2004-04-29 16:11:59 +04:00
/*
* Auditing VFS module for samba . Log selected file operations to syslog
* facility .
*
* Copyright ( C ) Tim Potter , 1999 - 2000
* Copyright ( C ) Alexander Bokovoy , 2002
* Copyright ( C ) John H Terpstra , 2003
* Copyright ( C ) Stefan ( metze ) Metzmacher , 2003
* Copyright ( C ) Volker Lendecke , 2004
*
* This program is free software ; you can redistribute it and / or modify
* it under the terms of the GNU General Public License as published by
2007-07-09 23:25:36 +04:00
* the Free Software Foundation ; either version 3 of the License , or
2004-04-29 16:11:59 +04:00
* ( at your option ) any later version .
*
* This program is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU General Public License for more details .
*
* You should have received a copy of the GNU General Public License
2007-07-10 09:23:25 +04:00
* along with this program ; if not , see < http : //www.gnu.org/licenses/>.
2004-04-29 16:11:59 +04:00
*/
2004-04-29 17:07:34 +04:00
/*
* This module implements parseable logging for all Samba VFS operations .
*
* You use it as follows :
*
* [ tmp ]
* path = / tmp
* vfs objects = full_audit
* full_audit : prefix = % u | % I
* full_audit : success = open opendir
* full_audit : failure = all
*
2006-01-19 03:34:48 +03:00
* vfs op can be " all " which means log all operations .
* vfs op can be " none " which means no logging .
*
2004-04-29 17:07:34 +04:00
* This leads to syslog entries of the form :
* smbd_audit : nobody | 192.168 .234 .1 | opendir | ok | .
* smbd_audit : nobody | 192.168 .234 .1 | open | fail ( File not found ) | r | x . txt
*
* where " nobody " is the connected username and " 192.168.234.1 " is the
* client ' s IP address .
*
* Options :
*
* prefix : A macro expansion template prepended to the syslog entry .
*
* success : A list of VFS operations for which a successful completion should
* be logged . Defaults to no logging at all . The special operation " all " logs
* - you guessed it - everything .
*
* failure : A list of VFS operations for which failure to complete should be
* logged . Defaults to logging everything .
*/
2004-04-29 16:11:59 +04:00
# include "includes.h"
2011-02-26 01:20:06 +03:00
# include "system/filesys.h"
2011-02-25 18:19:10 +03:00
# include "system/syslog.h"
2011-03-23 00:34:22 +03:00
# include "smbd/smbd.h"
2010-08-05 17:14:04 +04:00
# include "../librpc/gen_ndr/ndr_netlogon.h"
2011-03-24 16:15:54 +03:00
# include "auth.h"
2011-03-25 15:42:42 +03:00
# include "ntioctl.h"
2004-04-29 16:11:59 +04:00
static int vfs_full_audit_debug_level = DBGC_VFS ;
2006-01-19 03:34:48 +03:00
struct vfs_full_audit_private_data {
struct bitmap * success_ops ;
struct bitmap * failure_ops ;
} ;
2004-04-29 16:11:59 +04:00
# undef DBGC_CLASS
# define DBGC_CLASS vfs_full_audit_debug_level
2009-07-24 18:43:02 +04:00
typedef enum _vfs_op_type {
SMB_VFS_OP_NOOP = - 1 ,
/* Disk operations */
SMB_VFS_OP_CONNECT = 0 ,
SMB_VFS_OP_DISCONNECT ,
SMB_VFS_OP_DISK_FREE ,
SMB_VFS_OP_GET_QUOTA ,
SMB_VFS_OP_SET_QUOTA ,
SMB_VFS_OP_GET_SHADOW_COPY_DATA ,
SMB_VFS_OP_STATVFS ,
SMB_VFS_OP_FS_CAPABILITIES ,
/* Directory operations */
SMB_VFS_OP_OPENDIR ,
2011-02-09 02:07:48 +03:00
SMB_VFS_OP_FDOPENDIR ,
2009-07-24 18:43:02 +04:00
SMB_VFS_OP_READDIR ,
SMB_VFS_OP_SEEKDIR ,
SMB_VFS_OP_TELLDIR ,
SMB_VFS_OP_REWINDDIR ,
SMB_VFS_OP_MKDIR ,
SMB_VFS_OP_RMDIR ,
SMB_VFS_OP_CLOSEDIR ,
SMB_VFS_OP_INIT_SEARCH_OP ,
/* File operations */
SMB_VFS_OP_OPEN ,
SMB_VFS_OP_CREATE_FILE ,
SMB_VFS_OP_CLOSE ,
SMB_VFS_OP_READ ,
SMB_VFS_OP_PREAD ,
SMB_VFS_OP_WRITE ,
SMB_VFS_OP_PWRITE ,
SMB_VFS_OP_LSEEK ,
SMB_VFS_OP_SENDFILE ,
SMB_VFS_OP_RECVFILE ,
SMB_VFS_OP_RENAME ,
SMB_VFS_OP_FSYNC ,
SMB_VFS_OP_STAT ,
SMB_VFS_OP_FSTAT ,
SMB_VFS_OP_LSTAT ,
SMB_VFS_OP_GET_ALLOC_SIZE ,
SMB_VFS_OP_UNLINK ,
SMB_VFS_OP_CHMOD ,
SMB_VFS_OP_FCHMOD ,
SMB_VFS_OP_CHOWN ,
SMB_VFS_OP_FCHOWN ,
SMB_VFS_OP_LCHOWN ,
SMB_VFS_OP_CHDIR ,
SMB_VFS_OP_GETWD ,
SMB_VFS_OP_NTIMES ,
SMB_VFS_OP_FTRUNCATE ,
2010-12-18 10:08:01 +03:00
SMB_VFS_OP_FALLOCATE ,
2009-07-24 18:43:02 +04:00
SMB_VFS_OP_LOCK ,
SMB_VFS_OP_KERNEL_FLOCK ,
SMB_VFS_OP_LINUX_SETLEASE ,
SMB_VFS_OP_GETLOCK ,
SMB_VFS_OP_SYMLINK ,
SMB_VFS_OP_READLINK ,
SMB_VFS_OP_LINK ,
SMB_VFS_OP_MKNOD ,
SMB_VFS_OP_REALPATH ,
SMB_VFS_OP_NOTIFY_WATCH ,
SMB_VFS_OP_CHFLAGS ,
SMB_VFS_OP_FILE_ID_CREATE ,
SMB_VFS_OP_STREAMINFO ,
SMB_VFS_OP_GET_REAL_FILENAME ,
SMB_VFS_OP_CONNECTPATH ,
SMB_VFS_OP_BRL_LOCK_WINDOWS ,
SMB_VFS_OP_BRL_UNLOCK_WINDOWS ,
SMB_VFS_OP_BRL_CANCEL_WINDOWS ,
SMB_VFS_OP_STRICT_LOCK ,
SMB_VFS_OP_STRICT_UNLOCK ,
2009-08-27 01:56:09 +04:00
SMB_VFS_OP_TRANSLATE_NAME ,
2009-07-24 18:43:02 +04:00
/* NT ACL operations. */
SMB_VFS_OP_FGET_NT_ACL ,
SMB_VFS_OP_GET_NT_ACL ,
SMB_VFS_OP_FSET_NT_ACL ,
/* POSIX ACL operations. */
SMB_VFS_OP_CHMOD_ACL ,
SMB_VFS_OP_FCHMOD_ACL ,
SMB_VFS_OP_SYS_ACL_GET_ENTRY ,
SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE ,
SMB_VFS_OP_SYS_ACL_GET_PERMSET ,
SMB_VFS_OP_SYS_ACL_GET_QUALIFIER ,
SMB_VFS_OP_SYS_ACL_GET_FILE ,
SMB_VFS_OP_SYS_ACL_GET_FD ,
SMB_VFS_OP_SYS_ACL_CLEAR_PERMS ,
SMB_VFS_OP_SYS_ACL_ADD_PERM ,
SMB_VFS_OP_SYS_ACL_TO_TEXT ,
SMB_VFS_OP_SYS_ACL_INIT ,
SMB_VFS_OP_SYS_ACL_CREATE_ENTRY ,
SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE ,
SMB_VFS_OP_SYS_ACL_SET_QUALIFIER ,
SMB_VFS_OP_SYS_ACL_SET_PERMSET ,
SMB_VFS_OP_SYS_ACL_VALID ,
SMB_VFS_OP_SYS_ACL_SET_FILE ,
SMB_VFS_OP_SYS_ACL_SET_FD ,
SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE ,
SMB_VFS_OP_SYS_ACL_GET_PERM ,
SMB_VFS_OP_SYS_ACL_FREE_TEXT ,
SMB_VFS_OP_SYS_ACL_FREE_ACL ,
SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER ,
/* EA operations. */
SMB_VFS_OP_GETXATTR ,
SMB_VFS_OP_LGETXATTR ,
SMB_VFS_OP_FGETXATTR ,
SMB_VFS_OP_LISTXATTR ,
SMB_VFS_OP_LLISTXATTR ,
SMB_VFS_OP_FLISTXATTR ,
SMB_VFS_OP_REMOVEXATTR ,
SMB_VFS_OP_LREMOVEXATTR ,
SMB_VFS_OP_FREMOVEXATTR ,
SMB_VFS_OP_SETXATTR ,
SMB_VFS_OP_LSETXATTR ,
SMB_VFS_OP_FSETXATTR ,
/* aio operations */
SMB_VFS_OP_AIO_READ ,
SMB_VFS_OP_AIO_WRITE ,
SMB_VFS_OP_AIO_RETURN ,
SMB_VFS_OP_AIO_CANCEL ,
SMB_VFS_OP_AIO_ERROR ,
SMB_VFS_OP_AIO_FSYNC ,
SMB_VFS_OP_AIO_SUSPEND ,
SMB_VFS_OP_AIO_FORCE ,
/* offline operations */
SMB_VFS_OP_IS_OFFLINE ,
SMB_VFS_OP_SET_OFFLINE ,
/* This should always be last enum value */
SMB_VFS_OP_LAST
} vfs_op_type ;
2004-04-29 16:11:59 +04:00
/* The following array *must* be in the same order as defined in vfs.h */
static struct {
vfs_op_type type ;
const char * name ;
} vfs_op_names [ ] = {
{ SMB_VFS_OP_CONNECT , " connect " } ,
{ SMB_VFS_OP_DISCONNECT , " disconnect " } ,
{ SMB_VFS_OP_DISK_FREE , " disk_free " } ,
{ SMB_VFS_OP_GET_QUOTA , " get_quota " } ,
{ SMB_VFS_OP_SET_QUOTA , " set_quota " } ,
{ SMB_VFS_OP_GET_SHADOW_COPY_DATA , " get_shadow_copy_data " } ,
2005-10-20 21:33:17 +04:00
{ SMB_VFS_OP_STATVFS , " statvfs " } ,
2008-03-21 12:20:53 +03:00
{ SMB_VFS_OP_FS_CAPABILITIES , " fs_capabilities " } ,
2004-04-29 16:11:59 +04:00
{ SMB_VFS_OP_OPENDIR , " opendir " } ,
2011-02-09 02:07:48 +03:00
{ SMB_VFS_OP_FDOPENDIR , " fdopendir " } ,
2004-04-29 16:11:59 +04:00
{ SMB_VFS_OP_READDIR , " readdir " } ,
2005-05-13 16:05:14 +04:00
{ SMB_VFS_OP_SEEKDIR , " seekdir " } ,
{ SMB_VFS_OP_TELLDIR , " telldir " } ,
{ SMB_VFS_OP_REWINDDIR , " rewinddir " } ,
2004-04-29 16:11:59 +04:00
{ SMB_VFS_OP_MKDIR , " mkdir " } ,
{ SMB_VFS_OP_RMDIR , " rmdir " } ,
{ SMB_VFS_OP_CLOSEDIR , " closedir " } ,
2009-02-03 08:37:51 +03:00
{ SMB_VFS_OP_INIT_SEARCH_OP , " init_search_op " } ,
2004-04-29 16:11:59 +04:00
{ SMB_VFS_OP_OPEN , " open " } ,
2009-01-05 15:08:07 +03:00
{ SMB_VFS_OP_CREATE_FILE , " create_file " } ,
2004-04-29 16:11:59 +04:00
{ SMB_VFS_OP_CLOSE , " close " } ,
{ SMB_VFS_OP_READ , " read " } ,
{ SMB_VFS_OP_PREAD , " pread " } ,
{ SMB_VFS_OP_WRITE , " write " } ,
{ SMB_VFS_OP_PWRITE , " pwrite " } ,
{ SMB_VFS_OP_LSEEK , " lseek " } ,
{ SMB_VFS_OP_SENDFILE , " sendfile " } ,
2008-07-04 16:51:01 +04:00
{ SMB_VFS_OP_RECVFILE , " recvfile " } ,
2004-04-29 16:11:59 +04:00
{ SMB_VFS_OP_RENAME , " rename " } ,
{ SMB_VFS_OP_FSYNC , " fsync " } ,
{ SMB_VFS_OP_STAT , " stat " } ,
{ SMB_VFS_OP_FSTAT , " fstat " } ,
{ SMB_VFS_OP_LSTAT , " lstat " } ,
2009-01-27 02:39:40 +03:00
{ SMB_VFS_OP_GET_ALLOC_SIZE , " get_alloc_size " } ,
2004-04-29 16:11:59 +04:00
{ SMB_VFS_OP_UNLINK , " unlink " } ,
{ SMB_VFS_OP_CHMOD , " chmod " } ,
{ SMB_VFS_OP_FCHMOD , " fchmod " } ,
{ SMB_VFS_OP_CHOWN , " chown " } ,
{ SMB_VFS_OP_FCHOWN , " fchown " } ,
2007-05-24 03:55:12 +04:00
{ SMB_VFS_OP_LCHOWN , " lchown " } ,
2004-04-29 16:11:59 +04:00
{ SMB_VFS_OP_CHDIR , " chdir " } ,
{ SMB_VFS_OP_GETWD , " getwd " } ,
2007-03-06 02:40:03 +03:00
{ SMB_VFS_OP_NTIMES , " ntimes " } ,
2004-04-29 16:11:59 +04:00
{ SMB_VFS_OP_FTRUNCATE , " ftruncate " } ,
2010-12-18 10:08:01 +03:00
{ SMB_VFS_OP_FALLOCATE , " fallocate " } ,
2004-04-29 16:11:59 +04:00
{ SMB_VFS_OP_LOCK , " lock " } ,
2006-12-06 13:21:20 +03:00
{ SMB_VFS_OP_KERNEL_FLOCK , " kernel_flock " } ,
2007-02-14 05:37:14 +03:00
{ SMB_VFS_OP_LINUX_SETLEASE , " linux_setlease " } ,
2006-04-10 19:33:04 +04:00
{ SMB_VFS_OP_GETLOCK , " getlock " } ,
2004-04-29 16:11:59 +04:00
{ SMB_VFS_OP_SYMLINK , " symlink " } ,
{ SMB_VFS_OP_READLINK , " readlink " } ,
{ SMB_VFS_OP_LINK , " link " } ,
{ SMB_VFS_OP_MKNOD , " mknod " } ,
{ SMB_VFS_OP_REALPATH , " realpath " } ,
2007-03-20 00:03:30 +03:00
{ SMB_VFS_OP_NOTIFY_WATCH , " notify_watch " } ,
2007-03-08 04:40:49 +03:00
{ SMB_VFS_OP_CHFLAGS , " chflags " } ,
2007-08-02 13:19:04 +04:00
{ SMB_VFS_OP_FILE_ID_CREATE , " file_id_create " } ,
2008-06-07 11:04:03 +04:00
{ SMB_VFS_OP_STREAMINFO , " streaminfo " } ,
2009-01-05 14:58:23 +03:00
{ SMB_VFS_OP_GET_REAL_FILENAME , " get_real_filename " } ,
2009-05-28 21:20:14 +04:00
{ SMB_VFS_OP_CONNECTPATH , " connectpath " } ,
2009-02-10 08:51:29 +03:00
{ SMB_VFS_OP_BRL_LOCK_WINDOWS , " brl_lock_windows " } ,
{ SMB_VFS_OP_BRL_UNLOCK_WINDOWS , " brl_unlock_windows " } ,
{ SMB_VFS_OP_BRL_CANCEL_WINDOWS , " brl_cancel_windows " } ,
2009-03-14 00:15:28 +03:00
{ SMB_VFS_OP_STRICT_LOCK , " strict_lock " } ,
{ SMB_VFS_OP_STRICT_UNLOCK , " strict_unlock " } ,
2009-08-27 01:56:09 +04:00
{ SMB_VFS_OP_TRANSLATE_NAME , " translate_name " } ,
2004-04-29 16:11:59 +04:00
{ SMB_VFS_OP_FGET_NT_ACL , " fget_nt_acl " } ,
{ SMB_VFS_OP_GET_NT_ACL , " get_nt_acl " } ,
{ SMB_VFS_OP_FSET_NT_ACL , " fset_nt_acl " } ,
{ SMB_VFS_OP_CHMOD_ACL , " chmod_acl " } ,
{ SMB_VFS_OP_FCHMOD_ACL , " fchmod_acl " } ,
{ SMB_VFS_OP_SYS_ACL_GET_ENTRY , " sys_acl_get_entry " } ,
{ SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE , " sys_acl_get_tag_type " } ,
{ SMB_VFS_OP_SYS_ACL_GET_PERMSET , " sys_acl_get_permset " } ,
{ SMB_VFS_OP_SYS_ACL_GET_QUALIFIER , " sys_acl_get_qualifier " } ,
{ SMB_VFS_OP_SYS_ACL_GET_FILE , " sys_acl_get_file " } ,
{ SMB_VFS_OP_SYS_ACL_GET_FD , " sys_acl_get_fd " } ,
{ SMB_VFS_OP_SYS_ACL_CLEAR_PERMS , " sys_acl_clear_perms " } ,
{ SMB_VFS_OP_SYS_ACL_ADD_PERM , " sys_acl_add_perm " } ,
{ SMB_VFS_OP_SYS_ACL_TO_TEXT , " sys_acl_to_text " } ,
{ SMB_VFS_OP_SYS_ACL_INIT , " sys_acl_init " } ,
{ SMB_VFS_OP_SYS_ACL_CREATE_ENTRY , " sys_acl_create_entry " } ,
{ SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE , " sys_acl_set_tag_type " } ,
{ SMB_VFS_OP_SYS_ACL_SET_QUALIFIER , " sys_acl_set_qualifier " } ,
{ SMB_VFS_OP_SYS_ACL_SET_PERMSET , " sys_acl_set_permset " } ,
{ SMB_VFS_OP_SYS_ACL_VALID , " sys_acl_valid " } ,
{ SMB_VFS_OP_SYS_ACL_SET_FILE , " sys_acl_set_file " } ,
{ SMB_VFS_OP_SYS_ACL_SET_FD , " sys_acl_set_fd " } ,
{ SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE , " sys_acl_delete_def_file " } ,
{ SMB_VFS_OP_SYS_ACL_GET_PERM , " sys_acl_get_perm " } ,
{ SMB_VFS_OP_SYS_ACL_FREE_TEXT , " sys_acl_free_text " } ,
{ SMB_VFS_OP_SYS_ACL_FREE_ACL , " sys_acl_free_acl " } ,
{ SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER , " sys_acl_free_qualifier " } ,
{ SMB_VFS_OP_GETXATTR , " getxattr " } ,
{ SMB_VFS_OP_LGETXATTR , " lgetxattr " } ,
{ SMB_VFS_OP_FGETXATTR , " fgetxattr " } ,
{ SMB_VFS_OP_LISTXATTR , " listxattr " } ,
{ SMB_VFS_OP_LLISTXATTR , " llistxattr " } ,
{ SMB_VFS_OP_FLISTXATTR , " flistxattr " } ,
{ SMB_VFS_OP_REMOVEXATTR , " removexattr " } ,
{ SMB_VFS_OP_LREMOVEXATTR , " lremovexattr " } ,
{ SMB_VFS_OP_FREMOVEXATTR , " fremovexattr " } ,
{ SMB_VFS_OP_SETXATTR , " setxattr " } ,
{ SMB_VFS_OP_LSETXATTR , " lsetxattr " } ,
{ SMB_VFS_OP_FSETXATTR , " fsetxattr " } ,
2005-06-28 02:53:56 +04:00
{ SMB_VFS_OP_AIO_READ , " aio_read " } ,
{ SMB_VFS_OP_AIO_WRITE , " aio_write " } ,
{ SMB_VFS_OP_AIO_RETURN , " aio_return " } ,
{ SMB_VFS_OP_AIO_CANCEL , " aio_cancel " } ,
{ SMB_VFS_OP_AIO_ERROR , " aio_error " } ,
{ SMB_VFS_OP_AIO_FSYNC , " aio_fsync " } ,
{ SMB_VFS_OP_AIO_SUSPEND , " aio_suspend " } ,
2008-03-21 12:20:53 +03:00
{ SMB_VFS_OP_AIO_FORCE , " aio_force " } ,
2011-02-25 16:28:30 +03:00
{ SMB_VFS_OP_IS_OFFLINE , " is_offline " } ,
{ SMB_VFS_OP_SET_OFFLINE , " set_offline " } ,
2004-04-29 16:11:59 +04:00
{ SMB_VFS_OP_LAST , NULL }
2009-02-10 23:14:39 +03:00
} ;
2004-04-29 16:11:59 +04:00
static int audit_syslog_facility ( vfs_handle_struct * handle )
{
2005-09-29 19:57:21 +04:00
static const struct enum_list enum_log_facilities [ ] = {
{ LOG_USER , " USER " } ,
{ LOG_LOCAL0 , " LOCAL0 " } ,
{ LOG_LOCAL1 , " LOCAL1 " } ,
{ LOG_LOCAL2 , " LOCAL2 " } ,
{ LOG_LOCAL3 , " LOCAL3 " } ,
{ LOG_LOCAL4 , " LOCAL4 " } ,
{ LOG_LOCAL5 , " LOCAL5 " } ,
{ LOG_LOCAL6 , " LOCAL6 " } ,
{ LOG_LOCAL7 , " LOCAL7 " }
} ;
int facility ;
facility = lp_parm_enum ( SNUM ( handle - > conn ) , " full_audit " , " facility " , enum_log_facilities , LOG_USER ) ;
return facility ;
2004-04-29 16:11:59 +04:00
}
static int audit_syslog_priority ( vfs_handle_struct * handle )
{
2005-09-29 19:57:21 +04:00
static const struct enum_list enum_log_priorities [ ] = {
{ LOG_EMERG , " EMERG " } ,
{ LOG_ALERT , " ALERT " } ,
{ LOG_CRIT , " CRIT " } ,
{ LOG_ERR , " ERR " } ,
{ LOG_WARNING , " WARNING " } ,
{ LOG_NOTICE , " NOTICE " } ,
{ LOG_INFO , " INFO " } ,
{ LOG_DEBUG , " DEBUG " }
} ;
int priority ;
2008-03-23 19:50:55 +03:00
priority = lp_parm_enum ( SNUM ( handle - > conn ) , " full_audit " , " priority " ,
enum_log_priorities , LOG_NOTICE ) ;
if ( priority = = - 1 ) {
priority = LOG_WARNING ;
}
2005-09-29 19:57:21 +04:00
return priority ;
2004-04-29 16:11:59 +04:00
}
2007-11-17 04:07:11 +03:00
static char * audit_prefix ( TALLOC_CTX * ctx , connection_struct * conn )
2004-04-29 16:11:59 +04:00
{
2007-11-17 04:07:11 +03:00
char * prefix = NULL ;
2009-01-05 15:32:53 +03:00
char * result ;
2004-04-29 16:11:59 +04:00
2007-11-17 04:07:11 +03:00
prefix = talloc_strdup ( ctx ,
lp_parm_const_string ( SNUM ( conn ) , " full_audit " ,
2004-04-29 16:11:59 +04:00
" prefix " , " %u|%I " ) ) ;
2007-11-17 04:07:11 +03:00
if ( ! prefix ) {
return NULL ;
}
2009-01-05 15:32:53 +03:00
result = talloc_sub_advanced ( ctx ,
2008-05-08 18:06:42 +04:00
lp_servicename ( SNUM ( conn ) ) ,
2011-02-21 12:25:52 +03:00
conn - > session_info - > unix_name ,
2008-05-08 17:53:55 +04:00
conn - > connectpath ,
2011-02-21 12:25:52 +03:00
conn - > session_info - > utok . gid ,
conn - > session_info - > sanitized_username ,
conn - > session_info - > info3 - > base . domain . string ,
2007-11-17 04:07:11 +03:00
prefix ) ;
2009-01-05 15:32:53 +03:00
TALLOC_FREE ( prefix ) ;
return result ;
2004-04-29 16:11:59 +04:00
}
2007-10-19 04:40:25 +04:00
static bool log_success ( vfs_handle_struct * handle , vfs_op_type op )
2004-04-29 16:11:59 +04:00
{
2006-01-19 03:34:48 +03:00
struct vfs_full_audit_private_data * pd = NULL ;
SMB_VFS_HANDLE_GET_DATA ( handle , pd ,
struct vfs_full_audit_private_data ,
return True ) ;
if ( pd - > success_ops = = NULL ) {
2004-04-29 16:11:59 +04:00
return True ;
2006-01-19 03:34:48 +03:00
}
2004-04-29 16:11:59 +04:00
2006-01-19 03:34:48 +03:00
return bitmap_query ( pd - > success_ops , op ) ;
2004-04-29 16:11:59 +04:00
}
2007-10-19 04:40:25 +04:00
static bool log_failure ( vfs_handle_struct * handle , vfs_op_type op )
2004-04-29 16:11:59 +04:00
{
2006-01-19 03:34:48 +03:00
struct vfs_full_audit_private_data * pd = NULL ;
SMB_VFS_HANDLE_GET_DATA ( handle , pd ,
struct vfs_full_audit_private_data ,
return True ) ;
if ( pd - > failure_ops = = NULL )
2004-04-29 16:11:59 +04:00
return True ;
2006-01-19 03:34:48 +03:00
return bitmap_query ( pd - > failure_ops , op ) ;
2004-04-29 16:11:59 +04:00
}
2010-03-28 16:26:53 +04:00
static struct bitmap * init_bitmap ( TALLOC_CTX * mem_ctx , const char * * ops )
2004-04-29 16:11:59 +04:00
{
2010-03-28 16:26:53 +04:00
struct bitmap * bm ;
2004-04-29 16:11:59 +04:00
2010-02-18 17:13:59 +03:00
if ( ops = = NULL ) {
2010-03-28 16:26:53 +04:00
return NULL ;
2010-02-18 17:13:59 +03:00
}
2004-04-29 16:11:59 +04:00
2010-03-28 16:26:53 +04:00
bm = bitmap_talloc ( mem_ctx , SMB_VFS_OP_LAST ) ;
if ( bm = = NULL ) {
2004-04-29 16:11:59 +04:00
DEBUG ( 0 , ( " Could not alloc bitmap -- "
" defaulting to logging everything \n " ) ) ;
2010-03-28 16:26:53 +04:00
return NULL ;
2004-04-29 16:11:59 +04:00
}
2010-02-18 17:13:59 +03:00
for ( ; * ops ! = NULL ; ops + = 1 ) {
2004-04-29 16:11:59 +04:00
int i ;
2010-02-18 17:13:59 +03:00
bool neg = false ;
const char * op ;
2004-04-29 16:11:59 +04:00
if ( strequal ( * ops , " all " ) ) {
2010-02-18 17:13:59 +03:00
for ( i = 0 ; i < SMB_VFS_OP_LAST ; i + + ) {
2010-03-28 16:26:53 +04:00
bitmap_set ( bm , i ) ;
2010-02-18 17:13:59 +03:00
}
continue ;
2004-04-29 16:11:59 +04:00
}
2006-01-19 03:34:48 +03:00
if ( strequal ( * ops , " none " ) ) {
break ;
}
2010-02-18 17:13:59 +03:00
op = ops [ 0 ] ;
if ( op [ 0 ] = = ' ! ' ) {
neg = true ;
op + = 1 ;
}
2004-04-29 16:11:59 +04:00
for ( i = 0 ; i < SMB_VFS_OP_LAST ; i + + ) {
2005-05-13 16:05:14 +04:00
if ( vfs_op_names [ i ] . name = = NULL ) {
smb_panic ( " vfs_full_audit.c: name table not "
" in sync with vfs.h \n " ) ;
}
2010-02-18 17:13:59 +03:00
if ( strequal ( op , vfs_op_names [ i ] . name ) ) {
if ( neg ) {
2010-03-28 16:26:53 +04:00
bitmap_clear ( bm , i ) ;
2010-02-18 17:13:59 +03:00
} else {
2010-03-28 16:26:53 +04:00
bitmap_set ( bm , i ) ;
2010-02-18 17:13:59 +03:00
}
break ;
2004-04-29 16:11:59 +04:00
}
}
2010-02-18 17:13:59 +03:00
if ( i = = SMB_VFS_OP_LAST ) {
2004-04-29 16:11:59 +04:00
DEBUG ( 0 , ( " Could not find opname %s, logging all \n " ,
* ops ) ) ;
2010-03-28 16:26:53 +04:00
TALLOC_FREE ( bm ) ;
return NULL ;
2004-04-29 16:11:59 +04:00
}
}
2010-03-28 16:26:53 +04:00
return bm ;
2004-04-29 16:11:59 +04:00
}
static const char * audit_opname ( vfs_op_type op )
{
if ( op > = SMB_VFS_OP_LAST )
return " INVALID VFS OP " ;
return vfs_op_names [ op ] . name ;
}
2009-07-01 10:08:02 +04:00
static TALLOC_CTX * tmp_do_log_ctx ;
/*
* Get us a temporary talloc context usable just for DEBUG arguments
*/
static TALLOC_CTX * do_log_ctx ( void )
{
if ( tmp_do_log_ctx = = NULL ) {
tmp_do_log_ctx = talloc_named_const ( NULL , 0 , " do_log_ctx " ) ;
}
return tmp_do_log_ctx ;
}
2007-10-19 04:40:25 +04:00
static void do_log ( vfs_op_type op , bool success , vfs_handle_struct * handle ,
2004-04-29 16:11:59 +04:00
const char * format , . . . )
{
fstring err_msg ;
2007-11-17 04:07:11 +03:00
char * audit_pre = NULL ;
2004-04-29 16:11:59 +04:00
va_list ap ;
2007-11-17 04:07:11 +03:00
char * op_msg = NULL ;
2009-08-26 05:38:14 +04:00
int priority ;
2004-04-29 16:11:59 +04:00
2006-01-19 03:34:48 +03:00
if ( success & & ( ! log_success ( handle , op ) ) )
2009-07-01 10:08:02 +04:00
goto out ;
2004-04-29 16:11:59 +04:00
2006-01-19 03:34:48 +03:00
if ( ! success & & ( ! log_failure ( handle , op ) ) )
2009-07-01 10:08:02 +04:00
goto out ;
2004-04-29 16:11:59 +04:00
if ( success )
fstrcpy ( err_msg , " ok " ) ;
else
fstr_sprintf ( err_msg , " fail (%s) " , strerror ( errno ) ) ;
va_start ( ap , format ) ;
2009-01-05 15:33:20 +03:00
op_msg = talloc_vasprintf ( talloc_tos ( ) , format , ap ) ;
2004-04-29 16:11:59 +04:00
va_end ( ap ) ;
2007-11-17 04:07:11 +03:00
if ( ! op_msg ) {
2009-07-01 10:08:02 +04:00
goto out ;
2007-11-17 04:07:11 +03:00
}
2009-08-26 05:38:14 +04:00
/*
* Specify the facility to interoperate with other syslog callers
* ( smbd for example ) .
*/
priority = audit_syslog_priority ( handle ) |
audit_syslog_facility ( handle ) ;
2009-01-05 15:33:20 +03:00
audit_pre = audit_prefix ( talloc_tos ( ) , handle - > conn ) ;
2009-08-26 05:38:14 +04:00
syslog ( priority , " %s|%s|%s|%s \n " ,
2007-11-17 04:07:11 +03:00
audit_pre ? audit_pre : " " ,
audit_opname ( op ) , err_msg , op_msg ) ;
2009-07-01 10:08:02 +04:00
out :
2007-11-17 04:07:11 +03:00
TALLOC_FREE ( audit_pre ) ;
TALLOC_FREE ( op_msg ) ;
2009-07-01 10:08:02 +04:00
TALLOC_FREE ( tmp_do_log_ctx ) ;
2004-04-29 16:11:59 +04:00
return ;
}
2009-07-01 10:08:02 +04:00
/**
* Return a string using the do_log_ctx ( )
*/
static const char * smb_fname_str_do_log ( const struct smb_filename * smb_fname )
{
char * fname = NULL ;
NTSTATUS status ;
if ( smb_fname = = NULL ) {
return " " ;
}
status = get_full_smb_filename ( do_log_ctx ( ) , smb_fname , & fname ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return " " ;
}
return fname ;
}
2009-07-11 05:11:32 +04:00
/**
* Return an fsp debug string using the do_log_ctx ( )
*/
static const char * fsp_str_do_log ( const struct files_struct * fsp )
{
return smb_fname_str_do_log ( fsp - > fsp_name ) ;
}
2009-07-01 10:08:02 +04:00
2004-04-29 16:11:59 +04:00
/* Implementation of vfs_ops. Pass everything on to the default
operation but log event first . */
2006-07-11 22:01:26 +04:00
static int smb_full_audit_connect ( vfs_handle_struct * handle ,
2004-04-29 16:11:59 +04:00
const char * svc , const char * user )
{
int result ;
2006-01-19 03:34:48 +03:00
struct vfs_full_audit_private_data * pd = NULL ;
2004-04-29 16:11:59 +04:00
2009-12-01 02:53:04 +03:00
result = SMB_VFS_NEXT_CONNECT ( handle , svc , user ) ;
if ( result < 0 ) {
return result ;
2006-03-13 21:42:57 +03:00
}
2010-03-28 16:26:53 +04:00
pd = TALLOC_ZERO_P ( handle , struct vfs_full_audit_private_data ) ;
2006-01-19 03:34:48 +03:00
if ( ! pd ) {
2009-12-01 02:53:04 +03:00
SMB_VFS_NEXT_DISCONNECT ( handle ) ;
2006-01-19 03:34:48 +03:00
return - 1 ;
}
2009-08-26 05:38:14 +04:00
# ifndef WITH_SYSLOG
2004-04-29 16:11:59 +04:00
openlog ( " smbd_audit " , 0 , audit_syslog_facility ( handle ) ) ;
2009-08-26 05:38:14 +04:00
# endif
2004-04-29 16:11:59 +04:00
2010-03-28 16:26:53 +04:00
pd - > success_ops = init_bitmap (
pd , lp_parm_string_list ( SNUM ( handle - > conn ) , " full_audit " ,
" success " , NULL ) ) ;
pd - > failure_ops = init_bitmap (
pd , lp_parm_string_list ( SNUM ( handle - > conn ) , " full_audit " ,
" failure " , NULL ) ) ;
2004-04-29 16:11:59 +04:00
2006-01-19 03:34:48 +03:00
/* Store the private data. */
2010-03-28 16:26:53 +04:00
SMB_VFS_HANDLE_SET_DATA ( handle , pd , NULL ,
2006-01-19 03:34:48 +03:00
struct vfs_full_audit_private_data , return - 1 ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_CONNECT , True , handle ,
" %s " , svc ) ;
2009-12-01 02:53:04 +03:00
return 0 ;
2004-04-29 16:11:59 +04:00
}
2006-07-11 22:01:26 +04:00
static void smb_full_audit_disconnect ( vfs_handle_struct * handle )
2004-04-29 16:11:59 +04:00
{
2006-07-11 22:01:26 +04:00
SMB_VFS_NEXT_DISCONNECT ( handle ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_DISCONNECT , True , handle ,
2006-07-11 22:01:26 +04:00
" %s " , lp_servicename ( SNUM ( handle - > conn ) ) ) ;
2004-04-29 16:11:59 +04:00
2006-01-19 03:34:48 +03:00
/* The bitmaps will be disconnected when the private
data is deleted . */
2004-04-29 16:11:59 +04:00
return ;
}
2008-10-14 03:59:36 +04:00
static uint64_t smb_full_audit_disk_free ( vfs_handle_struct * handle ,
2006-07-11 22:01:26 +04:00
const char * path ,
2008-10-14 03:59:36 +04:00
bool small_query , uint64_t * bsize ,
uint64_t * dfree , uint64_t * dsize )
2004-04-29 16:11:59 +04:00
{
2008-10-14 03:59:36 +04:00
uint64_t result ;
2004-04-29 16:11:59 +04:00
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_DISK_FREE ( handle , path , small_query , bsize ,
2004-04-29 16:11:59 +04:00
dfree , dsize ) ;
/* Don't have a reasonable notion of failure here */
do_log ( SMB_VFS_OP_DISK_FREE , True , handle , " %s " , path ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static int smb_full_audit_get_quota ( struct vfs_handle_struct * handle ,
2004-04-29 16:11:59 +04:00
enum SMB_QUOTA_TYPE qtype , unid_t id ,
SMB_DISK_QUOTA * qt )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_GET_QUOTA ( handle , qtype , id , qt ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_GET_QUOTA , ( result > = 0 ) , handle , " " ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static int smb_full_audit_set_quota ( struct vfs_handle_struct * handle ,
2004-04-29 16:11:59 +04:00
enum SMB_QUOTA_TYPE qtype , unid_t id ,
SMB_DISK_QUOTA * qt )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_SET_QUOTA ( handle , qtype , id , qt ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_SET_QUOTA , ( result > = 0 ) , handle , " " ) ;
return result ;
}
2005-03-16 03:40:28 +03:00
static int smb_full_audit_get_shadow_copy_data ( struct vfs_handle_struct * handle ,
struct files_struct * fsp ,
2007-10-19 04:40:25 +04:00
SHADOW_COPY_DATA * shadow_copy_data , bool labels )
2005-03-16 03:40:28 +03:00
{
int result ;
result = SMB_VFS_NEXT_GET_SHADOW_COPY_DATA ( handle , fsp , shadow_copy_data , labels ) ;
do_log ( SMB_VFS_OP_GET_SHADOW_COPY_DATA , ( result > = 0 ) , handle , " " ) ;
return result ;
}
2005-10-20 21:33:17 +04:00
static int smb_full_audit_statvfs ( struct vfs_handle_struct * handle ,
const char * path ,
struct vfs_statvfs_struct * statbuf )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_STATVFS ( handle , path , statbuf ) ;
2005-10-20 21:33:17 +04:00
do_log ( SMB_VFS_OP_STATVFS , ( result > = 0 ) , handle , " " ) ;
return result ;
}
2009-08-25 07:57:37 +04:00
static uint32_t smb_full_audit_fs_capabilities ( struct vfs_handle_struct * handle , enum timestamp_set_resolution * p_ts_res )
2009-02-10 23:14:39 +03:00
{
int result ;
2009-08-25 07:57:37 +04:00
result = SMB_VFS_NEXT_FS_CAPABILITIES ( handle , p_ts_res ) ;
2009-02-10 23:14:39 +03:00
do_log ( SMB_VFS_OP_FS_CAPABILITIES , true , handle , " " ) ;
return result ;
}
2006-07-11 22:01:26 +04:00
static SMB_STRUCT_DIR * smb_full_audit_opendir ( vfs_handle_struct * handle ,
2005-06-25 07:03:44 +04:00
const char * fname , const char * mask , uint32 attr )
2004-04-29 16:11:59 +04:00
{
2005-08-22 22:03:08 +04:00
SMB_STRUCT_DIR * result ;
2004-04-29 16:11:59 +04:00
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_OPENDIR ( handle , fname , mask , attr ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_OPENDIR , ( result ! = NULL ) , handle , " %s " , fname ) ;
return result ;
}
2011-02-09 02:07:48 +03:00
static SMB_STRUCT_DIR * smb_full_audit_fdopendir ( vfs_handle_struct * handle ,
files_struct * fsp , const char * mask , uint32 attr )
{
SMB_STRUCT_DIR * result ;
result = SMB_VFS_NEXT_FDOPENDIR ( handle , fsp , mask , attr ) ;
do_log ( SMB_VFS_OP_FDOPENDIR , ( result ! = NULL ) , handle , " %s " ,
fsp_str_do_log ( fsp ) ) ;
return result ;
}
2004-11-11 02:02:48 +03:00
static SMB_STRUCT_DIRENT * smb_full_audit_readdir ( vfs_handle_struct * handle ,
2009-01-23 07:14:38 +03:00
SMB_STRUCT_DIR * dirp , SMB_STRUCT_STAT * sbuf )
2004-04-29 16:11:59 +04:00
{
2004-11-11 02:02:48 +03:00
SMB_STRUCT_DIRENT * result ;
2004-04-29 16:11:59 +04:00
2009-01-23 07:14:38 +03:00
result = SMB_VFS_NEXT_READDIR ( handle , dirp , sbuf ) ;
2004-04-29 16:11:59 +04:00
/* This operation has no reasonable error condition
* ( End of dir is also failure ) , so always succeed .
*/
do_log ( SMB_VFS_OP_READDIR , True , handle , " " ) ;
return result ;
}
2006-07-11 22:01:26 +04:00
static void smb_full_audit_seekdir ( vfs_handle_struct * handle ,
2005-08-22 22:03:08 +04:00
SMB_STRUCT_DIR * dirp , long offset )
2004-11-11 02:02:48 +03:00
{
2006-07-11 22:01:26 +04:00
SMB_VFS_NEXT_SEEKDIR ( handle , dirp , offset ) ;
2004-11-11 02:02:48 +03:00
do_log ( SMB_VFS_OP_SEEKDIR , True , handle , " " ) ;
return ;
}
2006-07-11 22:01:26 +04:00
static long smb_full_audit_telldir ( vfs_handle_struct * handle ,
2005-08-22 22:03:08 +04:00
SMB_STRUCT_DIR * dirp )
2004-11-11 02:02:48 +03:00
{
long result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_TELLDIR ( handle , dirp ) ;
2004-11-11 02:02:48 +03:00
2005-09-15 15:02:03 +04:00
do_log ( SMB_VFS_OP_TELLDIR , True , handle , " " ) ;
2004-11-11 02:02:48 +03:00
return result ;
}
2006-07-11 22:01:26 +04:00
static void smb_full_audit_rewinddir ( vfs_handle_struct * handle ,
2005-08-22 22:03:08 +04:00
SMB_STRUCT_DIR * dirp )
2004-11-11 02:02:48 +03:00
{
2006-07-11 22:01:26 +04:00
SMB_VFS_NEXT_REWINDDIR ( handle , dirp ) ;
2004-11-11 02:02:48 +03:00
do_log ( SMB_VFS_OP_REWINDDIR , True , handle , " " ) ;
return ;
}
2006-07-11 22:01:26 +04:00
static int smb_full_audit_mkdir ( vfs_handle_struct * handle ,
2004-04-29 16:11:59 +04:00
const char * path , mode_t mode )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_MKDIR ( handle , path , mode ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_MKDIR , ( result > = 0 ) , handle , " %s " , path ) ;
return result ;
}
2006-07-11 22:01:26 +04:00
static int smb_full_audit_rmdir ( vfs_handle_struct * handle ,
2004-04-29 16:11:59 +04:00
const char * path )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_RMDIR ( handle , path ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_RMDIR , ( result > = 0 ) , handle , " %s " , path ) ;
return result ;
}
2006-07-11 22:01:26 +04:00
static int smb_full_audit_closedir ( vfs_handle_struct * handle ,
2005-08-22 22:03:08 +04:00
SMB_STRUCT_DIR * dirp )
2004-04-29 16:11:59 +04:00
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_CLOSEDIR ( handle , dirp ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_CLOSEDIR , ( result > = 0 ) , handle , " " ) ;
return result ;
}
2009-02-03 08:37:51 +03:00
static void smb_full_audit_init_search_op ( vfs_handle_struct * handle ,
SMB_STRUCT_DIR * dirp )
{
SMB_VFS_NEXT_INIT_SEARCH_OP ( handle , dirp ) ;
do_log ( SMB_VFS_OP_INIT_SEARCH_OP , True , handle , " " ) ;
return ;
}
2006-07-11 22:01:26 +04:00
static int smb_full_audit_open ( vfs_handle_struct * handle ,
2009-06-16 23:01:13 +04:00
struct smb_filename * smb_fname ,
files_struct * fsp , int flags , mode_t mode )
2004-04-29 16:11:59 +04:00
{
int result ;
2009-06-16 23:01:13 +04:00
result = SMB_VFS_NEXT_OPEN ( handle , smb_fname , fsp , flags , mode ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_OPEN , ( result > = 0 ) , handle , " %s|%s " ,
( ( flags & O_WRONLY ) | | ( flags & O_RDWR ) ) ? " w " : " r " ,
2009-07-01 10:08:02 +04:00
smb_fname_str_do_log ( smb_fname ) ) ;
2004-04-29 16:11:59 +04:00
return result ;
}
2008-11-24 01:37:37 +03:00
static NTSTATUS smb_full_audit_create_file ( vfs_handle_struct * handle ,
struct smb_request * req ,
uint16_t root_dir_fid ,
2009-06-12 23:54:11 +04:00
struct smb_filename * smb_fname ,
2008-11-24 01:37:37 +03:00
uint32_t access_mask ,
uint32_t share_access ,
uint32_t create_disposition ,
uint32_t create_options ,
uint32_t file_attributes ,
uint32_t oplock_request ,
uint64_t allocation_size ,
2010-03-06 02:10:30 +03:00
uint32_t private_flags ,
2008-11-24 01:37:37 +03:00
struct security_descriptor * sd ,
struct ea_list * ea_list ,
files_struct * * result_fsp ,
2009-06-12 23:54:11 +04:00
int * pinfo )
2008-11-24 01:37:37 +03:00
{
NTSTATUS result ;
2009-08-26 05:38:07 +04:00
const char * str_create_disposition ;
switch ( create_disposition ) {
case FILE_SUPERSEDE :
str_create_disposition = " supersede " ;
break ;
case FILE_OVERWRITE_IF :
str_create_disposition = " overwrite_if " ;
break ;
case FILE_OPEN :
str_create_disposition = " open " ;
break ;
case FILE_OVERWRITE :
str_create_disposition = " overwrite " ;
break ;
case FILE_CREATE :
str_create_disposition = " create " ;
break ;
case FILE_OPEN_IF :
str_create_disposition = " open_if " ;
break ;
default :
str_create_disposition = " unknown " ;
}
2008-11-24 01:37:37 +03:00
result = SMB_VFS_NEXT_CREATE_FILE (
handle , /* handle */
req , /* req */
root_dir_fid , /* root_dir_fid */
2009-06-12 23:54:11 +04:00
smb_fname , /* fname */
2008-11-24 01:37:37 +03:00
access_mask , /* access_mask */
share_access , /* share_access */
create_disposition , /* create_disposition*/
create_options , /* create_options */
file_attributes , /* file_attributes */
oplock_request , /* oplock_request */
allocation_size , /* allocation_size */
2010-03-06 02:10:30 +03:00
private_flags ,
2008-11-24 01:37:37 +03:00
sd , /* sd */
ea_list , /* ea_list */
result_fsp , /* result */
2009-06-12 23:54:11 +04:00
pinfo ) ; /* pinfo */
2008-11-24 01:37:37 +03:00
2009-08-26 05:38:07 +04:00
do_log ( SMB_VFS_OP_CREATE_FILE , ( NT_STATUS_IS_OK ( result ) ) , handle ,
" 0x%x|%s|%s|%s " , access_mask ,
create_options & FILE_DIRECTORY_FILE ? " dir " : " file " ,
str_create_disposition , smb_fname_str_do_log ( smb_fname ) ) ;
2008-11-24 01:37:37 +03:00
return result ;
}
2008-01-11 16:19:28 +03:00
static int smb_full_audit_close ( vfs_handle_struct * handle , files_struct * fsp )
2004-04-29 16:11:59 +04:00
{
int result ;
2008-01-11 16:19:28 +03:00
result = SMB_VFS_NEXT_CLOSE ( handle , fsp ) ;
2004-04-29 16:11:59 +04:00
2009-07-11 05:11:32 +04:00
do_log ( SMB_VFS_OP_CLOSE , ( result > = 0 ) , handle , " %s " ,
fsp_str_do_log ( fsp ) ) ;
2004-04-29 16:11:59 +04:00
return result ;
}
2004-08-31 19:11:41 +04:00
static ssize_t smb_full_audit_read ( vfs_handle_struct * handle , files_struct * fsp ,
2008-01-10 17:33:51 +03:00
void * data , size_t n )
2004-04-29 16:11:59 +04:00
{
ssize_t result ;
2008-01-10 17:33:51 +03:00
result = SMB_VFS_NEXT_READ ( handle , fsp , data , n ) ;
2004-04-29 16:11:59 +04:00
2009-07-11 05:11:32 +04:00
do_log ( SMB_VFS_OP_READ , ( result > = 0 ) , handle , " %s " ,
fsp_str_do_log ( fsp ) ) ;
2004-04-29 16:11:59 +04:00
return result ;
}
2004-08-31 19:11:41 +04:00
static ssize_t smb_full_audit_pread ( vfs_handle_struct * handle , files_struct * fsp ,
2008-01-07 02:14:19 +03:00
void * data , size_t n , SMB_OFF_T offset )
2004-04-29 16:11:59 +04:00
{
ssize_t result ;
2008-01-07 02:14:19 +03:00
result = SMB_VFS_NEXT_PREAD ( handle , fsp , data , n , offset ) ;
2004-04-29 16:11:59 +04:00
2009-07-11 05:11:32 +04:00
do_log ( SMB_VFS_OP_PREAD , ( result > = 0 ) , handle , " %s " ,
fsp_str_do_log ( fsp ) ) ;
2004-04-29 16:11:59 +04:00
return result ;
}
2004-08-31 19:11:41 +04:00
static ssize_t smb_full_audit_write ( vfs_handle_struct * handle , files_struct * fsp ,
2008-01-10 17:49:35 +03:00
const void * data , size_t n )
2004-04-29 16:11:59 +04:00
{
ssize_t result ;
2008-01-10 17:49:35 +03:00
result = SMB_VFS_NEXT_WRITE ( handle , fsp , data , n ) ;
2004-04-29 16:11:59 +04:00
2009-07-11 05:11:32 +04:00
do_log ( SMB_VFS_OP_WRITE , ( result > = 0 ) , handle , " %s " ,
fsp_str_do_log ( fsp ) ) ;
2004-04-29 16:11:59 +04:00
return result ;
}
2004-08-31 19:11:41 +04:00
static ssize_t smb_full_audit_pwrite ( vfs_handle_struct * handle , files_struct * fsp ,
2008-01-07 11:23:04 +03:00
const void * data , size_t n ,
2004-04-29 16:11:59 +04:00
SMB_OFF_T offset )
{
ssize_t result ;
2008-01-07 11:23:04 +03:00
result = SMB_VFS_NEXT_PWRITE ( handle , fsp , data , n , offset ) ;
2004-04-29 16:11:59 +04:00
2009-07-11 05:11:32 +04:00
do_log ( SMB_VFS_OP_PWRITE , ( result > = 0 ) , handle , " %s " ,
fsp_str_do_log ( fsp ) ) ;
2004-04-29 16:11:59 +04:00
return result ;
}
2004-08-31 19:11:41 +04:00
static SMB_OFF_T smb_full_audit_lseek ( vfs_handle_struct * handle , files_struct * fsp ,
2008-01-07 12:15:08 +03:00
SMB_OFF_T offset , int whence )
2004-04-29 16:11:59 +04:00
{
ssize_t result ;
2008-01-07 12:15:08 +03:00
result = SMB_VFS_NEXT_LSEEK ( handle , fsp , offset , whence ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_LSEEK , ( result ! = ( ssize_t ) - 1 ) , handle ,
2009-07-11 05:11:32 +04:00
" %s " , fsp_str_do_log ( fsp ) ) ;
2004-04-29 16:11:59 +04:00
return result ;
}
2004-08-31 19:11:41 +04:00
static ssize_t smb_full_audit_sendfile ( vfs_handle_struct * handle , int tofd ,
2008-01-11 02:51:19 +03:00
files_struct * fromfsp ,
2004-04-29 16:11:59 +04:00
const DATA_BLOB * hdr , SMB_OFF_T offset ,
size_t n )
{
ssize_t result ;
2008-01-11 02:51:19 +03:00
result = SMB_VFS_NEXT_SENDFILE ( handle , tofd , fromfsp , hdr , offset , n ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_SENDFILE , ( result > = 0 ) , handle ,
2009-07-11 05:11:32 +04:00
" %s " , fsp_str_do_log ( fromfsp ) ) ;
2007-10-30 03:16:13 +03:00
return result ;
}
static ssize_t smb_full_audit_recvfile ( vfs_handle_struct * handle , int fromfd ,
2008-01-11 03:26:54 +03:00
files_struct * tofsp ,
2007-10-30 03:16:13 +03:00
SMB_OFF_T offset ,
size_t n )
{
ssize_t result ;
2008-01-11 03:26:54 +03:00
result = SMB_VFS_NEXT_RECVFILE ( handle , fromfd , tofsp , offset , n ) ;
2007-10-30 03:16:13 +03:00
do_log ( SMB_VFS_OP_RECVFILE , ( result > = 0 ) , handle ,
2009-07-11 05:11:32 +04:00
" %s " , fsp_str_do_log ( tofsp ) ) ;
2004-04-29 16:11:59 +04:00
return result ;
}
2006-07-11 22:01:26 +04:00
static int smb_full_audit_rename ( vfs_handle_struct * handle ,
2009-07-01 04:04:38 +04:00
const struct smb_filename * smb_fname_src ,
const struct smb_filename * smb_fname_dst )
2004-04-29 16:11:59 +04:00
{
int result ;
2009-07-01 04:04:38 +04:00
result = SMB_VFS_NEXT_RENAME ( handle , smb_fname_src , smb_fname_dst ) ;
2004-04-29 16:11:59 +04:00
2009-07-01 04:04:38 +04:00
do_log ( SMB_VFS_OP_RENAME , ( result > = 0 ) , handle , " %s|%s " ,
2009-07-01 10:08:02 +04:00
smb_fname_str_do_log ( smb_fname_src ) ,
smb_fname_str_do_log ( smb_fname_dst ) ) ;
2004-04-29 16:11:59 +04:00
return result ;
}
2008-01-07 14:49:02 +03:00
static int smb_full_audit_fsync ( vfs_handle_struct * handle , files_struct * fsp )
2004-04-29 16:11:59 +04:00
{
int result ;
2008-01-07 14:49:02 +03:00
result = SMB_VFS_NEXT_FSYNC ( handle , fsp ) ;
2004-04-29 16:11:59 +04:00
2009-07-11 05:11:32 +04:00
do_log ( SMB_VFS_OP_FSYNC , ( result > = 0 ) , handle , " %s " ,
fsp_str_do_log ( fsp ) ) ;
2004-04-29 16:11:59 +04:00
return result ;
}
2006-07-11 22:01:26 +04:00
static int smb_full_audit_stat ( vfs_handle_struct * handle ,
2009-06-23 02:26:56 +04:00
struct smb_filename * smb_fname )
2004-04-29 16:11:59 +04:00
{
int result ;
2009-06-23 02:26:56 +04:00
result = SMB_VFS_NEXT_STAT ( handle , smb_fname ) ;
2004-04-29 16:11:59 +04:00
2009-06-23 02:26:56 +04:00
do_log ( SMB_VFS_OP_STAT , ( result > = 0 ) , handle , " %s " ,
2009-07-01 10:08:02 +04:00
smb_fname_str_do_log ( smb_fname ) ) ;
2004-04-29 16:11:59 +04:00
return result ;
}
2008-01-07 15:21:26 +03:00
static int smb_full_audit_fstat ( vfs_handle_struct * handle , files_struct * fsp ,
2004-04-29 16:11:59 +04:00
SMB_STRUCT_STAT * sbuf )
{
int result ;
2008-01-07 15:21:26 +03:00
result = SMB_VFS_NEXT_FSTAT ( handle , fsp , sbuf ) ;
2004-04-29 16:11:59 +04:00
2009-07-11 05:11:32 +04:00
do_log ( SMB_VFS_OP_FSTAT , ( result > = 0 ) , handle , " %s " ,
fsp_str_do_log ( fsp ) ) ;
2004-04-29 16:11:59 +04:00
return result ;
}
2006-07-11 22:01:26 +04:00
static int smb_full_audit_lstat ( vfs_handle_struct * handle ,
2009-06-23 02:26:56 +04:00
struct smb_filename * smb_fname )
2004-04-29 16:11:59 +04:00
{
int result ;
2009-06-23 02:26:56 +04:00
result = SMB_VFS_NEXT_LSTAT ( handle , smb_fname ) ;
2004-04-29 16:11:59 +04:00
2009-06-23 02:26:56 +04:00
do_log ( SMB_VFS_OP_LSTAT , ( result > = 0 ) , handle , " %s " ,
2009-07-01 10:08:02 +04:00
smb_fname_str_do_log ( smb_fname ) ) ;
2004-04-29 16:11:59 +04:00
return result ;
}
2009-07-19 04:32:44 +04:00
static uint64_t smb_full_audit_get_alloc_size ( vfs_handle_struct * handle ,
2009-01-27 02:39:40 +03:00
files_struct * fsp , const SMB_STRUCT_STAT * sbuf )
{
2010-04-06 00:50:59 +04:00
uint64_t result ;
2009-01-27 02:39:40 +03:00
result = SMB_VFS_NEXT_GET_ALLOC_SIZE ( handle , fsp , sbuf ) ;
2010-04-06 00:50:59 +04:00
do_log ( SMB_VFS_OP_GET_ALLOC_SIZE , ( result ! = ( uint64_t ) - 1 ) , handle ,
" %llu " , result ) ;
2009-01-27 02:39:40 +03:00
return result ;
}
2006-07-11 22:01:26 +04:00
static int smb_full_audit_unlink ( vfs_handle_struct * handle ,
2009-07-02 20:27:44 +04:00
const struct smb_filename * smb_fname )
2004-04-29 16:11:59 +04:00
{
int result ;
2009-07-02 20:27:44 +04:00
result = SMB_VFS_NEXT_UNLINK ( handle , smb_fname ) ;
2004-04-29 16:11:59 +04:00
2009-07-02 20:27:44 +04:00
do_log ( SMB_VFS_OP_UNLINK , ( result > = 0 ) , handle , " %s " ,
smb_fname_str_do_log ( smb_fname ) ) ;
2004-04-29 16:11:59 +04:00
return result ;
}
2006-07-11 22:01:26 +04:00
static int smb_full_audit_chmod ( vfs_handle_struct * handle ,
2004-04-29 16:11:59 +04:00
const char * path , mode_t mode )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_CHMOD ( handle , path , mode ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_CHMOD , ( result > = 0 ) , handle , " %s|%o " , path , mode ) ;
return result ;
}
2008-01-07 15:44:37 +03:00
static int smb_full_audit_fchmod ( vfs_handle_struct * handle , files_struct * fsp ,
2004-04-29 16:11:59 +04:00
mode_t mode )
{
int result ;
2008-01-07 15:44:37 +03:00
result = SMB_VFS_NEXT_FCHMOD ( handle , fsp , mode ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_FCHMOD , ( result > = 0 ) , handle ,
2009-07-11 05:11:32 +04:00
" %s|%o " , fsp_str_do_log ( fsp ) , mode ) ;
2004-04-29 16:11:59 +04:00
return result ;
}
2006-07-11 22:01:26 +04:00
static int smb_full_audit_chown ( vfs_handle_struct * handle ,
2004-04-29 16:11:59 +04:00
const char * path , uid_t uid , gid_t gid )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_CHOWN ( handle , path , uid , gid ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_CHOWN , ( result > = 0 ) , handle , " %s|%ld|%ld " ,
path , ( long int ) uid , ( long int ) gid ) ;
return result ;
}
2008-01-07 16:26:00 +03:00
static int smb_full_audit_fchown ( vfs_handle_struct * handle , files_struct * fsp ,
2004-04-29 16:11:59 +04:00
uid_t uid , gid_t gid )
{
int result ;
2008-01-07 16:26:00 +03:00
result = SMB_VFS_NEXT_FCHOWN ( handle , fsp , uid , gid ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_FCHOWN , ( result > = 0 ) , handle , " %s|%ld|%ld " ,
2009-07-11 05:11:32 +04:00
fsp_str_do_log ( fsp ) , ( long int ) uid , ( long int ) gid ) ;
2004-04-29 16:11:59 +04:00
return result ;
}
2007-05-24 03:55:12 +04:00
static int smb_full_audit_lchown ( vfs_handle_struct * handle ,
const char * path , uid_t uid , gid_t gid )
{
int result ;
result = SMB_VFS_NEXT_LCHOWN ( handle , path , uid , gid ) ;
do_log ( SMB_VFS_OP_LCHOWN , ( result > = 0 ) , handle , " %s|%ld|%ld " ,
path , ( long int ) uid , ( long int ) gid ) ;
return result ;
}
2006-07-11 22:01:26 +04:00
static int smb_full_audit_chdir ( vfs_handle_struct * handle ,
2004-04-29 16:11:59 +04:00
const char * path )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_CHDIR ( handle , path ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_CHDIR , ( result > = 0 ) , handle , " chdir|%s " , path ) ;
return result ;
}
2006-07-11 22:01:26 +04:00
static char * smb_full_audit_getwd ( vfs_handle_struct * handle ,
2004-04-29 16:11:59 +04:00
char * path )
{
char * result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_GETWD ( handle , path ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_GETWD , ( result ! = NULL ) , handle , " %s " , path ) ;
return result ;
}
2007-03-06 02:40:03 +03:00
static int smb_full_audit_ntimes ( vfs_handle_struct * handle ,
2009-07-03 00:39:20 +04:00
const struct smb_filename * smb_fname ,
struct smb_file_time * ft )
2004-04-29 16:11:59 +04:00
{
int result ;
2009-07-03 00:39:20 +04:00
result = SMB_VFS_NEXT_NTIMES ( handle , smb_fname , ft ) ;
2004-04-29 16:11:59 +04:00
2009-07-03 00:39:20 +04:00
do_log ( SMB_VFS_OP_NTIMES , ( result > = 0 ) , handle , " %s " ,
smb_fname_str_do_log ( smb_fname ) ) ;
2004-04-29 16:11:59 +04:00
return result ;
}
2004-08-31 19:11:41 +04:00
static int smb_full_audit_ftruncate ( vfs_handle_struct * handle , files_struct * fsp ,
2008-01-07 17:55:09 +03:00
SMB_OFF_T len )
2004-04-29 16:11:59 +04:00
{
int result ;
2008-01-07 17:55:09 +03:00
result = SMB_VFS_NEXT_FTRUNCATE ( handle , fsp , len ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_FTRUNCATE , ( result > = 0 ) , handle ,
2009-07-11 05:11:32 +04:00
" %s " , fsp_str_do_log ( fsp ) ) ;
2004-04-29 16:11:59 +04:00
return result ;
}
2010-12-18 10:08:01 +03:00
static int smb_full_audit_fallocate ( vfs_handle_struct * handle , files_struct * fsp ,
enum vfs_fallocate_mode mode ,
2010-12-03 03:25:59 +03:00
SMB_OFF_T offset ,
SMB_OFF_T len )
{
int result ;
2010-12-18 10:08:01 +03:00
result = SMB_VFS_NEXT_FALLOCATE ( handle , fsp , mode , offset , len ) ;
2010-12-03 03:25:59 +03:00
2010-12-18 10:08:01 +03:00
do_log ( SMB_VFS_OP_FALLOCATE , ( result > = 0 ) , handle ,
2010-12-03 03:25:59 +03:00
" %s " , fsp_str_do_log ( fsp ) ) ;
return result ;
}
2008-01-07 18:38:23 +03:00
static bool smb_full_audit_lock ( vfs_handle_struct * handle , files_struct * fsp ,
2004-04-29 16:11:59 +04:00
int op , SMB_OFF_T offset , SMB_OFF_T count , int type )
{
2007-10-19 04:40:25 +04:00
bool result ;
2004-04-29 16:11:59 +04:00
2008-01-07 18:38:23 +03:00
result = SMB_VFS_NEXT_LOCK ( handle , fsp , op , offset , count , type ) ;
2004-04-29 16:11:59 +04:00
2009-07-11 05:11:32 +04:00
do_log ( SMB_VFS_OP_LOCK , result , handle , " %s " , fsp_str_do_log ( fsp ) ) ;
2004-04-29 16:11:59 +04:00
return result ;
}
2006-12-06 13:21:20 +03:00
static int smb_full_audit_kernel_flock ( struct vfs_handle_struct * handle ,
2008-01-07 19:14:20 +03:00
struct files_struct * fsp ,
2009-10-06 19:14:56 +04:00
uint32 share_mode , uint32 access_mask )
2006-12-06 13:21:20 +03:00
{
int result ;
2009-10-06 19:14:56 +04:00
result = SMB_VFS_NEXT_KERNEL_FLOCK ( handle , fsp , share_mode , access_mask ) ;
2006-12-06 13:21:20 +03:00
do_log ( SMB_VFS_OP_KERNEL_FLOCK , ( result > = 0 ) , handle , " %s " ,
2009-07-11 05:11:32 +04:00
fsp_str_do_log ( fsp ) ) ;
2006-12-06 13:21:20 +03:00
return result ;
}
2007-02-14 05:37:14 +03:00
static int smb_full_audit_linux_setlease ( vfs_handle_struct * handle , files_struct * fsp ,
2008-01-07 23:47:53 +03:00
int leasetype )
2007-02-14 05:37:14 +03:00
{
int result ;
2008-01-07 23:47:53 +03:00
result = SMB_VFS_NEXT_LINUX_SETLEASE ( handle , fsp , leasetype ) ;
2007-02-14 05:37:14 +03:00
do_log ( SMB_VFS_OP_LINUX_SETLEASE , ( result > = 0 ) , handle , " %s " ,
2009-07-11 05:11:32 +04:00
fsp_str_do_log ( fsp ) ) ;
2007-02-14 05:37:14 +03:00
return result ;
}
2008-01-08 00:18:50 +03:00
static bool smb_full_audit_getlock ( vfs_handle_struct * handle , files_struct * fsp ,
2006-04-10 19:33:04 +04:00
SMB_OFF_T * poffset , SMB_OFF_T * pcount , int * ptype , pid_t * ppid )
{
2007-10-19 04:40:25 +04:00
bool result ;
2006-04-10 19:33:04 +04:00
2008-01-08 00:18:50 +03:00
result = SMB_VFS_NEXT_GETLOCK ( handle , fsp , poffset , pcount , ptype , ppid ) ;
2006-04-10 19:33:04 +04:00
2009-07-11 05:11:32 +04:00
do_log ( SMB_VFS_OP_GETLOCK , result , handle , " %s " , fsp_str_do_log ( fsp ) ) ;
2006-04-10 19:33:04 +04:00
return result ;
}
2006-07-11 22:01:26 +04:00
static int smb_full_audit_symlink ( vfs_handle_struct * handle ,
2004-04-29 16:11:59 +04:00
const char * oldpath , const char * newpath )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_SYMLINK ( handle , oldpath , newpath ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_SYMLINK , ( result > = 0 ) , handle ,
" %s|%s " , oldpath , newpath ) ;
return result ;
}
2006-07-11 22:01:26 +04:00
static int smb_full_audit_readlink ( vfs_handle_struct * handle ,
2004-04-29 16:11:59 +04:00
const char * path , char * buf , size_t bufsiz )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_READLINK ( handle , path , buf , bufsiz ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_READLINK , ( result > = 0 ) , handle , " %s " , path ) ;
return result ;
}
2006-07-11 22:01:26 +04:00
static int smb_full_audit_link ( vfs_handle_struct * handle ,
2004-04-29 16:11:59 +04:00
const char * oldpath , const char * newpath )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_LINK ( handle , oldpath , newpath ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_LINK , ( result > = 0 ) , handle ,
" %s|%s " , oldpath , newpath ) ;
return result ;
}
2006-07-11 22:01:26 +04:00
static int smb_full_audit_mknod ( vfs_handle_struct * handle ,
2004-04-29 16:11:59 +04:00
const char * pathname , mode_t mode , SMB_DEV_T dev )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_MKNOD ( handle , pathname , mode , dev ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_MKNOD , ( result > = 0 ) , handle , " %s " , pathname ) ;
return result ;
}
2006-07-11 22:01:26 +04:00
static char * smb_full_audit_realpath ( vfs_handle_struct * handle ,
2010-11-20 03:29:26 +03:00
const char * path )
2004-04-29 16:11:59 +04:00
{
char * result ;
2010-11-20 03:29:26 +03:00
result = SMB_VFS_NEXT_REALPATH ( handle , path ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_REALPATH , ( result ! = NULL ) , handle , " %s " , path ) ;
return result ;
}
2007-03-19 20:02:15 +03:00
static NTSTATUS smb_full_audit_notify_watch ( struct vfs_handle_struct * handle ,
struct sys_notify_context * ctx ,
struct notify_entry * e ,
void ( * callback ) ( struct sys_notify_context * ctx ,
void * private_data ,
struct notify_event * ev ) ,
void * private_data , void * handle_p )
{
NTSTATUS result ;
result = SMB_VFS_NEXT_NOTIFY_WATCH ( handle , ctx , e , callback , private_data , handle_p ) ;
do_log ( SMB_VFS_OP_NOTIFY_WATCH , NT_STATUS_IS_OK ( result ) , handle , " " ) ;
return result ;
}
2007-03-08 04:40:49 +03:00
static int smb_full_audit_chflags ( vfs_handle_struct * handle ,
2007-09-28 05:32:08 +04:00
const char * path , unsigned int flags )
2007-03-08 04:40:49 +03:00
{
int result ;
result = SMB_VFS_NEXT_CHFLAGS ( handle , path , flags ) ;
do_log ( SMB_VFS_OP_CHFLAGS , ( result ! = 0 ) , handle , " %s " , path ) ;
return result ;
}
2007-08-02 13:19:04 +04:00
static struct file_id smb_full_audit_file_id_create ( struct vfs_handle_struct * handle ,
2009-02-16 10:38:53 +03:00
const SMB_STRUCT_STAT * sbuf )
2007-08-02 13:19:04 +04:00
{
struct file_id id_zero ;
struct file_id result ;
ZERO_STRUCT ( id_zero ) ;
2009-02-16 10:38:53 +03:00
result = SMB_VFS_NEXT_FILE_ID_CREATE ( handle , sbuf ) ;
2007-08-02 13:19:04 +04:00
do_log ( SMB_VFS_OP_FILE_ID_CREATE ,
! file_id_equal ( & id_zero , & result ) ,
2007-09-10 14:56:07 +04:00
handle , " %s " , file_id_string_tos ( & result ) ) ;
2007-08-02 13:19:04 +04:00
return result ;
}
2008-06-07 11:04:03 +04:00
static NTSTATUS smb_full_audit_streaminfo ( vfs_handle_struct * handle ,
struct files_struct * fsp ,
const char * fname ,
TALLOC_CTX * mem_ctx ,
unsigned int * pnum_streams ,
struct stream_struct * * pstreams )
{
NTSTATUS result ;
result = SMB_VFS_NEXT_STREAMINFO ( handle , fsp , fname , mem_ctx ,
pnum_streams , pstreams ) ;
do_log ( SMB_VFS_OP_STREAMINFO , NT_STATUS_IS_OK ( result ) , handle ,
" %s " , fname ) ;
return result ;
}
2009-01-05 14:58:23 +03:00
static int smb_full_audit_get_real_filename ( struct vfs_handle_struct * handle ,
const char * path ,
const char * name ,
TALLOC_CTX * mem_ctx ,
char * * found_name )
{
int result ;
result = SMB_VFS_NEXT_GET_REAL_FILENAME ( handle , path , name , mem_ctx ,
found_name ) ;
do_log ( SMB_VFS_OP_GET_REAL_FILENAME , ( result = = 0 ) , handle ,
" %s/%s->%s " , path , name , ( result = = 0 ) ? " " : * found_name ) ;
return result ;
}
2009-05-28 21:20:14 +04:00
static const char * smb_full_audit_connectpath ( vfs_handle_struct * handle ,
const char * fname )
{
const char * result ;
result = SMB_VFS_NEXT_CONNECTPATH ( handle , fname ) ;
do_log ( SMB_VFS_OP_CONNECTPATH , result ! = NULL , handle ,
" %s " , fname ) ;
return result ;
}
2009-02-10 08:51:29 +03:00
static NTSTATUS smb_full_audit_brl_lock_windows ( struct vfs_handle_struct * handle ,
struct byte_range_lock * br_lck ,
struct lock_struct * plock ,
bool blocking_lock ,
struct blocking_lock_record * blr )
{
NTSTATUS result ;
result = SMB_VFS_NEXT_BRL_LOCK_WINDOWS ( handle , br_lck , plock ,
blocking_lock , blr ) ;
do_log ( SMB_VFS_OP_BRL_LOCK_WINDOWS , NT_STATUS_IS_OK ( result ) , handle ,
2009-07-11 05:11:32 +04:00
" %s:%llu-%llu. type=%d. blocking=%d " , fsp_str_do_log ( br_lck - > fsp ) ,
2009-02-10 08:51:29 +03:00
plock - > start , plock - > size , plock - > lock_type , blocking_lock ) ;
return result ;
}
static bool smb_full_audit_brl_unlock_windows ( struct vfs_handle_struct * handle ,
struct messaging_context * msg_ctx ,
struct byte_range_lock * br_lck ,
const struct lock_struct * plock )
{
bool result ;
result = SMB_VFS_NEXT_BRL_UNLOCK_WINDOWS ( handle , msg_ctx , br_lck ,
plock ) ;
do_log ( SMB_VFS_OP_BRL_UNLOCK_WINDOWS , ( result = = 0 ) , handle ,
2009-07-11 05:11:32 +04:00
" %s:%llu-%llu:%d " , fsp_str_do_log ( br_lck - > fsp ) , plock - > start ,
2009-02-10 08:51:29 +03:00
plock - > size , plock - > lock_type ) ;
return result ;
}
static bool smb_full_audit_brl_cancel_windows ( struct vfs_handle_struct * handle ,
struct byte_range_lock * br_lck ,
struct lock_struct * plock ,
struct blocking_lock_record * blr )
{
bool result ;
result = SMB_VFS_NEXT_BRL_CANCEL_WINDOWS ( handle , br_lck , plock , blr ) ;
do_log ( SMB_VFS_OP_BRL_CANCEL_WINDOWS , ( result = = 0 ) , handle ,
2009-07-11 05:11:32 +04:00
" %s:%llu-%llu:%d " , fsp_str_do_log ( br_lck - > fsp ) , plock - > start ,
2009-02-10 08:51:29 +03:00
plock - > size ) ;
return result ;
}
2009-03-14 00:15:28 +03:00
static bool smb_full_audit_strict_lock ( struct vfs_handle_struct * handle ,
struct files_struct * fsp ,
struct lock_struct * plock )
{
bool result ;
result = SMB_VFS_NEXT_STRICT_LOCK ( handle , fsp , plock ) ;
do_log ( SMB_VFS_OP_STRICT_LOCK , result , handle ,
2009-07-11 05:11:32 +04:00
" %s:%llu-%llu:%d " , fsp_str_do_log ( fsp ) , plock - > start ,
2009-03-14 00:15:28 +03:00
plock - > size ) ;
return result ;
}
static void smb_full_audit_strict_unlock ( struct vfs_handle_struct * handle ,
struct files_struct * fsp ,
struct lock_struct * plock )
{
SMB_VFS_NEXT_STRICT_UNLOCK ( handle , fsp , plock ) ;
do_log ( SMB_VFS_OP_STRICT_UNLOCK , true , handle ,
2009-07-11 05:11:32 +04:00
" %s:%llu-%llu:%d " , fsp_str_do_log ( fsp ) , plock - > start ,
2009-03-14 00:15:28 +03:00
plock - > size ) ;
return ;
}
2009-11-16 11:49:23 +03:00
static NTSTATUS smb_full_audit_translate_name ( struct vfs_handle_struct * handle ,
const char * name ,
enum vfs_translate_direction direction ,
TALLOC_CTX * mem_ctx ,
char * * mapped_name )
2009-08-27 01:56:09 +04:00
{
NTSTATUS result ;
2009-11-16 11:49:23 +03:00
result = SMB_VFS_NEXT_TRANSLATE_NAME ( handle , name , direction , mem_ctx ,
mapped_name ) ;
2009-08-27 01:56:09 +04:00
do_log ( SMB_VFS_OP_TRANSLATE_NAME , NT_STATUS_IS_OK ( result ) , handle , " " ) ;
return result ;
}
2007-10-13 23:06:49 +04:00
static NTSTATUS smb_full_audit_fget_nt_acl ( vfs_handle_struct * handle , files_struct * fsp ,
2008-01-05 04:16:15 +03:00
uint32 security_info ,
2010-05-18 12:29:34 +04:00
struct security_descriptor * * ppdesc )
2004-04-29 16:11:59 +04:00
{
2007-10-13 23:06:49 +04:00
NTSTATUS result ;
2004-04-29 16:11:59 +04:00
2008-01-05 04:16:15 +03:00
result = SMB_VFS_NEXT_FGET_NT_ACL ( handle , fsp , security_info , ppdesc ) ;
2004-04-29 16:11:59 +04:00
2007-10-13 23:06:49 +04:00
do_log ( SMB_VFS_OP_FGET_NT_ACL , NT_STATUS_IS_OK ( result ) , handle ,
2009-07-11 05:11:32 +04:00
" %s " , fsp_str_do_log ( fsp ) ) ;
2004-04-29 16:11:59 +04:00
return result ;
}
2007-10-13 23:06:49 +04:00
static NTSTATUS smb_full_audit_get_nt_acl ( vfs_handle_struct * handle ,
const char * name ,
uint32 security_info ,
2010-05-18 12:29:34 +04:00
struct security_descriptor * * ppdesc )
2004-04-29 16:11:59 +04:00
{
2007-10-13 23:06:49 +04:00
NTSTATUS result ;
2004-04-29 16:11:59 +04:00
2007-12-05 11:53:10 +03:00
result = SMB_VFS_NEXT_GET_NT_ACL ( handle , name , security_info , ppdesc ) ;
2004-04-29 16:11:59 +04:00
2007-10-13 23:06:49 +04:00
do_log ( SMB_VFS_OP_GET_NT_ACL , NT_STATUS_IS_OK ( result ) , handle ,
2008-08-14 21:58:50 +04:00
" %s " , name ) ;
2004-04-29 16:11:59 +04:00
return result ;
}
2007-06-27 02:49:10 +04:00
static NTSTATUS smb_full_audit_fset_nt_acl ( vfs_handle_struct * handle , files_struct * fsp ,
2008-01-06 20:48:02 +03:00
uint32 security_info_sent ,
2010-05-18 12:29:34 +04:00
const struct security_descriptor * psd )
2004-04-29 16:11:59 +04:00
{
2007-06-27 02:49:10 +04:00
NTSTATUS result ;
2004-04-29 16:11:59 +04:00
2008-01-06 20:48:02 +03:00
result = SMB_VFS_NEXT_FSET_NT_ACL ( handle , fsp , security_info_sent , psd ) ;
2004-04-29 16:11:59 +04:00
2009-07-11 05:11:32 +04:00
do_log ( SMB_VFS_OP_FSET_NT_ACL , NT_STATUS_IS_OK ( result ) , handle , " %s " ,
fsp_str_do_log ( fsp ) ) ;
2004-04-29 16:11:59 +04:00
return result ;
}
2006-07-11 22:01:26 +04:00
static int smb_full_audit_chmod_acl ( vfs_handle_struct * handle ,
2004-04-29 16:11:59 +04:00
const char * path , mode_t mode )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_CHMOD_ACL ( handle , path , mode ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_CHMOD_ACL , ( result > = 0 ) , handle ,
" %s|%o " , path , mode ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static int smb_full_audit_fchmod_acl ( vfs_handle_struct * handle , files_struct * fsp ,
2008-01-08 03:14:24 +03:00
mode_t mode )
2004-04-29 16:11:59 +04:00
{
int result ;
2008-01-08 03:14:24 +03:00
result = SMB_VFS_NEXT_FCHMOD_ACL ( handle , fsp , mode ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_FCHMOD_ACL , ( result > = 0 ) , handle ,
2009-07-11 05:11:32 +04:00
" %s|%o " , fsp_str_do_log ( fsp ) , mode ) ;
2004-04-29 16:11:59 +04:00
return result ;
}
2004-08-31 19:11:41 +04:00
static int smb_full_audit_sys_acl_get_entry ( vfs_handle_struct * handle ,
2006-07-11 22:01:26 +04:00
2004-04-29 16:11:59 +04:00
SMB_ACL_T theacl , int entry_id ,
SMB_ACL_ENTRY_T * entry_p )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_SYS_ACL_GET_ENTRY ( handle , theacl , entry_id ,
2004-04-29 16:11:59 +04:00
entry_p ) ;
do_log ( SMB_VFS_OP_SYS_ACL_GET_ENTRY , ( result > = 0 ) , handle ,
" " ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static int smb_full_audit_sys_acl_get_tag_type ( vfs_handle_struct * handle ,
2006-07-11 22:01:26 +04:00
2004-04-29 16:11:59 +04:00
SMB_ACL_ENTRY_T entry_d ,
SMB_ACL_TAG_T * tag_type_p )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_SYS_ACL_GET_TAG_TYPE ( handle , entry_d ,
2004-04-29 16:11:59 +04:00
tag_type_p ) ;
do_log ( SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE , ( result > = 0 ) , handle ,
" " ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static int smb_full_audit_sys_acl_get_permset ( vfs_handle_struct * handle ,
2006-07-11 22:01:26 +04:00
2004-04-29 16:11:59 +04:00
SMB_ACL_ENTRY_T entry_d ,
SMB_ACL_PERMSET_T * permset_p )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_SYS_ACL_GET_PERMSET ( handle , entry_d ,
2004-04-29 16:11:59 +04:00
permset_p ) ;
do_log ( SMB_VFS_OP_SYS_ACL_GET_PERMSET , ( result > = 0 ) , handle ,
" " ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static void * smb_full_audit_sys_acl_get_qualifier ( vfs_handle_struct * handle ,
2006-07-11 22:01:26 +04:00
2004-04-29 16:11:59 +04:00
SMB_ACL_ENTRY_T entry_d )
{
void * result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_SYS_ACL_GET_QUALIFIER ( handle , entry_d ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_SYS_ACL_GET_QUALIFIER , ( result ! = NULL ) , handle ,
" " ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static SMB_ACL_T smb_full_audit_sys_acl_get_file ( vfs_handle_struct * handle ,
2004-04-29 16:11:59 +04:00
const char * path_p ,
SMB_ACL_TYPE_T type )
{
SMB_ACL_T result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_SYS_ACL_GET_FILE ( handle , path_p , type ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_SYS_ACL_GET_FILE , ( result ! = NULL ) , handle ,
" %s " , path_p ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static SMB_ACL_T smb_full_audit_sys_acl_get_fd ( vfs_handle_struct * handle ,
2008-01-08 01:53:34 +03:00
files_struct * fsp )
2004-04-29 16:11:59 +04:00
{
SMB_ACL_T result ;
2008-01-08 01:53:34 +03:00
result = SMB_VFS_NEXT_SYS_ACL_GET_FD ( handle , fsp ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_SYS_ACL_GET_FD , ( result ! = NULL ) , handle ,
2009-07-11 05:11:32 +04:00
" %s " , fsp_str_do_log ( fsp ) ) ;
2004-04-29 16:11:59 +04:00
return result ;
}
2004-08-31 19:11:41 +04:00
static int smb_full_audit_sys_acl_clear_perms ( vfs_handle_struct * handle ,
2006-07-11 22:01:26 +04:00
2004-04-29 16:11:59 +04:00
SMB_ACL_PERMSET_T permset )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_SYS_ACL_CLEAR_PERMS ( handle , permset ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_SYS_ACL_CLEAR_PERMS , ( result > = 0 ) , handle ,
" " ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static int smb_full_audit_sys_acl_add_perm ( vfs_handle_struct * handle ,
2006-07-11 22:01:26 +04:00
2004-04-29 16:11:59 +04:00
SMB_ACL_PERMSET_T permset ,
SMB_ACL_PERM_T perm )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_SYS_ACL_ADD_PERM ( handle , permset , perm ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_SYS_ACL_ADD_PERM , ( result > = 0 ) , handle ,
" " ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static char * smb_full_audit_sys_acl_to_text ( vfs_handle_struct * handle ,
2006-07-11 22:01:26 +04:00
SMB_ACL_T theacl ,
2004-04-29 16:11:59 +04:00
ssize_t * plen )
{
char * result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_SYS_ACL_TO_TEXT ( handle , theacl , plen ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_SYS_ACL_TO_TEXT , ( result ! = NULL ) , handle ,
" " ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static SMB_ACL_T smb_full_audit_sys_acl_init ( vfs_handle_struct * handle ,
2006-07-11 22:01:26 +04:00
2004-04-29 16:11:59 +04:00
int count )
{
SMB_ACL_T result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_SYS_ACL_INIT ( handle , count ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_SYS_ACL_INIT , ( result ! = NULL ) , handle ,
" " ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static int smb_full_audit_sys_acl_create_entry ( vfs_handle_struct * handle ,
2006-07-11 22:01:26 +04:00
SMB_ACL_T * pacl ,
2004-04-29 16:11:59 +04:00
SMB_ACL_ENTRY_T * pentry )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_SYS_ACL_CREATE_ENTRY ( handle , pacl , pentry ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_SYS_ACL_CREATE_ENTRY , ( result > = 0 ) , handle ,
" " ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static int smb_full_audit_sys_acl_set_tag_type ( vfs_handle_struct * handle ,
2006-07-11 22:01:26 +04:00
2004-04-29 16:11:59 +04:00
SMB_ACL_ENTRY_T entry ,
SMB_ACL_TAG_T tagtype )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_SYS_ACL_SET_TAG_TYPE ( handle , entry ,
2004-04-29 16:11:59 +04:00
tagtype ) ;
do_log ( SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE , ( result > = 0 ) , handle ,
" " ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static int smb_full_audit_sys_acl_set_qualifier ( vfs_handle_struct * handle ,
2006-07-11 22:01:26 +04:00
2004-04-29 16:11:59 +04:00
SMB_ACL_ENTRY_T entry ,
void * qual )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_SYS_ACL_SET_QUALIFIER ( handle , entry , qual ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_SYS_ACL_SET_QUALIFIER , ( result > = 0 ) , handle ,
" " ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static int smb_full_audit_sys_acl_set_permset ( vfs_handle_struct * handle ,
2006-07-11 22:01:26 +04:00
2004-04-29 16:11:59 +04:00
SMB_ACL_ENTRY_T entry ,
SMB_ACL_PERMSET_T permset )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_SYS_ACL_SET_PERMSET ( handle , entry , permset ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_SYS_ACL_SET_PERMSET , ( result > = 0 ) , handle ,
" " ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static int smb_full_audit_sys_acl_valid ( vfs_handle_struct * handle ,
2006-07-11 22:01:26 +04:00
2004-04-29 16:11:59 +04:00
SMB_ACL_T theacl )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_SYS_ACL_VALID ( handle , theacl ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_SYS_ACL_VALID , ( result > = 0 ) , handle ,
" " ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static int smb_full_audit_sys_acl_set_file ( vfs_handle_struct * handle ,
2006-07-11 22:01:26 +04:00
2004-04-29 16:11:59 +04:00
const char * name , SMB_ACL_TYPE_T acltype ,
SMB_ACL_T theacl )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_SYS_ACL_SET_FILE ( handle , name , acltype ,
2004-04-29 16:11:59 +04:00
theacl ) ;
do_log ( SMB_VFS_OP_SYS_ACL_SET_FILE , ( result > = 0 ) , handle ,
" %s " , name ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static int smb_full_audit_sys_acl_set_fd ( vfs_handle_struct * handle , files_struct * fsp ,
2008-01-08 03:54:19 +03:00
SMB_ACL_T theacl )
2004-04-29 16:11:59 +04:00
{
int result ;
2008-01-08 03:54:19 +03:00
result = SMB_VFS_NEXT_SYS_ACL_SET_FD ( handle , fsp , theacl ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_SYS_ACL_SET_FD , ( result > = 0 ) , handle ,
2009-07-11 05:11:32 +04:00
" %s " , fsp_str_do_log ( fsp ) ) ;
2004-04-29 16:11:59 +04:00
return result ;
}
2004-08-31 19:11:41 +04:00
static int smb_full_audit_sys_acl_delete_def_file ( vfs_handle_struct * handle ,
2006-07-11 22:01:26 +04:00
2004-04-29 16:11:59 +04:00
const char * path )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_SYS_ACL_DELETE_DEF_FILE ( handle , path ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE , ( result > = 0 ) , handle ,
" %s " , path ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static int smb_full_audit_sys_acl_get_perm ( vfs_handle_struct * handle ,
2006-07-11 22:01:26 +04:00
2004-04-29 16:11:59 +04:00
SMB_ACL_PERMSET_T permset ,
SMB_ACL_PERM_T perm )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_SYS_ACL_GET_PERM ( handle , permset , perm ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_SYS_ACL_GET_PERM , ( result > = 0 ) , handle ,
" " ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static int smb_full_audit_sys_acl_free_text ( vfs_handle_struct * handle ,
2006-07-11 22:01:26 +04:00
2004-04-29 16:11:59 +04:00
char * text )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_SYS_ACL_FREE_TEXT ( handle , text ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_SYS_ACL_FREE_TEXT , ( result > = 0 ) , handle ,
" " ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static int smb_full_audit_sys_acl_free_acl ( vfs_handle_struct * handle ,
2006-07-11 22:01:26 +04:00
2004-04-29 16:11:59 +04:00
SMB_ACL_T posix_acl )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_SYS_ACL_FREE_ACL ( handle , posix_acl ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_SYS_ACL_FREE_ACL , ( result > = 0 ) , handle ,
" " ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static int smb_full_audit_sys_acl_free_qualifier ( vfs_handle_struct * handle ,
2004-04-29 16:11:59 +04:00
void * qualifier ,
SMB_ACL_TAG_T tagtype )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_SYS_ACL_FREE_QUALIFIER ( handle , qualifier ,
2004-04-29 16:11:59 +04:00
tagtype ) ;
do_log ( SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER , ( result > = 0 ) , handle ,
" " ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static ssize_t smb_full_audit_getxattr ( struct vfs_handle_struct * handle ,
2006-07-11 22:01:26 +04:00
const char * path ,
2004-04-29 16:11:59 +04:00
const char * name , void * value , size_t size )
{
ssize_t result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_GETXATTR ( handle , path , name , value , size ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_GETXATTR , ( result > = 0 ) , handle ,
" %s|%s " , path , name ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static ssize_t smb_full_audit_lgetxattr ( struct vfs_handle_struct * handle ,
2004-04-29 16:11:59 +04:00
const char * path , const char * name ,
void * value , size_t size )
{
ssize_t result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_LGETXATTR ( handle , path , name , value , size ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_LGETXATTR , ( result > = 0 ) , handle ,
" %s|%s " , path , name ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static ssize_t smb_full_audit_fgetxattr ( struct vfs_handle_struct * handle ,
2008-01-08 12:00:47 +03:00
struct files_struct * fsp ,
2004-04-29 16:11:59 +04:00
const char * name , void * value , size_t size )
{
ssize_t result ;
2008-01-08 12:00:47 +03:00
result = SMB_VFS_NEXT_FGETXATTR ( handle , fsp , name , value , size ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_FGETXATTR , ( result > = 0 ) , handle ,
2009-07-11 05:11:32 +04:00
" %s|%s " , fsp_str_do_log ( fsp ) , name ) ;
2004-04-29 16:11:59 +04:00
return result ;
}
2004-08-31 19:11:41 +04:00
static ssize_t smb_full_audit_listxattr ( struct vfs_handle_struct * handle ,
2004-04-29 16:11:59 +04:00
const char * path , char * list , size_t size )
{
ssize_t result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_LISTXATTR ( handle , path , list , size ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_LISTXATTR , ( result > = 0 ) , handle , " %s " , path ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static ssize_t smb_full_audit_llistxattr ( struct vfs_handle_struct * handle ,
2004-04-29 16:11:59 +04:00
const char * path , char * list , size_t size )
{
ssize_t result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_LLISTXATTR ( handle , path , list , size ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_LLISTXATTR , ( result > = 0 ) , handle , " %s " , path ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static ssize_t smb_full_audit_flistxattr ( struct vfs_handle_struct * handle ,
2008-01-08 12:51:40 +03:00
struct files_struct * fsp , char * list ,
2004-04-29 16:11:59 +04:00
size_t size )
{
ssize_t result ;
2008-01-08 12:51:40 +03:00
result = SMB_VFS_NEXT_FLISTXATTR ( handle , fsp , list , size ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_FLISTXATTR , ( result > = 0 ) , handle ,
2009-07-11 05:11:32 +04:00
" %s " , fsp_str_do_log ( fsp ) ) ;
2004-04-29 16:11:59 +04:00
return result ;
}
2004-08-31 19:11:41 +04:00
static int smb_full_audit_removexattr ( struct vfs_handle_struct * handle ,
2006-07-11 22:01:26 +04:00
const char * path ,
2004-04-29 16:11:59 +04:00
const char * name )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_REMOVEXATTR ( handle , path , name ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_REMOVEXATTR , ( result > = 0 ) , handle ,
" %s|%s " , path , name ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static int smb_full_audit_lremovexattr ( struct vfs_handle_struct * handle ,
2006-07-11 22:01:26 +04:00
const char * path ,
2004-04-29 16:11:59 +04:00
const char * name )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_LREMOVEXATTR ( handle , path , name ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_LREMOVEXATTR , ( result > = 0 ) , handle ,
" %s|%s " , path , name ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static int smb_full_audit_fremovexattr ( struct vfs_handle_struct * handle ,
2008-01-08 13:29:09 +03:00
struct files_struct * fsp ,
2004-04-29 16:11:59 +04:00
const char * name )
{
int result ;
2008-01-08 13:29:09 +03:00
result = SMB_VFS_NEXT_FREMOVEXATTR ( handle , fsp , name ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_FREMOVEXATTR , ( result > = 0 ) , handle ,
2009-07-11 05:11:32 +04:00
" %s|%s " , fsp_str_do_log ( fsp ) , name ) ;
2004-04-29 16:11:59 +04:00
return result ;
}
2004-08-31 19:11:41 +04:00
static int smb_full_audit_setxattr ( struct vfs_handle_struct * handle ,
2006-07-11 22:01:26 +04:00
const char * path ,
2004-04-29 16:11:59 +04:00
const char * name , const void * value , size_t size ,
int flags )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_SETXATTR ( handle , path , name , value , size ,
2004-04-29 16:11:59 +04:00
flags ) ;
do_log ( SMB_VFS_OP_SETXATTR , ( result > = 0 ) , handle ,
" %s|%s " , path , name ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static int smb_full_audit_lsetxattr ( struct vfs_handle_struct * handle ,
2006-07-11 22:01:26 +04:00
const char * path ,
2004-04-29 16:11:59 +04:00
const char * name , const void * value , size_t size ,
int flags )
{
int result ;
2006-07-11 22:01:26 +04:00
result = SMB_VFS_NEXT_LSETXATTR ( handle , path , name , value , size ,
2004-04-29 16:11:59 +04:00
flags ) ;
do_log ( SMB_VFS_OP_LSETXATTR , ( result > = 0 ) , handle ,
" %s|%s " , path , name ) ;
return result ;
}
2004-08-31 19:11:41 +04:00
static int smb_full_audit_fsetxattr ( struct vfs_handle_struct * handle ,
2008-01-08 13:47:33 +03:00
struct files_struct * fsp , const char * name ,
2004-04-29 16:11:59 +04:00
const void * value , size_t size , int flags )
{
int result ;
2008-01-08 13:47:33 +03:00
result = SMB_VFS_NEXT_FSETXATTR ( handle , fsp , name , value , size , flags ) ;
2004-04-29 16:11:59 +04:00
do_log ( SMB_VFS_OP_FSETXATTR , ( result > = 0 ) , handle ,
2009-07-11 05:11:32 +04:00
" %s|%s " , fsp_str_do_log ( fsp ) , name ) ;
2004-04-29 16:11:59 +04:00
return result ;
}
2005-06-28 02:53:56 +04:00
static int smb_full_audit_aio_read ( struct vfs_handle_struct * handle , struct files_struct * fsp , SMB_STRUCT_AIOCB * aiocb )
{
int result ;
result = SMB_VFS_NEXT_AIO_READ ( handle , fsp , aiocb ) ;
do_log ( SMB_VFS_OP_AIO_READ , ( result > = 0 ) , handle ,
2009-07-11 05:11:32 +04:00
" %s " , fsp_str_do_log ( fsp ) ) ;
2005-06-28 02:53:56 +04:00
return result ;
}
static int smb_full_audit_aio_write ( struct vfs_handle_struct * handle , struct files_struct * fsp , SMB_STRUCT_AIOCB * aiocb )
{
int result ;
result = SMB_VFS_NEXT_AIO_WRITE ( handle , fsp , aiocb ) ;
do_log ( SMB_VFS_OP_AIO_WRITE , ( result > = 0 ) , handle ,
2009-07-11 05:11:32 +04:00
" %s " , fsp_str_do_log ( fsp ) ) ;
2005-06-28 02:53:56 +04:00
return result ;
}
static ssize_t smb_full_audit_aio_return ( struct vfs_handle_struct * handle , struct files_struct * fsp , SMB_STRUCT_AIOCB * aiocb )
{
int result ;
result = SMB_VFS_NEXT_AIO_RETURN ( handle , fsp , aiocb ) ;
do_log ( SMB_VFS_OP_AIO_RETURN , ( result > = 0 ) , handle ,
2009-07-11 05:11:32 +04:00
" %s " , fsp_str_do_log ( fsp ) ) ;
2005-06-28 02:53:56 +04:00
return result ;
}
2008-01-08 14:20:51 +03:00
static int smb_full_audit_aio_cancel ( struct vfs_handle_struct * handle , struct files_struct * fsp , SMB_STRUCT_AIOCB * aiocb )
2005-06-28 02:53:56 +04:00
{
int result ;
2008-01-08 14:20:51 +03:00
result = SMB_VFS_NEXT_AIO_CANCEL ( handle , fsp , aiocb ) ;
2005-06-28 02:53:56 +04:00
do_log ( SMB_VFS_OP_AIO_CANCEL , ( result > = 0 ) , handle ,
2009-07-11 05:11:32 +04:00
" %s " , fsp_str_do_log ( fsp ) ) ;
2005-06-28 02:53:56 +04:00
return result ;
}
static int smb_full_audit_aio_error ( struct vfs_handle_struct * handle , struct files_struct * fsp , SMB_STRUCT_AIOCB * aiocb )
{
int result ;
result = SMB_VFS_NEXT_AIO_ERROR ( handle , fsp , aiocb ) ;
do_log ( SMB_VFS_OP_AIO_ERROR , ( result > = 0 ) , handle ,
2009-07-11 05:11:32 +04:00
" %s " , fsp_str_do_log ( fsp ) ) ;
2005-06-28 02:53:56 +04:00
return result ;
}
static int smb_full_audit_aio_fsync ( struct vfs_handle_struct * handle , struct files_struct * fsp , int op , SMB_STRUCT_AIOCB * aiocb )
{
int result ;
result = SMB_VFS_NEXT_AIO_FSYNC ( handle , fsp , op , aiocb ) ;
do_log ( SMB_VFS_OP_AIO_FSYNC , ( result > = 0 ) , handle ,
2009-07-11 05:11:32 +04:00
" %s " , fsp_str_do_log ( fsp ) ) ;
2005-06-28 02:53:56 +04:00
return result ;
}
static int smb_full_audit_aio_suspend ( struct vfs_handle_struct * handle , struct files_struct * fsp , const SMB_STRUCT_AIOCB * const aiocb [ ] , int n , const struct timespec * ts )
{
int result ;
result = SMB_VFS_NEXT_AIO_SUSPEND ( handle , fsp , aiocb , n , ts ) ;
do_log ( SMB_VFS_OP_AIO_SUSPEND , ( result > = 0 ) , handle ,
2009-07-11 05:11:32 +04:00
" %s " , fsp_str_do_log ( fsp ) ) ;
2005-06-28 02:53:56 +04:00
return result ;
}
2009-02-10 23:14:39 +03:00
static bool smb_full_audit_aio_force ( struct vfs_handle_struct * handle ,
struct files_struct * fsp )
{
bool result ;
result = SMB_VFS_NEXT_AIO_FORCE ( handle , fsp ) ;
do_log ( SMB_VFS_OP_AIO_FORCE , result , handle ,
2009-07-11 05:11:32 +04:00
" %s " , fsp_str_do_log ( fsp ) ) ;
2009-02-10 23:14:39 +03:00
return result ;
}
2005-06-28 02:53:56 +04:00
2011-02-25 16:37:34 +03:00
static bool smb_full_audit_is_offline ( struct vfs_handle_struct * handle ,
const struct smb_filename * fname ,
SMB_STRUCT_STAT * sbuf )
{
bool result ;
result = SMB_VFS_NEXT_IS_OFFLINE ( handle , fname , sbuf ) ;
do_log ( SMB_VFS_OP_IS_OFFLINE , result , handle , " %s " ,
smb_fname_str_do_log ( fname ) ) ;
return result ;
}
2011-02-25 16:43:52 +03:00
static int smb_full_audit_set_offline ( struct vfs_handle_struct * handle ,
const struct smb_filename * fname )
{
int result ;
result = SMB_VFS_NEXT_SET_OFFLINE ( handle , fname ) ;
do_log ( SMB_VFS_OP_SET_OFFLINE , result > = 0 , handle , " %s " ,
smb_fname_str_do_log ( fname ) ) ;
return result ;
}
2009-07-24 04:28:58 +04:00
static struct vfs_fn_pointers vfs_full_audit_fns = {
2009-07-01 09:44:39 +04:00
/* Disk operations */
2009-07-24 04:28:58 +04:00
. connect_fn = smb_full_audit_connect ,
. disconnect = smb_full_audit_disconnect ,
. disk_free = smb_full_audit_disk_free ,
. get_quota = smb_full_audit_get_quota ,
. set_quota = smb_full_audit_set_quota ,
. get_shadow_copy_data = smb_full_audit_get_shadow_copy_data ,
. statvfs = smb_full_audit_statvfs ,
. fs_capabilities = smb_full_audit_fs_capabilities ,
. opendir = smb_full_audit_opendir ,
2011-02-09 02:07:48 +03:00
. fdopendir = smb_full_audit_fdopendir ,
2009-07-24 04:28:58 +04:00
. readdir = smb_full_audit_readdir ,
. seekdir = smb_full_audit_seekdir ,
. telldir = smb_full_audit_telldir ,
. rewind_dir = smb_full_audit_rewinddir ,
. mkdir = smb_full_audit_mkdir ,
. rmdir = smb_full_audit_rmdir ,
. closedir = smb_full_audit_closedir ,
. init_search_op = smb_full_audit_init_search_op ,
2011-04-21 00:55:25 +04:00
. open_fn = smb_full_audit_open ,
2009-07-24 04:28:58 +04:00
. create_file = smb_full_audit_create_file ,
. close_fn = smb_full_audit_close ,
. vfs_read = smb_full_audit_read ,
. pread = smb_full_audit_pread ,
. write = smb_full_audit_write ,
. pwrite = smb_full_audit_pwrite ,
. lseek = smb_full_audit_lseek ,
. sendfile = smb_full_audit_sendfile ,
. recvfile = smb_full_audit_recvfile ,
. rename = smb_full_audit_rename ,
. fsync = smb_full_audit_fsync ,
. stat = smb_full_audit_stat ,
. fstat = smb_full_audit_fstat ,
. lstat = smb_full_audit_lstat ,
. get_alloc_size = smb_full_audit_get_alloc_size ,
. unlink = smb_full_audit_unlink ,
. chmod = smb_full_audit_chmod ,
. fchmod = smb_full_audit_fchmod ,
. chown = smb_full_audit_chown ,
. fchown = smb_full_audit_fchown ,
. lchown = smb_full_audit_lchown ,
. chdir = smb_full_audit_chdir ,
. getwd = smb_full_audit_getwd ,
. ntimes = smb_full_audit_ntimes ,
. ftruncate = smb_full_audit_ftruncate ,
2010-12-18 10:08:01 +03:00
. fallocate = smb_full_audit_fallocate ,
2009-07-24 04:28:58 +04:00
. lock = smb_full_audit_lock ,
. kernel_flock = smb_full_audit_kernel_flock ,
. linux_setlease = smb_full_audit_linux_setlease ,
. getlock = smb_full_audit_getlock ,
. symlink = smb_full_audit_symlink ,
. vfs_readlink = smb_full_audit_readlink ,
. link = smb_full_audit_link ,
. mknod = smb_full_audit_mknod ,
. realpath = smb_full_audit_realpath ,
. notify_watch = smb_full_audit_notify_watch ,
. chflags = smb_full_audit_chflags ,
. file_id_create = smb_full_audit_file_id_create ,
. streaminfo = smb_full_audit_streaminfo ,
. get_real_filename = smb_full_audit_get_real_filename ,
. connectpath = smb_full_audit_connectpath ,
. brl_lock_windows = smb_full_audit_brl_lock_windows ,
. brl_unlock_windows = smb_full_audit_brl_unlock_windows ,
. brl_cancel_windows = smb_full_audit_brl_cancel_windows ,
. strict_lock = smb_full_audit_strict_lock ,
. strict_unlock = smb_full_audit_strict_unlock ,
2009-08-27 01:56:09 +04:00
. translate_name = smb_full_audit_translate_name ,
2009-07-24 04:28:58 +04:00
. fget_nt_acl = smb_full_audit_fget_nt_acl ,
. get_nt_acl = smb_full_audit_get_nt_acl ,
. fset_nt_acl = smb_full_audit_fset_nt_acl ,
. chmod_acl = smb_full_audit_chmod_acl ,
. fchmod_acl = smb_full_audit_fchmod_acl ,
. sys_acl_get_entry = smb_full_audit_sys_acl_get_entry ,
. sys_acl_get_tag_type = smb_full_audit_sys_acl_get_tag_type ,
. sys_acl_get_permset = smb_full_audit_sys_acl_get_permset ,
. sys_acl_get_qualifier = smb_full_audit_sys_acl_get_qualifier ,
. sys_acl_get_file = smb_full_audit_sys_acl_get_file ,
. sys_acl_get_fd = smb_full_audit_sys_acl_get_fd ,
. sys_acl_clear_perms = smb_full_audit_sys_acl_clear_perms ,
. sys_acl_add_perm = smb_full_audit_sys_acl_add_perm ,
. sys_acl_to_text = smb_full_audit_sys_acl_to_text ,
. sys_acl_init = smb_full_audit_sys_acl_init ,
. sys_acl_create_entry = smb_full_audit_sys_acl_create_entry ,
. sys_acl_set_tag_type = smb_full_audit_sys_acl_set_tag_type ,
. sys_acl_set_qualifier = smb_full_audit_sys_acl_set_qualifier ,
. sys_acl_set_permset = smb_full_audit_sys_acl_set_permset ,
. sys_acl_valid = smb_full_audit_sys_acl_valid ,
. sys_acl_set_file = smb_full_audit_sys_acl_set_file ,
. sys_acl_set_fd = smb_full_audit_sys_acl_set_fd ,
. sys_acl_delete_def_file = smb_full_audit_sys_acl_delete_def_file ,
. sys_acl_get_perm = smb_full_audit_sys_acl_get_perm ,
. sys_acl_free_text = smb_full_audit_sys_acl_free_text ,
. sys_acl_free_acl = smb_full_audit_sys_acl_free_acl ,
. sys_acl_free_qualifier = smb_full_audit_sys_acl_free_qualifier ,
. getxattr = smb_full_audit_getxattr ,
. lgetxattr = smb_full_audit_lgetxattr ,
. fgetxattr = smb_full_audit_fgetxattr ,
. listxattr = smb_full_audit_listxattr ,
. llistxattr = smb_full_audit_llistxattr ,
. flistxattr = smb_full_audit_flistxattr ,
. removexattr = smb_full_audit_removexattr ,
. lremovexattr = smb_full_audit_lremovexattr ,
. fremovexattr = smb_full_audit_fremovexattr ,
. setxattr = smb_full_audit_setxattr ,
. lsetxattr = smb_full_audit_lsetxattr ,
. fsetxattr = smb_full_audit_fsetxattr ,
. aio_read = smb_full_audit_aio_read ,
. aio_write = smb_full_audit_aio_write ,
. aio_return_fn = smb_full_audit_aio_return ,
. aio_cancel = smb_full_audit_aio_cancel ,
. aio_error_fn = smb_full_audit_aio_error ,
. aio_fsync = smb_full_audit_aio_fsync ,
. aio_suspend = smb_full_audit_aio_suspend ,
. aio_force = smb_full_audit_aio_force ,
2011-02-25 16:37:34 +03:00
. is_offline = smb_full_audit_is_offline ,
2011-02-25 16:43:52 +03:00
. set_offline = smb_full_audit_set_offline ,
2009-07-01 09:44:39 +04:00
} ;
2004-04-29 16:11:59 +04:00
NTSTATUS vfs_full_audit_init ( void )
{
NTSTATUS ret = smb_register_vfs ( SMB_VFS_INTERFACE_VERSION ,
2009-07-24 04:28:58 +04:00
" full_audit " , & vfs_full_audit_fns ) ;
2004-04-29 16:11:59 +04:00
if ( ! NT_STATUS_IS_OK ( ret ) )
return ret ;
vfs_full_audit_debug_level = debug_add_class ( " full_audit " ) ;
if ( vfs_full_audit_debug_level = = - 1 ) {
vfs_full_audit_debug_level = DBGC_VFS ;
DEBUG ( 0 , ( " vfs_full_audit: Couldn't register custom debugging "
" class! \n " ) ) ;
} else {
DEBUG ( 10 , ( " vfs_full_audit: Debug class number of "
" 'full_audit': %d \n " , vfs_full_audit_debug_level ) ) ;
}
return ret ;
}