "%s", fsp_str_do_log(fsp));
1577 static NTSTATUS smb_full_audit_get_nt_acl(vfs_handle_struct *handle,
1579 uint32 security_info,
1580 struct security_descriptor **ppdesc)
1584 result = SMB_VFS_NEXT_GET_NT_ACL(handle, name, security_info, ppdesc);
1586 do_log(SMB_VFS_OP_GET_NT_ACL, NT_STATUS_IS_OK(result), handle,
1592 static NTSTATUS smb_full_audit_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
1593 uint32 security_info_sent,
1594 const struct security_descriptor *psd)
1598 result = SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, security_info_sent, psd);
1600 do_log(SMB_VFS_OP_FSET_NT_ACL, NT_STATUS_IS_OK(result), handle, "%s",
1601 fsp_str_do_log(fsp));
1606 static int smb_full_audit_chmod_acl(vfs_handle_struct *handle,
1607 const char *path, mode_t mode)
1611 result = SMB_VFS_NEXT_CHMOD_ACL(handle, path, mode);
1613 do_log(SMB_VFS_OP_CHMOD_ACL, (result >= 0), handle,
1614 "%s|%o", path, mode);
1619 static int smb_full_audit_fchmod_acl(vfs_handle_struct *handle, files_struct *fsp,
1624 result = SMB_VFS_NEXT_FCHMOD_ACL(handle, fsp, mode);
1626 do_log(SMB_VFS_OP_FCHMOD_ACL, (result >= 0), handle,
1627 "%s|%o", fsp_str_do_log(fsp), mode);
1632 static int smb_full_audit_sys_acl_get_entry(vfs_handle_struct *handle,
1634 SMB_ACL_T theacl, int entry_id,
1635 SMB_ACL_ENTRY_T *entry_p)
1639 result = SMB_VFS_NEXT_SYS_ACL_GET_ENTRY(handle, theacl, entry_id,
1642 do_log(SMB_VFS_OP_SYS_ACL_GET_ENTRY, (result >= 0), handle,
1648 static int smb_full_audit_sys_acl_get_tag_type(vfs_handle_struct *handle,
1650 SMB_ACL_ENTRY_T entry_d,
1651 SMB_ACL_TAG_T *tag_type_p)
1655 result = SMB_VFS_NEXT_SYS_ACL_GET_TAG_TYPE(handle, entry_d,
1658 do_log(SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE, (result >= 0), handle,
1664 static int smb_full_audit_sys_acl_get_permset(vfs_handle_struct *handle,
1666 SMB_ACL_ENTRY_T entry_d,
1667 SMB_ACL_PERMSET_T *permset_p)
1671 result = SMB_VFS_NEXT_SYS_ACL_GET_PERMSET(handle, entry_d,
1674 do_log(SMB_VFS_OP_SYS_ACL_GET_PERMSET, (result >= 0), handle,
1680 static void * smb_full_audit_sys_acl_get_qualifier(vfs_handle_struct *handle,
1682 SMB_ACL_ENTRY_T entry_d)
1686 result = SMB_VFS_NEXT_SYS_ACL_GET_QUALIFIER(handle, entry_d);
1688 do_log(SMB_VFS_OP_SYS_ACL_GET_QUALIFIER, (result != NULL), handle,
1694 static SMB_ACL_T smb_full_audit_sys_acl_get_file(vfs_handle_struct *handle,
1696 SMB_ACL_TYPE_T type)
1700 result = SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p, type);
1702 do_log(SMB_VFS_OP_SYS_ACL_GET_FILE, (result != NULL), handle,
1708 static SMB_ACL_T smb_full_audit_sys_acl_get_fd(vfs_handle_struct *handle,
1713 result = SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp);
1715 do_log(SMB_VFS_OP_SYS_ACL_GET_FD, (result != NULL), handle,
1716 "%s", fsp_str_do_log(fsp));
1721 static int smb_full_audit_sys_acl_clear_perms(vfs_handle_struct *handle,
1723 SMB_ACL_PERMSET_T permset)
1727 result = SMB_VFS_NEXT_SYS_ACL_CLEAR_PERMS(handle, permset);
1729 do_log(SMB_VFS_OP_SYS_ACL_CLEAR_PERMS, (result >= 0), handle,
1735 static int smb_full_audit_sys_acl_add_perm(vfs_handle_struct *handle,
1737 SMB_ACL_PERMSET_T permset,
1738 SMB_ACL_PERM_T perm)
1742 result = SMB_VFS_NEXT_SYS_ACL_ADD_PERM(handle, permset, perm);
1744 do_log(SMB_VFS_OP_SYS_ACL_ADD_PERM, (result >= 0), handle,
1750 static char * smb_full_audit_sys_acl_to_text(vfs_handle_struct *handle,
1756 result = SMB_VFS_NEXT_SYS_ACL_TO_TEXT(handle, theacl, plen);
1758 do_log(SMB_VFS_OP_SYS_ACL_TO_TEXT, (result != NULL), handle,
1764 static SMB_ACL_T smb_full_audit_sys_acl_init(vfs_handle_struct *handle,
1770 result = SMB_VFS_NEXT_SYS_ACL_INIT(handle, count);
1772 do_log(SMB_VFS_OP_SYS_ACL_INIT, (result != NULL), handle,
1778 static int smb_full_audit_sys_acl_create_entry(vfs_handle_struct *handle,
1780 SMB_ACL_ENTRY_T *pentry)
1784 result = SMB_VFS_NEXT_SYS_ACL_CREATE_ENTRY(handle, pacl, pentry);
1786 do_log(SMB_VFS_OP_SYS_ACL_CREATE_ENTRY, (result >= 0), handle,
1792 static int smb_full_audit_sys_acl_set_tag_type(vfs_handle_struct *handle,
1794 SMB_ACL_ENTRY_T entry,
1795 SMB_ACL_TAG_T tagtype)
1799 result = SMB_VFS_NEXT_SYS_ACL_SET_TAG_TYPE(handle, entry,
1802 do_log(SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE, (result >= 0), handle,
1808 static int smb_full_audit_sys_acl_set_qualifier(vfs_handle_struct *handle,
1810 SMB_ACL_ENTRY_T entry,
1815 result = SMB_VFS_NEXT_SYS_ACL_SET_QUALIFIER(handle, entry, qual);
1817 do_log(SMB_VFS_OP_SYS_ACL_SET_QUALIFIER, (result >= 0), handle,
1823 static int smb_full_audit_sys_acl_set_permset(vfs_handle_struct *handle,
1825 SMB_ACL_ENTRY_T entry,
1826 SMB_ACL_PERMSET_T permset)
1830 result = SMB_VFS_NEXT_SYS_ACL_SET_PERMSET(handle, entry, permset);
1832 do_log(SMB_VFS_OP_SYS_ACL_SET_PERMSET, (result >= 0), handle,
1838 static int smb_full_audit_sys_acl_valid(vfs_handle_struct *handle,
1844 result = SMB_VFS_NEXT_SYS_ACL_VALID(handle, theacl);
1846 do_log(SMB_VFS_OP_SYS_ACL_VALID, (result >= 0), handle,
1852 static int smb_full_audit_sys_acl_set_file(vfs_handle_struct *handle,
1854 const char *name, SMB_ACL_TYPE_T acltype,
1859 result = SMB_VFS_NEXT_SYS_ACL_SET_FILE(handle, name, acltype,
1862 do_log(SMB_VFS_OP_SYS_ACL_SET_FILE, (result >= 0), handle,
1868 static int smb_full_audit_sys_acl_set_fd(vfs_handle_struct *handle, files_struct *fsp,
1873 result = SMB_VFS_NEXT_SYS_ACL_SET_FD(handle, fsp, theacl);
1875 do_log(SMB_VFS_OP_SYS_ACL_SET_FD, (result >= 0), handle,
1876 "%s", fsp_str_do_log(fsp));
1881 static int smb_full_audit_sys_acl_delete_def_file(vfs_handle_struct *handle,
1887 result = SMB_VFS_NEXT_SYS_ACL_DELETE_DEF_FILE(handle, path);
1889 do_log(SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE, (result >= 0), handle,
1895 static int smb_full_audit_sys_acl_get_perm(vfs_handle_struct *handle,
1897 SMB_ACL_PERMSET_T permset,
1898 SMB_ACL_PERM_T perm)
1902 result = SMB_VFS_NEXT_SYS_ACL_GET_PERM(handle, permset, perm);
1904 do_log(SMB_VFS_OP_SYS_ACL_GET_PERM, (result >= 0), handle,
1910 static int smb_full_audit_sys_acl_free_text(vfs_handle_struct *handle,
1916 result = SMB_VFS_NEXT_SYS_ACL_FREE_TEXT(handle, text);
1918 do_log(SMB_VFS_OP_SYS_ACL_FREE_TEXT, (result >= 0), handle,
1924 static int smb_full_audit_sys_acl_free_acl(vfs_handle_struct *handle,
1926 SMB_ACL_T posix_acl)
1930 result = SMB_VFS_NEXT_SYS_ACL_FREE_ACL(handle, posix_acl);
1932 do_log(SMB_VFS_OP_SYS_ACL_FREE_ACL, (result >= 0), handle,
1938 static int smb_full_audit_sys_acl_free_qualifier(vfs_handle_struct *handle,
1940 SMB_ACL_TAG_T tagtype)
1944 result = SMB_VFS_NEXT_SYS_ACL_FREE_QUALIFIER(handle, qualifier,
1947 do_log(SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER, (result >= 0), handle,
1953 static ssize_t smb_full_audit_getxattr(struct vfs_handle_struct *handle,
1955 const char *name, void *value, size_t size)
1959 result = SMB_VFS_NEXT_GETXATTR(handle, path, name, value, size);
1961 do_log(SMB_VFS_OP_GETXATTR, (result >= 0), handle,
1962 "%s|%s", path, name);
1967 static ssize_t smb_full_audit_lgetxattr(struct vfs_handle_struct *handle,
1968 const char *path, const char *name,
1969 void *value, size_t size)
1973 result = SMB_VFS_NEXT_LGETXATTR(handle, path, name, value, size);
1975 do_log(SMB_VFS_OP_LGETXATTR, (result >= 0), handle,
1976 "%s|%s", path, name);
1981 static ssize_t smb_full_audit_fgetxattr(struct vfs_handle_struct *handle,
1982 struct files_struct *fsp,
1983 const char *name, void *value, size_t size)
1987 result = SMB_VFS_NEXT_FGETXATTR(handle, fsp, name, value, size);
1989 do_log(SMB_VFS_OP_FGETXATTR, (result >= 0), handle,
1990 "%s|%s", fsp_str_do_log(fsp), name);
1995 static ssize_t smb_full_audit_listxattr(struct vfs_handle_struct *handle,
1996 const char *path, char *list, size_t size)
2000 result = SMB_VFS_NEXT_LISTXATTR(handle, path, list, size);
2002 do_log(SMB_VFS_OP_LISTXATTR, (result >= 0), handle, "%s", path);
2007 static ssize_t smb_full_audit_llistxattr(struct vfs_handle_struct *handle,
2008 const char *path, char *list, size_t size)
2012 result = SMB_VFS_NEXT_LLISTXATTR(handle, path, list, size);
2014 do_log(SMB_VFS_OP_LLISTXATTR, (result >= 0), handle, "%s", path);
2019 static ssize_t smb_full_audit_flistxattr(struct vfs_handle_struct *handle,
2020 struct files_struct *fsp, char *list,
2025 result = SMB_VFS_NEXT_FLISTXATTR(handle, fsp, list, size);
2027 do_log(SMB_VFS_OP_FLISTXATTR, (result >= 0), handle,
2028 "%s", fsp_str_do_log(fsp));
2033 static int smb_full_audit_removexattr(struct vfs_handle_struct *handle,
2039 result = SMB_VFS_NEXT_REMOVEXATTR(handle, path, name);
2041 do_log(SMB_VFS_OP_REMOVEXATTR, (result >= 0), handle,
2042 "%s|%s", path, name);
2047 static int smb_full_audit_lremovexattr(struct vfs_handle_struct *handle,
2053 result = SMB_VFS_NEXT_LREMOVEXATTR(handle, path, name);
2055 do_log(SMB_VFS_OP_LREMOVEXATTR, (result >= 0), handle,
2056 "%s|%s", path, name);
2061 static int smb_full_audit_fremovexattr(struct vfs_handle_struct *handle,
2062 struct files_struct *fsp,
2067 result = SMB_VFS_NEXT_FREMOVEXATTR(handle, fsp, name);
2069 do_log(SMB_VFS_OP_FREMOVEXATTR, (result >= 0), handle,
2070 "%s|%s", fsp_str_do_log(fsp), name);
2075 static int smb_full_audit_setxattr(struct vfs_handle_struct *handle,
2077 const char *name, const void *value, size_t size,
2082 result = SMB_VFS_NEXT_SETXATTR(handle, path, name, value, size,
2085 do_log(SMB_VFS_OP_SETXATTR, (result >= 0), handle,
2086 "%s|%s", path, name);
2091 static int smb_full_audit_lsetxattr(struct vfs_handle_struct *handle,
2093 const char *name, const void *value, size_t size,
2098 result = SMB_VFS_NEXT_LSETXATTR(handle, path, name, value, size,
2101 do_log(SMB_VFS_OP_LSETXATTR, (result >= 0), handle,
2102 "%s|%s", path, name);
2107 static int smb_full_audit_fsetxattr(struct vfs_handle_struct *handle,
2108 struct files_struct *fsp, const char *name,
2109 const void *value, size_t size, int flags)
2113 result = SMB_VFS_NEXT_FSETXATTR(handle, fsp, name, value, size, flags);
2115 do_log(SMB_VFS_OP_FSETXATTR, (result >= 0), handle,
2116 "%s|%s", fsp_str_do_log(fsp), name);
2121 static int smb_full_audit_aio_read(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb)
2125 result = SMB_VFS_NEXT_AIO_READ(handle, fsp, aiocb);
2126 do_log(SMB_VFS_OP_AIO_READ, (result >= 0), handle,
2127 "%s", fsp_str_do_log(fsp));
2132 static int smb_full_audit_aio_write(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb)
2136 result = SMB_VFS_NEXT_AIO_WRITE(handle, fsp, aiocb);
2137 do_log(SMB_VFS_OP_AIO_WRITE, (result >= 0), handle,
2138 "%s", fsp_str_do_log(fsp));
2143 static ssize_t smb_full_audit_aio_return(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb)
2147 result = SMB_VFS_NEXT_AIO_RETURN(handle, fsp, aiocb);
2148 do_log(SMB_VFS_OP_AIO_RETURN, (result >= 0), handle,
2149 "%s", fsp_str_do_log(fsp));
2154 static int smb_full_audit_aio_cancel(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb)
2158 result = SMB_VFS_NEXT_AIO_CANCEL(handle, fsp, aiocb);
2159 do_log(SMB_VFS_OP_AIO_CANCEL, (result >= 0), handle,
2160 "%s", fsp_str_do_log(fsp));
2165 static int smb_full_audit_aio_error(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb)
2169 result = SMB_VFS_NEXT_AIO_ERROR(handle, fsp, aiocb);
2170 do_log(SMB_VFS_OP_AIO_ERROR, (result >= 0), handle,
2171 "%s", fsp_str_do_log(fsp));
2176 static int smb_full_audit_aio_fsync(struct vfs_handle_struct *handle, struct files_struct *fsp, int op, SMB_STRUCT_AIOCB *aiocb)
2180 result = SMB_VFS_NEXT_AIO_FSYNC(handle, fsp, op, aiocb);
2181 do_log(SMB_VFS_OP_AIO_FSYNC, (result >= 0), handle,
2182 "%s", fsp_str_do_log(fsp));
2187 static int smb_full_audit_aio_suspend(struct vfs_handle_struct *handle, struct files_struct *fsp, const SMB_STRUCT_AIOCB * const aiocb[], int n, const struct timespec *ts)
2191 result = SMB_VFS_NEXT_AIO_SUSPEND(handle, fsp, aiocb, n, ts);
2192 do_log(SMB_VFS_OP_AIO_SUSPEND, (result >= 0), handle,
2193 "%s", fsp_str_do_log(fsp));
2198 static bool smb_full_audit_aio_force(struct vfs_handle_struct *handle,
2199 struct files_struct *fsp)
2203 result = SMB_VFS_NEXT_AIO_FORCE(handle, fsp);
2204 do_log(SMB_VFS_OP_AIO_FORCE, result, handle,
2205 "%s", fsp_str_do_log(fsp));
2210 static bool smb_full_audit_is_offline(struct vfs_handle_struct *handle,
2211 const struct smb_filename *fname,
2212 SMB_STRUCT_STAT *sbuf)
2216 result = SMB_VFS_NEXT_IS_OFFLINE(handle, fname, sbuf);
2217 do_log(SMB_VFS_OP_IS_OFFLINE, result, handle, "%s",
2218 smb_fname_str_do_log(fname));
2222 static int smb_full_audit_set_offline(struct vfs_handle_struct *handle,
2223 const struct smb_filename *fname)
2227 result = SMB_VFS_NEXT_SET_OFFLINE(handle, fname);
2228 do_log(SMB_VFS_OP_SET_OFFLINE, result >= 0, handle, "%s",
2229 smb_fname_str_do_log(fname));
2233 static struct vfs_fn_pointers vfs_full_audit_fns = {
2235 /* Disk operations */
2237 .connect_fn = smb_full_audit_connect,
2238 .disconnect = smb_full_audit_disconnect,
2239 .disk_free = smb_full_audit_disk_free,
2240 .get_quota = smb_full_audit_get_quota,
2241 .set_quota = smb_full_audit_set_quota,
2242 .get_shadow_copy_data = smb_full_audit_get_shadow_copy_data,
2243 .statvfs = smb_full_audit_statvfs,
2244 .fs_capabilities = smb_full_audit_fs_capabilities,
2245 .opendir = smb_full_audit_opendir,
2246 .fdopendir = smb_full_audit_fdopendir,
2247 .readdir = smb_full_audit_readdir,
2248 .seekdir = smb_full_audit_seekdir,
2249 .telldir = smb_full_audit_telldir,
2250 .rewind_dir = smb_full_audit_rewinddir,
2251 .mkdir = smb_full_audit_mkdir,
2252 .rmdir = smb_full_audit_rmdir,
2253 .closedir = smb_full_audit_closedir,
2254 .init_search_op = smb_full_audit_init_search_op,
2255 .open = smb_full_audit_open,
2256 .create_file = smb_full_audit_create_file,
2257 .close_fn = smb_full_audit_close,
2258 .vfs_read = smb_full_audit_read,
2259 .pread = smb_full_audit_pread,
2260 .write = smb_full_audit_write,
2261 .pwrite = smb_full_audit_pwrite,
2262 .lseek = smb_full_audit_lseek,
2263 .sendfile = smb_full_audit_sendfile,
2264 .recvfile = smb_full_audit_recvfile,
2265 .rename = smb_full_audit_rename,
2266 .fsync = smb_full_audit_fsync,
2267 .stat = smb_full_audit_stat,
2268 .fstat = smb_full_audit_fstat,
2269 .lstat = smb_full_audit_lstat,
2270 .get_alloc_size = smb_full_audit_get_alloc_size,
2271 .unlink = smb_full_audit_unlink,
2272 .chmod = smb_full_audit_chmod,
2273 .fchmod = smb_full_audit_fchmod,
2274 .chown = smb_full_audit_chown,
2275 .fchown = smb_full_audit_fchown,
2276 .lchown = smb_full_audit_lchown,
2277 .chdir = smb_full_audit_chdir,
2278 .getwd = smb_full_audit_getwd,
2279 .ntimes = smb_full_audit_ntimes,
2280 .ftruncate = smb_full_audit_ftruncate,
2281 .fallocate = smb_full_audit_fallocate,
2282 .lock = smb_full_audit_lock,
2283 .kernel_flock = smb_full_audit_kernel_flock,
2284 .linux_setlease = smb_full_audit_linux_setlease,
2285 .getlock = smb_full_audit_getlock,
2286 .symlink = smb_full_audit_symlink,
2287 .vfs_readlink = smb_full_audit_readlink,
2288 .link = smb_full_audit_link,
2289 .mknod = smb_full_audit_mknod,
2290 .realpath = smb_full_audit_realpath,
2291 .notify_watch = smb_full_audit_notify_watch,
2292 .chflags = smb_full_audit_chflags,
2293 .file_id_create = smb_full_audit_file_id_create,
2294 .streaminfo = smb_full_audit_streaminfo,
2295 .get_real_filename = smb_full_audit_get_real_filename,
2296 .connectpath = smb_full_audit_connectpath,
2297 .brl_lock_windows = smb_full_audit_brl_lock_windows,
2298 .brl_unlock_windows = smb_full_audit_brl_unlock_windows,
2299 .brl_cancel_windows = smb_full_audit_brl_cancel_windows,
2300 .strict_lock = smb_full_audit_strict_lock,
2301 .strict_unlock = smb_full_audit_strict_unlock,
2302 .translate_name = smb_full_audit_translate_name,
2303 .fget_nt_acl = smb_full_audit_fget_nt_acl,
2304 .get_nt_acl = smb_full_audit_get_nt_acl,
2305 .fset_nt_acl = smb_full_audit_fset_nt_acl,
2306 .chmod_acl = smb_full_audit_chmod_acl,
2307 .fchmod_acl = smb_full_audit_fchmod_acl,
2308 .sys_acl_get_entry = smb_full_audit_sys_acl_get_entry,
2309 .sys_acl_get_tag_type = smb_full_audit_sys_acl_get_tag_type,
2310 .sys_acl_get_permset = smb_full_audit_sys_acl_get_permset,
2311 .sys_acl_get_qualifier = smb_full_audit_sys_acl_get_qualifier,
2312 .sys_acl_get_file = smb_full_audit_sys_acl_get_file,
2313 .sys_acl_get_fd = smb_full_audit_sys_acl_get_fd,
2314 .sys_acl_clear_perms = smb_full_audit_sys_acl_clear_perms,
2315 .sys_acl_add_perm = smb_full_audit_sys_acl_add_perm,
2316 .sys_acl_to_text = smb_full_audit_sys_acl_to_text,
2317 .sys_acl_init = smb_full_audit_sys_acl_init,
2318 .sys_acl_create_entry = smb_full_audit_sys_acl_create_entry,
2319 .sys_acl_set_tag_type = smb_full_audit_sys_acl_set_tag_type,
2320 .sys_acl_set_qualifier = smb_full_audit_sys_acl_set_qualifier,
2321 .sys_acl_set_permset = smb_full_audit_sys_acl_set_permset,
2322 .sys_acl_valid = smb_full_audit_sys_acl_valid,
2323 .sys_acl_set_file = smb_full_audit_sys_acl_set_file,
2324 .sys_acl_set_fd = smb_full_audit_sys_acl_set_fd,
2325 .sys_acl_delete_def_file = smb_full_audit_sys_acl_delete_def_file,
2326 .sys_acl_get_perm = smb_full_audit_sys_acl_get_perm,
2327 .sys_acl_free_text = smb_full_audit_sys_acl_free_text,
2328 .sys_acl_free_acl = smb_full_audit_sys_acl_free_acl,
2329 .sys_acl_free_qualifier = smb_full_audit_sys_acl_free_qualifier,
2330 .getxattr = smb_full_audit_getxattr,
2331 .lgetxattr = smb_full_audit_lgetxattr,
2332 .fgetxattr = smb_full_audit_fgetxattr,
2333 .listxattr = smb_full_audit_listxattr,
2334 .llistxattr = smb_full_audit_llistxattr,
2335 .flistxattr = smb_full_audit_flistxattr,
2336 .removexattr = smb_full_audit_removexattr,
2337 .lremovexattr = smb_full_audit_lremovexattr,
2338 .fremovexattr = smb_full_audit_fremovexattr,
2339 .setxattr = smb_full_audit_setxattr,
2340 .lsetxattr = smb_full_audit_lsetxattr,
2341 .fsetxattr = smb_full_audit_fsetxattr,
2342 .aio_read = smb_full_audit_aio_read,
2343 .aio_write = smb_full_audit_aio_write,
2344 .aio_return_fn = smb_full_audit_aio_return,
2345 .aio_cancel = smb_full_audit_aio_cancel,
2346 .aio_error_fn = smb_full_audit_aio_error,
2347 .aio_fsync = smb_full_audit_aio_fsync,
2348 .aio_suspend = smb_full_audit_aio_suspend,
2349 .aio_force = smb_full_audit_aio_force,
2350 .is_offline = smb_full_audit_is_offline,
2351 .set_offline = smb_full_audit_set_offline,
2354 NTSTATUS vfs_full_audit_init(void)
2356 NTSTATUS ret = smb_register_vfs(SMB_VFS_INTERFACE_VERSION,
2357 "full_audit", &vfs_full_audit_fns);
2359 if (!NT_STATUS_IS_OK(ret))
2362 vfs_full_audit_debug_level = debug_add_class("full_audit");
2363 if (vfs_full_audit_debug_level == -1) {
2364 vfs_full_audit_debug_level = DBGC_VFS;
2365 DEBUG(0, ("vfs_full_audit: Couldn't register custom debugging "
2368 DEBUG(10, ("vfs_full_audit: Debug class number of "
2369 "'full_audit': %d\n", vfs_full_audit_debug_level));
git.samba.org / kai / samba.git / blob