2004-04-29 12:11:59 +00:00
/*
* Auditing VFS module for samba . Log selected file operations to syslog
* facility .
*
* Copyright ( C ) Tim Potter , 1999 - 2000
* Copyright ( C ) Alexander Bokovoy , 2002
* Copyright ( C ) John H Terpstra , 2003
* Copyright ( C ) Stefan ( metze ) Metzmacher , 2003
* Copyright ( C ) Volker Lendecke , 2004
*
* This program is free software ; you can redistribute it and / or modify
* it under the terms of the GNU General Public License as published by
2007-07-09 19:25:36 +00:00
* the Free Software Foundation ; either version 3 of the License , or
2004-04-29 12:11:59 +00:00
* ( at your option ) any later version .
*
* This program is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU General Public License for more details .
*
* You should have received a copy of the GNU General Public License
2007-07-10 05:23:25 +00:00
* along with this program ; if not , see < http : //www.gnu.org/licenses/>.
2004-04-29 12:11:59 +00:00
*/
2004-04-29 13:07:34 +00:00
/*
* This module implements parseable logging for all Samba VFS operations .
*
* You use it as follows :
*
* [ tmp ]
* path = / tmp
* vfs objects = full_audit
* full_audit : prefix = % u | % I
* full_audit : success = open opendir
* full_audit : failure = all
*
2006-01-19 00:34:48 +00:00
* vfs op can be " all " which means log all operations .
* vfs op can be " none " which means no logging .
*
2004-04-29 13:07:34 +00:00
* This leads to syslog entries of the form :
* smbd_audit : nobody | 192.168 .234 .1 | opendir | ok | .
* smbd_audit : nobody | 192.168 .234 .1 | open | fail ( File not found ) | r | x . txt
*
* where " nobody " is the connected username and " 192.168.234.1 " is the
* client ' s IP address .
*
* Options :
*
* prefix : A macro expansion template prepended to the syslog entry .
*
* success : A list of VFS operations for which a successful completion should
* be logged . Defaults to no logging at all . The special operation " all " logs
* - you guessed it - everything .
*
* failure : A list of VFS operations for which failure to complete should be
* logged . Defaults to logging everything .
*/
2004-04-29 12:11:59 +00:00
# include "includes.h"
2011-02-25 23:20:06 +01:00
# include "system/filesys.h"
2011-02-25 16:19:10 +01:00
# include "system/syslog.h"
2011-03-22 22:34:22 +01:00
# include "smbd/smbd.h"
2010-08-05 15:14:04 +02:00
# include "../librpc/gen_ndr/ndr_netlogon.h"
2011-03-24 14:15:54 +01:00
# include "auth.h"
2011-03-25 13:42:42 +01:00
# include "ntioctl.h"
2011-06-29 15:33:54 +10:00
# include "lib/param/loadparm.h"
2011-07-07 21:04:31 +10:00
# include "lib/util/bitmap.h"
2012-07-09 17:17:25 +02:00
# include "lib/util/tevent_unix.h"
2004-04-29 12:11:59 +00:00
static int vfs_full_audit_debug_level = DBGC_VFS ;
2006-01-19 00:34:48 +00:00
struct vfs_full_audit_private_data {
struct bitmap * success_ops ;
struct bitmap * failure_ops ;
} ;
2004-04-29 12:11:59 +00:00
# undef DBGC_CLASS
# define DBGC_CLASS vfs_full_audit_debug_level
2009-07-24 10:43:02 -04:00
typedef enum _vfs_op_type {
SMB_VFS_OP_NOOP = - 1 ,
/* Disk operations */
SMB_VFS_OP_CONNECT = 0 ,
SMB_VFS_OP_DISCONNECT ,
SMB_VFS_OP_DISK_FREE ,
SMB_VFS_OP_GET_QUOTA ,
SMB_VFS_OP_SET_QUOTA ,
SMB_VFS_OP_GET_SHADOW_COPY_DATA ,
SMB_VFS_OP_STATVFS ,
SMB_VFS_OP_FS_CAPABILITIES ,
/* Directory operations */
SMB_VFS_OP_OPENDIR ,
2011-02-08 15:07:48 -08:00
SMB_VFS_OP_FDOPENDIR ,
2009-07-24 10:43:02 -04:00
SMB_VFS_OP_READDIR ,
SMB_VFS_OP_SEEKDIR ,
SMB_VFS_OP_TELLDIR ,
SMB_VFS_OP_REWINDDIR ,
SMB_VFS_OP_MKDIR ,
SMB_VFS_OP_RMDIR ,
SMB_VFS_OP_CLOSEDIR ,
SMB_VFS_OP_INIT_SEARCH_OP ,
/* File operations */
SMB_VFS_OP_OPEN ,
SMB_VFS_OP_CREATE_FILE ,
SMB_VFS_OP_CLOSE ,
SMB_VFS_OP_READ ,
SMB_VFS_OP_PREAD ,
2012-07-09 17:17:25 +02:00
SMB_VFS_OP_PREAD_SEND ,
SMB_VFS_OP_PREAD_RECV ,
2009-07-24 10:43:02 -04:00
SMB_VFS_OP_WRITE ,
SMB_VFS_OP_PWRITE ,
2012-07-09 17:17:25 +02:00
SMB_VFS_OP_PWRITE_SEND ,
SMB_VFS_OP_PWRITE_RECV ,
2009-07-24 10:43:02 -04:00
SMB_VFS_OP_LSEEK ,
SMB_VFS_OP_SENDFILE ,
SMB_VFS_OP_RECVFILE ,
SMB_VFS_OP_RENAME ,
SMB_VFS_OP_FSYNC ,
2012-07-13 10:22:25 +02:00
SMB_VFS_OP_FSYNC_SEND ,
SMB_VFS_OP_FSYNC_RECV ,
2009-07-24 10:43:02 -04:00
SMB_VFS_OP_STAT ,
SMB_VFS_OP_FSTAT ,
SMB_VFS_OP_LSTAT ,
SMB_VFS_OP_GET_ALLOC_SIZE ,
SMB_VFS_OP_UNLINK ,
SMB_VFS_OP_CHMOD ,
SMB_VFS_OP_FCHMOD ,
SMB_VFS_OP_CHOWN ,
SMB_VFS_OP_FCHOWN ,
SMB_VFS_OP_LCHOWN ,
SMB_VFS_OP_CHDIR ,
SMB_VFS_OP_GETWD ,
SMB_VFS_OP_NTIMES ,
SMB_VFS_OP_FTRUNCATE ,
2010-12-17 23:08:01 -08:00
SMB_VFS_OP_FALLOCATE ,
2009-07-24 10:43:02 -04:00
SMB_VFS_OP_LOCK ,
SMB_VFS_OP_KERNEL_FLOCK ,
SMB_VFS_OP_LINUX_SETLEASE ,
SMB_VFS_OP_GETLOCK ,
SMB_VFS_OP_SYMLINK ,
SMB_VFS_OP_READLINK ,
SMB_VFS_OP_LINK ,
SMB_VFS_OP_MKNOD ,
SMB_VFS_OP_REALPATH ,
SMB_VFS_OP_NOTIFY_WATCH ,
SMB_VFS_OP_CHFLAGS ,
SMB_VFS_OP_FILE_ID_CREATE ,
SMB_VFS_OP_STREAMINFO ,
SMB_VFS_OP_GET_REAL_FILENAME ,
SMB_VFS_OP_CONNECTPATH ,
SMB_VFS_OP_BRL_LOCK_WINDOWS ,
SMB_VFS_OP_BRL_UNLOCK_WINDOWS ,
SMB_VFS_OP_BRL_CANCEL_WINDOWS ,
SMB_VFS_OP_STRICT_LOCK ,
SMB_VFS_OP_STRICT_UNLOCK ,
2009-08-26 14:56:09 -07:00
SMB_VFS_OP_TRANSLATE_NAME ,
2013-01-15 17:22:59 +01:00
SMB_VFS_OP_COPY_CHUNK_SEND ,
SMB_VFS_OP_COPY_CHUNK_RECV ,
2013-11-18 14:54:30 +01:00
SMB_VFS_OP_GET_COMPRESSION ,
SMB_VFS_OP_SET_COMPRESSION ,
2009-07-24 10:43:02 -04:00
/* NT ACL operations. */
SMB_VFS_OP_FGET_NT_ACL ,
SMB_VFS_OP_GET_NT_ACL ,
SMB_VFS_OP_FSET_NT_ACL ,
/* POSIX ACL operations. */
SMB_VFS_OP_CHMOD_ACL ,
SMB_VFS_OP_FCHMOD_ACL ,
SMB_VFS_OP_SYS_ACL_GET_FILE ,
SMB_VFS_OP_SYS_ACL_GET_FD ,
2012-09-10 12:44:01 +10:00
SMB_VFS_OP_SYS_ACL_BLOB_GET_FILE ,
SMB_VFS_OP_SYS_ACL_BLOB_GET_FD ,
2009-07-24 10:43:02 -04:00
SMB_VFS_OP_SYS_ACL_SET_FILE ,
SMB_VFS_OP_SYS_ACL_SET_FD ,
SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE ,
/* EA operations. */
SMB_VFS_OP_GETXATTR ,
SMB_VFS_OP_FGETXATTR ,
SMB_VFS_OP_LISTXATTR ,
SMB_VFS_OP_FLISTXATTR ,
SMB_VFS_OP_REMOVEXATTR ,
SMB_VFS_OP_FREMOVEXATTR ,
SMB_VFS_OP_SETXATTR ,
SMB_VFS_OP_FSETXATTR ,
/* aio operations */
SMB_VFS_OP_AIO_FORCE ,
/* offline operations */
SMB_VFS_OP_IS_OFFLINE ,
SMB_VFS_OP_SET_OFFLINE ,
/* This should always be last enum value */
SMB_VFS_OP_LAST
} vfs_op_type ;
2012-09-27 12:34:53 +02:00
/* The following array *must* be in the same order as defined in vfs_op_type */
2004-04-29 12:11:59 +00:00
static struct {
vfs_op_type type ;
const char * name ;
} vfs_op_names [ ] = {
{ SMB_VFS_OP_CONNECT , " connect " } ,
{ SMB_VFS_OP_DISCONNECT , " disconnect " } ,
{ SMB_VFS_OP_DISK_FREE , " disk_free " } ,
{ SMB_VFS_OP_GET_QUOTA , " get_quota " } ,
{ SMB_VFS_OP_SET_QUOTA , " set_quota " } ,
{ SMB_VFS_OP_GET_SHADOW_COPY_DATA , " get_shadow_copy_data " } ,
2005-10-20 17:33:17 +00:00
{ SMB_VFS_OP_STATVFS , " statvfs " } ,
2008-03-21 10:20:53 +01:00
{ SMB_VFS_OP_FS_CAPABILITIES , " fs_capabilities " } ,
2004-04-29 12:11:59 +00:00
{ SMB_VFS_OP_OPENDIR , " opendir " } ,
2011-02-08 15:07:48 -08:00
{ SMB_VFS_OP_FDOPENDIR , " fdopendir " } ,
2004-04-29 12:11:59 +00:00
{ SMB_VFS_OP_READDIR , " readdir " } ,
2005-05-13 12:05:14 +00:00
{ SMB_VFS_OP_SEEKDIR , " seekdir " } ,
{ SMB_VFS_OP_TELLDIR , " telldir " } ,
{ SMB_VFS_OP_REWINDDIR , " rewinddir " } ,
2004-04-29 12:11:59 +00:00
{ SMB_VFS_OP_MKDIR , " mkdir " } ,
{ SMB_VFS_OP_RMDIR , " rmdir " } ,
{ SMB_VFS_OP_CLOSEDIR , " closedir " } ,
2009-02-02 21:37:51 -08:00
{ SMB_VFS_OP_INIT_SEARCH_OP , " init_search_op " } ,
2004-04-29 12:11:59 +00:00
{ SMB_VFS_OP_OPEN , " open " } ,
2009-01-05 13:08:07 +01:00
{ SMB_VFS_OP_CREATE_FILE , " create_file " } ,
2004-04-29 12:11:59 +00:00
{ SMB_VFS_OP_CLOSE , " close " } ,
{ SMB_VFS_OP_READ , " read " } ,
{ SMB_VFS_OP_PREAD , " pread " } ,
2012-07-09 17:17:25 +02:00
{ SMB_VFS_OP_PREAD_SEND , " pread_send " } ,
{ SMB_VFS_OP_PREAD_RECV , " pread_recv " } ,
2004-04-29 12:11:59 +00:00
{ SMB_VFS_OP_WRITE , " write " } ,
{ SMB_VFS_OP_PWRITE , " pwrite " } ,
2012-09-27 11:50:22 +02:00
{ SMB_VFS_OP_PWRITE_SEND , " pwrite_send " } ,
{ SMB_VFS_OP_PWRITE_RECV , " pwrite_recv " } ,
2004-04-29 12:11:59 +00:00
{ SMB_VFS_OP_LSEEK , " lseek " } ,
{ SMB_VFS_OP_SENDFILE , " sendfile " } ,
2008-07-04 14:51:01 +02:00
{ SMB_VFS_OP_RECVFILE , " recvfile " } ,
2004-04-29 12:11:59 +00:00
{ SMB_VFS_OP_RENAME , " rename " } ,
{ SMB_VFS_OP_FSYNC , " fsync " } ,
2012-07-13 10:22:25 +02:00
{ SMB_VFS_OP_FSYNC_SEND , " fsync_send " } ,
{ SMB_VFS_OP_FSYNC_RECV , " fsync_recv " } ,
2004-04-29 12:11:59 +00:00
{ SMB_VFS_OP_STAT , " stat " } ,
{ SMB_VFS_OP_FSTAT , " fstat " } ,
{ SMB_VFS_OP_LSTAT , " lstat " } ,
2009-01-26 15:39:40 -08:00
{ SMB_VFS_OP_GET_ALLOC_SIZE , " get_alloc_size " } ,
2004-04-29 12:11:59 +00:00
{ SMB_VFS_OP_UNLINK , " unlink " } ,
{ SMB_VFS_OP_CHMOD , " chmod " } ,
{ SMB_VFS_OP_FCHMOD , " fchmod " } ,
{ SMB_VFS_OP_CHOWN , " chown " } ,
{ SMB_VFS_OP_FCHOWN , " fchown " } ,
2007-05-23 23:55:12 +00:00
{ SMB_VFS_OP_LCHOWN , " lchown " } ,
2004-04-29 12:11:59 +00:00
{ SMB_VFS_OP_CHDIR , " chdir " } ,
{ SMB_VFS_OP_GETWD , " getwd " } ,
2007-03-05 23:40:03 +00:00
{ SMB_VFS_OP_NTIMES , " ntimes " } ,
2004-04-29 12:11:59 +00:00
{ SMB_VFS_OP_FTRUNCATE , " ftruncate " } ,
2010-12-17 23:08:01 -08:00
{ SMB_VFS_OP_FALLOCATE , " fallocate " } ,
2004-04-29 12:11:59 +00:00
{ SMB_VFS_OP_LOCK , " lock " } ,
2006-12-06 10:21:20 +00:00
{ SMB_VFS_OP_KERNEL_FLOCK , " kernel_flock " } ,
2007-02-14 02:37:14 +00:00
{ SMB_VFS_OP_LINUX_SETLEASE , " linux_setlease " } ,
2006-04-10 15:33:04 +00:00
{ SMB_VFS_OP_GETLOCK , " getlock " } ,
2004-04-29 12:11:59 +00:00
{ SMB_VFS_OP_SYMLINK , " symlink " } ,
{ SMB_VFS_OP_READLINK , " readlink " } ,
{ SMB_VFS_OP_LINK , " link " } ,
{ SMB_VFS_OP_MKNOD , " mknod " } ,
{ SMB_VFS_OP_REALPATH , " realpath " } ,
2007-03-19 21:03:30 +00:00
{ SMB_VFS_OP_NOTIFY_WATCH , " notify_watch " } ,
2007-03-08 01:40:49 +00:00
{ SMB_VFS_OP_CHFLAGS , " chflags " } ,
2007-08-02 09:19:04 +00:00
{ SMB_VFS_OP_FILE_ID_CREATE , " file_id_create " } ,
2008-06-07 09:04:03 +02:00
{ SMB_VFS_OP_STREAMINFO , " streaminfo " } ,
2009-01-05 12:58:23 +01:00
{ SMB_VFS_OP_GET_REAL_FILENAME , " get_real_filename " } ,
2009-05-28 19:20:14 +02:00
{ SMB_VFS_OP_CONNECTPATH , " connectpath " } ,
2009-02-09 21:51:29 -08:00
{ SMB_VFS_OP_BRL_LOCK_WINDOWS , " brl_lock_windows " } ,
{ SMB_VFS_OP_BRL_UNLOCK_WINDOWS , " brl_unlock_windows " } ,
{ SMB_VFS_OP_BRL_CANCEL_WINDOWS , " brl_cancel_windows " } ,
2009-03-13 14:15:28 -07:00
{ SMB_VFS_OP_STRICT_LOCK , " strict_lock " } ,
{ SMB_VFS_OP_STRICT_UNLOCK , " strict_unlock " } ,
2009-08-26 14:56:09 -07:00
{ SMB_VFS_OP_TRANSLATE_NAME , " translate_name " } ,
2013-01-15 17:22:59 +01:00
{ SMB_VFS_OP_COPY_CHUNK_SEND , " copy_chunk_send " } ,
{ SMB_VFS_OP_COPY_CHUNK_RECV , " copy_chunk_recv " } ,
2013-11-18 14:54:30 +01:00
{ SMB_VFS_OP_GET_COMPRESSION , " get_compression " } ,
{ SMB_VFS_OP_SET_COMPRESSION , " set_compression " } ,
2004-04-29 12:11:59 +00:00
{ SMB_VFS_OP_FGET_NT_ACL , " fget_nt_acl " } ,
{ SMB_VFS_OP_GET_NT_ACL , " get_nt_acl " } ,
{ SMB_VFS_OP_FSET_NT_ACL , " fset_nt_acl " } ,
{ SMB_VFS_OP_CHMOD_ACL , " chmod_acl " } ,
{ SMB_VFS_OP_FCHMOD_ACL , " fchmod_acl " } ,
{ SMB_VFS_OP_SYS_ACL_GET_FILE , " sys_acl_get_file " } ,
{ SMB_VFS_OP_SYS_ACL_GET_FD , " sys_acl_get_fd " } ,
2012-09-10 12:44:01 +10:00
{ SMB_VFS_OP_SYS_ACL_BLOB_GET_FILE , " sys_acl_blob_get_file " } ,
{ SMB_VFS_OP_SYS_ACL_BLOB_GET_FD , " sys_acl_blob_get_fd " } ,
2004-04-29 12:11:59 +00:00
{ SMB_VFS_OP_SYS_ACL_SET_FILE , " sys_acl_set_file " } ,
{ SMB_VFS_OP_SYS_ACL_SET_FD , " sys_acl_set_fd " } ,
{ SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE , " sys_acl_delete_def_file " } ,
{ SMB_VFS_OP_GETXATTR , " getxattr " } ,
{ SMB_VFS_OP_FGETXATTR , " fgetxattr " } ,
{ SMB_VFS_OP_LISTXATTR , " listxattr " } ,
{ SMB_VFS_OP_FLISTXATTR , " flistxattr " } ,
{ SMB_VFS_OP_REMOVEXATTR , " removexattr " } ,
{ SMB_VFS_OP_FREMOVEXATTR , " fremovexattr " } ,
{ SMB_VFS_OP_SETXATTR , " setxattr " } ,
{ SMB_VFS_OP_FSETXATTR , " fsetxattr " } ,
2008-03-21 10:20:53 +01:00
{ SMB_VFS_OP_AIO_FORCE , " aio_force " } ,
2011-02-25 06:28:30 -07:00
{ SMB_VFS_OP_IS_OFFLINE , " is_offline " } ,
{ SMB_VFS_OP_SET_OFFLINE , " set_offline " } ,
2004-04-29 12:11:59 +00:00
{ SMB_VFS_OP_LAST , NULL }
2009-02-10 12:14:39 -08:00
} ;
2004-04-29 12:11:59 +00:00
static int audit_syslog_facility ( vfs_handle_struct * handle )
{
2005-09-29 15:57:21 +00:00
static const struct enum_list enum_log_facilities [ ] = {
{ LOG_USER , " USER " } ,
{ LOG_LOCAL0 , " LOCAL0 " } ,
{ LOG_LOCAL1 , " LOCAL1 " } ,
{ LOG_LOCAL2 , " LOCAL2 " } ,
{ LOG_LOCAL3 , " LOCAL3 " } ,
{ LOG_LOCAL4 , " LOCAL4 " } ,
{ LOG_LOCAL5 , " LOCAL5 " } ,
{ LOG_LOCAL6 , " LOCAL6 " } ,
2011-05-24 17:19:52 +02:00
{ LOG_LOCAL7 , " LOCAL7 " } ,
{ - 1 , NULL }
2005-09-29 15:57:21 +00:00
} ;
int facility ;
facility = lp_parm_enum ( SNUM ( handle - > conn ) , " full_audit " , " facility " , enum_log_facilities , LOG_USER ) ;
return facility ;
2004-04-29 12:11:59 +00:00
}
static int audit_syslog_priority ( vfs_handle_struct * handle )
{
2005-09-29 15:57:21 +00:00
static const struct enum_list enum_log_priorities [ ] = {
{ LOG_EMERG , " EMERG " } ,
{ LOG_ALERT , " ALERT " } ,
{ LOG_CRIT , " CRIT " } ,
{ LOG_ERR , " ERR " } ,
{ LOG_WARNING , " WARNING " } ,
{ LOG_NOTICE , " NOTICE " } ,
{ LOG_INFO , " INFO " } ,
2011-05-24 17:19:52 +02:00
{ LOG_DEBUG , " DEBUG " } ,
{ - 1 , NULL }
2005-09-29 15:57:21 +00:00
} ;
int priority ;
2008-03-23 17:50:55 +01:00
priority = lp_parm_enum ( SNUM ( handle - > conn ) , " full_audit " , " priority " ,
enum_log_priorities , LOG_NOTICE ) ;
if ( priority = = - 1 ) {
priority = LOG_WARNING ;
}
2005-09-29 15:57:21 +00:00
return priority ;
2004-04-29 12:11:59 +00:00
}
2007-11-16 17:07:11 -08:00
static char * audit_prefix ( TALLOC_CTX * ctx , connection_struct * conn )
2004-04-29 12:11:59 +00:00
{
2007-11-16 17:07:11 -08:00
char * prefix = NULL ;
2009-01-05 13:32:53 +01:00
char * result ;
2004-04-29 12:11:59 +00:00
2007-11-16 17:07:11 -08:00
prefix = talloc_strdup ( ctx ,
lp_parm_const_string ( SNUM ( conn ) , " full_audit " ,
2004-04-29 12:11:59 +00:00
" prefix " , " %u|%I " ) ) ;
2007-11-16 17:07:11 -08:00
if ( ! prefix ) {
return NULL ;
}
2009-01-05 13:32:53 +01:00
result = talloc_sub_advanced ( ctx ,
2012-07-18 15:07:23 +09:30
lp_servicename ( talloc_tos ( ) , SNUM ( conn ) ) ,
2011-07-15 15:55:31 +10:00
conn - > session_info - > unix_info - > unix_name ,
2008-05-08 15:53:55 +02:00
conn - > connectpath ,
2011-07-15 14:59:14 +10:00
conn - > session_info - > unix_token - > gid ,
2011-07-15 15:55:31 +10:00
conn - > session_info - > unix_info - > sanitized_username ,
2011-07-18 12:58:25 +10:00
conn - > session_info - > info - > domain_name ,
2007-11-16 17:07:11 -08:00
prefix ) ;
2009-01-05 13:32:53 +01:00
TALLOC_FREE ( prefix ) ;
return result ;
2004-04-29 12:11:59 +00:00
}
2007-10-18 17:40:25 -07:00
static bool log_success ( vfs_handle_struct * handle , vfs_op_type op )
2004-04-29 12:11:59 +00:00
{
2006-01-19 00:34:48 +00:00
struct vfs_full_audit_private_data * pd = NULL ;
SMB_VFS_HANDLE_GET_DATA ( handle , pd ,
struct vfs_full_audit_private_data ,
return True ) ;
if ( pd - > success_ops = = NULL ) {
2004-04-29 12:11:59 +00:00
return True ;
2006-01-19 00:34:48 +00:00
}
2004-04-29 12:11:59 +00:00
2006-01-19 00:34:48 +00:00
return bitmap_query ( pd - > success_ops , op ) ;
2004-04-29 12:11:59 +00:00
}
2007-10-18 17:40:25 -07:00
static bool log_failure ( vfs_handle_struct * handle , vfs_op_type op )
2004-04-29 12:11:59 +00:00
{
2006-01-19 00:34:48 +00:00
struct vfs_full_audit_private_data * pd = NULL ;
SMB_VFS_HANDLE_GET_DATA ( handle , pd ,
struct vfs_full_audit_private_data ,
return True ) ;
if ( pd - > failure_ops = = NULL )
2004-04-29 12:11:59 +00:00
return True ;
2006-01-19 00:34:48 +00:00
return bitmap_query ( pd - > failure_ops , op ) ;
2004-04-29 12:11:59 +00:00
}
2010-03-28 14:26:53 +02:00
static struct bitmap * init_bitmap ( TALLOC_CTX * mem_ctx , const char * * ops )
2004-04-29 12:11:59 +00:00
{
2010-03-28 14:26:53 +02:00
struct bitmap * bm ;
2004-04-29 12:11:59 +00:00
2010-02-18 15:13:59 +01:00
if ( ops = = NULL ) {
2010-03-28 14:26:53 +02:00
return NULL ;
2010-02-18 15:13:59 +01:00
}
2004-04-29 12:11:59 +00:00
2010-03-28 14:26:53 +02:00
bm = bitmap_talloc ( mem_ctx , SMB_VFS_OP_LAST ) ;
if ( bm = = NULL ) {
2004-04-29 12:11:59 +00:00
DEBUG ( 0 , ( " Could not alloc bitmap -- "
" defaulting to logging everything \n " ) ) ;
2010-03-28 14:26:53 +02:00
return NULL ;
2004-04-29 12:11:59 +00:00
}
2010-02-18 15:13:59 +01:00
for ( ; * ops ! = NULL ; ops + = 1 ) {
2004-04-29 12:11:59 +00:00
int i ;
2010-02-18 15:13:59 +01:00
bool neg = false ;
const char * op ;
2004-04-29 12:11:59 +00:00
if ( strequal ( * ops , " all " ) ) {
2010-02-18 15:13:59 +01:00
for ( i = 0 ; i < SMB_VFS_OP_LAST ; i + + ) {
2010-03-28 14:26:53 +02:00
bitmap_set ( bm , i ) ;
2010-02-18 15:13:59 +01:00
}
continue ;
2004-04-29 12:11:59 +00:00
}
2006-01-19 00:34:48 +00:00
if ( strequal ( * ops , " none " ) ) {
break ;
}
2010-02-18 15:13:59 +01:00
op = ops [ 0 ] ;
if ( op [ 0 ] = = ' ! ' ) {
neg = true ;
op + = 1 ;
}
2004-04-29 12:11:59 +00:00
for ( i = 0 ; i < SMB_VFS_OP_LAST ; i + + ) {
2012-09-27 12:34:53 +02:00
if ( ( vfs_op_names [ i ] . name = = NULL )
| | ( vfs_op_names [ i ] . type ! = i ) ) {
2005-05-13 12:05:14 +00:00
smb_panic ( " vfs_full_audit.c: name table not "
2012-09-27 12:34:53 +02:00
" in sync with vfs_op_type enums \n " ) ;
2005-05-13 12:05:14 +00:00
}
2010-02-18 15:13:59 +01:00
if ( strequal ( op , vfs_op_names [ i ] . name ) ) {
if ( neg ) {
2010-03-28 14:26:53 +02:00
bitmap_clear ( bm , i ) ;
2010-02-18 15:13:59 +01:00
} else {
2010-03-28 14:26:53 +02:00
bitmap_set ( bm , i ) ;
2010-02-18 15:13:59 +01:00
}
break ;
2004-04-29 12:11:59 +00:00
}
}
2010-02-18 15:13:59 +01:00
if ( i = = SMB_VFS_OP_LAST ) {
2004-04-29 12:11:59 +00:00
DEBUG ( 0 , ( " Could not find opname %s, logging all \n " ,
* ops ) ) ;
2010-03-28 14:26:53 +02:00
TALLOC_FREE ( bm ) ;
return NULL ;
2004-04-29 12:11:59 +00:00
}
}
2010-03-28 14:26:53 +02:00
return bm ;
2004-04-29 12:11:59 +00:00
}
static const char * audit_opname ( vfs_op_type op )
{
if ( op > = SMB_VFS_OP_LAST )
return " INVALID VFS OP " ;
return vfs_op_names [ op ] . name ;
}
2009-06-30 23:08:02 -07:00
static TALLOC_CTX * tmp_do_log_ctx ;
/*
* Get us a temporary talloc context usable just for DEBUG arguments
*/
static TALLOC_CTX * do_log_ctx ( void )
{
if ( tmp_do_log_ctx = = NULL ) {
tmp_do_log_ctx = talloc_named_const ( NULL , 0 , " do_log_ctx " ) ;
}
return tmp_do_log_ctx ;
}
2007-10-18 17:40:25 -07:00
static void do_log ( vfs_op_type op , bool success , vfs_handle_struct * handle ,
2004-04-29 12:11:59 +00:00
const char * format , . . . )
{
fstring err_msg ;
2007-11-16 17:07:11 -08:00
char * audit_pre = NULL ;
2004-04-29 12:11:59 +00:00
va_list ap ;
2007-11-16 17:07:11 -08:00
char * op_msg = NULL ;
2009-08-26 01:38:14 +00:00
int priority ;
2004-04-29 12:11:59 +00:00
2006-01-19 00:34:48 +00:00
if ( success & & ( ! log_success ( handle , op ) ) )
2009-06-30 23:08:02 -07:00
goto out ;
2004-04-29 12:11:59 +00:00
2006-01-19 00:34:48 +00:00
if ( ! success & & ( ! log_failure ( handle , op ) ) )
2009-06-30 23:08:02 -07:00
goto out ;
2004-04-29 12:11:59 +00:00
if ( success )
fstrcpy ( err_msg , " ok " ) ;
else
fstr_sprintf ( err_msg , " fail (%s) " , strerror ( errno ) ) ;
va_start ( ap , format ) ;
2009-01-05 13:33:20 +01:00
op_msg = talloc_vasprintf ( talloc_tos ( ) , format , ap ) ;
2004-04-29 12:11:59 +00:00
va_end ( ap ) ;
2007-11-16 17:07:11 -08:00
if ( ! op_msg ) {
2009-06-30 23:08:02 -07:00
goto out ;
2007-11-16 17:07:11 -08:00
}
2009-08-26 01:38:14 +00:00
/*
* Specify the facility to interoperate with other syslog callers
* ( smbd for example ) .
*/
priority = audit_syslog_priority ( handle ) |
audit_syslog_facility ( handle ) ;
2009-01-05 13:33:20 +01:00
audit_pre = audit_prefix ( talloc_tos ( ) , handle - > conn ) ;
2009-08-26 01:38:14 +00:00
syslog ( priority , " %s|%s|%s|%s \n " ,
2007-11-16 17:07:11 -08:00
audit_pre ? audit_pre : " " ,
audit_opname ( op ) , err_msg , op_msg ) ;
2009-06-30 23:08:02 -07:00
out :
2007-11-16 17:07:11 -08:00
TALLOC_FREE ( audit_pre ) ;
TALLOC_FREE ( op_msg ) ;
2009-06-30 23:08:02 -07:00
TALLOC_FREE ( tmp_do_log_ctx ) ;
2004-04-29 12:11:59 +00:00
}
2009-06-30 23:08:02 -07:00
/**
* Return a string using the do_log_ctx ( )
*/
static const char * smb_fname_str_do_log ( const struct smb_filename * smb_fname )
{
char * fname = NULL ;
NTSTATUS status ;
if ( smb_fname = = NULL ) {
return " " ;
}
status = get_full_smb_filename ( do_log_ctx ( ) , smb_fname , & fname ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return " " ;
}
return fname ;
}
2009-07-10 18:11:32 -07:00
/**
* Return an fsp debug string using the do_log_ctx ( )
*/
static const char * fsp_str_do_log ( const struct files_struct * fsp )
{
return smb_fname_str_do_log ( fsp - > fsp_name ) ;
}
2009-06-30 23:08:02 -07:00
2004-04-29 12:11:59 +00:00
/* Implementation of vfs_ops. Pass everything on to the default
operation but log event first . */
2006-07-11 18:01:26 +00:00
static int smb_full_audit_connect ( vfs_handle_struct * handle ,
2004-04-29 12:11:59 +00:00
const char * svc , const char * user )
{
int result ;
2006-01-19 00:34:48 +00:00
struct vfs_full_audit_private_data * pd = NULL ;
2004-04-29 12:11:59 +00:00
2009-11-30 15:53:04 -08:00
result = SMB_VFS_NEXT_CONNECT ( handle , svc , user ) ;
if ( result < 0 ) {
return result ;
2006-03-13 18:42:57 +00:00
}
2011-06-07 11:44:43 +10:00
pd = talloc_zero ( handle , struct vfs_full_audit_private_data ) ;
2006-01-19 00:34:48 +00:00
if ( ! pd ) {
2009-11-30 15:53:04 -08:00
SMB_VFS_NEXT_DISCONNECT ( handle ) ;
2006-01-19 00:34:48 +00:00
return - 1 ;
}
2011-05-25 12:28:39 -07:00
# ifdef WITH_SYSLOG
2004-04-29 12:11:59 +00:00
openlog ( " smbd_audit " , 0 , audit_syslog_facility ( handle ) ) ;
2009-08-26 01:38:14 +00:00
# endif
2004-04-29 12:11:59 +00:00
2010-03-28 14:26:53 +02:00
pd - > success_ops = init_bitmap (
pd , lp_parm_string_list ( SNUM ( handle - > conn ) , " full_audit " ,
" success " , NULL ) ) ;
pd - > failure_ops = init_bitmap (
pd , lp_parm_string_list ( SNUM ( handle - > conn ) , " full_audit " ,
" failure " , NULL ) ) ;
2004-04-29 12:11:59 +00:00
2006-01-19 00:34:48 +00:00
/* Store the private data. */
2010-03-28 14:26:53 +02:00
SMB_VFS_HANDLE_SET_DATA ( handle , pd , NULL ,
2006-01-19 00:34:48 +00:00
struct vfs_full_audit_private_data , return - 1 ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_CONNECT , True , handle ,
" %s " , svc ) ;
2009-11-30 15:53:04 -08:00
return 0 ;
2004-04-29 12:11:59 +00:00
}
2006-07-11 18:01:26 +00:00
static void smb_full_audit_disconnect ( vfs_handle_struct * handle )
2004-04-29 12:11:59 +00:00
{
2006-07-11 18:01:26 +00:00
SMB_VFS_NEXT_DISCONNECT ( handle ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_DISCONNECT , True , handle ,
2012-07-18 15:07:23 +09:30
" %s " , lp_servicename ( talloc_tos ( ) , SNUM ( handle - > conn ) ) ) ;
2004-04-29 12:11:59 +00:00
2006-01-19 00:34:48 +00:00
/* The bitmaps will be disconnected when the private
data is deleted . */
2004-04-29 12:11:59 +00:00
}
2008-10-14 01:59:36 +02:00
static uint64_t smb_full_audit_disk_free ( vfs_handle_struct * handle ,
2006-07-11 18:01:26 +00:00
const char * path ,
2008-10-14 01:59:36 +02:00
bool small_query , uint64_t * bsize ,
uint64_t * dfree , uint64_t * dsize )
2004-04-29 12:11:59 +00:00
{
2008-10-14 01:59:36 +02:00
uint64_t result ;
2004-04-29 12:11:59 +00:00
2006-07-11 18:01:26 +00:00
result = SMB_VFS_NEXT_DISK_FREE ( handle , path , small_query , bsize ,
2004-04-29 12:11:59 +00:00
dfree , dsize ) ;
/* Don't have a reasonable notion of failure here */
do_log ( SMB_VFS_OP_DISK_FREE , True , handle , " %s " , path ) ;
return result ;
}
2004-08-31 15:11:41 +00:00
static int smb_full_audit_get_quota ( struct vfs_handle_struct * handle ,
2004-04-29 12:11:59 +00:00
enum SMB_QUOTA_TYPE qtype , unid_t id ,
SMB_DISK_QUOTA * qt )
{
int result ;
2006-07-11 18:01:26 +00:00
result = SMB_VFS_NEXT_GET_QUOTA ( handle , qtype , id , qt ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_GET_QUOTA , ( result > = 0 ) , handle , " " ) ;
return result ;
}
2004-08-31 15:11:41 +00:00
static int smb_full_audit_set_quota ( struct vfs_handle_struct * handle ,
2004-04-29 12:11:59 +00:00
enum SMB_QUOTA_TYPE qtype , unid_t id ,
SMB_DISK_QUOTA * qt )
{
int result ;
2006-07-11 18:01:26 +00:00
result = SMB_VFS_NEXT_SET_QUOTA ( handle , qtype , id , qt ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_SET_QUOTA , ( result > = 0 ) , handle , " " ) ;
return result ;
}
2005-03-16 00:40:28 +00:00
static int smb_full_audit_get_shadow_copy_data ( struct vfs_handle_struct * handle ,
struct files_struct * fsp ,
2011-05-30 12:06:31 +02:00
struct shadow_copy_data * shadow_copy_data ,
bool labels )
2005-03-16 00:40:28 +00:00
{
int result ;
result = SMB_VFS_NEXT_GET_SHADOW_COPY_DATA ( handle , fsp , shadow_copy_data , labels ) ;
do_log ( SMB_VFS_OP_GET_SHADOW_COPY_DATA , ( result > = 0 ) , handle , " " ) ;
return result ;
}
2005-10-20 17:33:17 +00:00
static int smb_full_audit_statvfs ( struct vfs_handle_struct * handle ,
const char * path ,
struct vfs_statvfs_struct * statbuf )
{
int result ;
2006-07-11 18:01:26 +00:00
result = SMB_VFS_NEXT_STATVFS ( handle , path , statbuf ) ;
2005-10-20 17:33:17 +00:00
do_log ( SMB_VFS_OP_STATVFS , ( result > = 0 ) , handle , " " ) ;
return result ;
}
2009-08-24 20:57:37 -07:00
static uint32_t smb_full_audit_fs_capabilities ( struct vfs_handle_struct * handle , enum timestamp_set_resolution * p_ts_res )
2009-02-10 12:14:39 -08:00
{
int result ;
2009-08-24 20:57:37 -07:00
result = SMB_VFS_NEXT_FS_CAPABILITIES ( handle , p_ts_res ) ;
2009-02-10 12:14:39 -08:00
do_log ( SMB_VFS_OP_FS_CAPABILITIES , true , handle , " " ) ;
return result ;
}
2012-03-28 13:22:03 +11:00
static DIR * smb_full_audit_opendir ( vfs_handle_struct * handle ,
2005-06-25 03:03:44 +00:00
const char * fname , const char * mask , uint32 attr )
2004-04-29 12:11:59 +00:00
{
2012-03-28 13:22:03 +11:00
DIR * result ;
2004-04-29 12:11:59 +00:00
2006-07-11 18:01:26 +00:00
result = SMB_VFS_NEXT_OPENDIR ( handle , fname , mask , attr ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_OPENDIR , ( result ! = NULL ) , handle , " %s " , fname ) ;
return result ;
}
2012-03-28 13:22:03 +11:00
static DIR * smb_full_audit_fdopendir ( vfs_handle_struct * handle ,
2011-02-08 15:07:48 -08:00
files_struct * fsp , const char * mask , uint32 attr )
{
2012-03-28 13:22:03 +11:00
DIR * result ;
2011-02-08 15:07:48 -08:00
result = SMB_VFS_NEXT_FDOPENDIR ( handle , fsp , mask , attr ) ;
do_log ( SMB_VFS_OP_FDOPENDIR , ( result ! = NULL ) , handle , " %s " ,
fsp_str_do_log ( fsp ) ) ;
return result ;
}
2012-03-28 13:18:14 +11:00
static struct dirent * smb_full_audit_readdir ( vfs_handle_struct * handle ,
2012-03-28 13:22:03 +11:00
DIR * dirp , SMB_STRUCT_STAT * sbuf )
2004-04-29 12:11:59 +00:00
{
2012-03-28 13:18:14 +11:00
struct dirent * result ;
2004-04-29 12:11:59 +00:00
2009-01-22 20:14:38 -08:00
result = SMB_VFS_NEXT_READDIR ( handle , dirp , sbuf ) ;
2004-04-29 12:11:59 +00:00
/* This operation has no reasonable error condition
* ( End of dir is also failure ) , so always succeed .
*/
do_log ( SMB_VFS_OP_READDIR , True , handle , " " ) ;
return result ;
}
2006-07-11 18:01:26 +00:00
static void smb_full_audit_seekdir ( vfs_handle_struct * handle ,
2012-03-28 13:22:03 +11:00
DIR * dirp , long offset )
2004-11-10 23:02:48 +00:00
{
2006-07-11 18:01:26 +00:00
SMB_VFS_NEXT_SEEKDIR ( handle , dirp , offset ) ;
2004-11-10 23:02:48 +00:00
do_log ( SMB_VFS_OP_SEEKDIR , True , handle , " " ) ;
}
2006-07-11 18:01:26 +00:00
static long smb_full_audit_telldir ( vfs_handle_struct * handle ,
2012-03-28 13:22:03 +11:00
DIR * dirp )
2004-11-10 23:02:48 +00:00
{
long result ;
2006-07-11 18:01:26 +00:00
result = SMB_VFS_NEXT_TELLDIR ( handle , dirp ) ;
2004-11-10 23:02:48 +00:00
2005-09-15 11:02:03 +00:00
do_log ( SMB_VFS_OP_TELLDIR , True , handle , " " ) ;
2004-11-10 23:02:48 +00:00
return result ;
}
2006-07-11 18:01:26 +00:00
static void smb_full_audit_rewinddir ( vfs_handle_struct * handle ,
2012-03-28 13:22:03 +11:00
DIR * dirp )
2004-11-10 23:02:48 +00:00
{
2006-07-11 18:01:26 +00:00
SMB_VFS_NEXT_REWINDDIR ( handle , dirp ) ;
2004-11-10 23:02:48 +00:00
do_log ( SMB_VFS_OP_REWINDDIR , True , handle , " " ) ;
}
2006-07-11 18:01:26 +00:00
static int smb_full_audit_mkdir ( vfs_handle_struct * handle ,
2004-04-29 12:11:59 +00:00
const char * path , mode_t mode )
{
int result ;
2006-07-11 18:01:26 +00:00
result = SMB_VFS_NEXT_MKDIR ( handle , path , mode ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_MKDIR , ( result > = 0 ) , handle , " %s " , path ) ;
return result ;
}
2006-07-11 18:01:26 +00:00
static int smb_full_audit_rmdir ( vfs_handle_struct * handle ,
2004-04-29 12:11:59 +00:00
const char * path )
{
int result ;
2006-07-11 18:01:26 +00:00
result = SMB_VFS_NEXT_RMDIR ( handle , path ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_RMDIR , ( result > = 0 ) , handle , " %s " , path ) ;
return result ;
}
2006-07-11 18:01:26 +00:00
static int smb_full_audit_closedir ( vfs_handle_struct * handle ,
2012-03-28 13:22:03 +11:00
DIR * dirp )
2004-04-29 12:11:59 +00:00
{
int result ;
2006-07-11 18:01:26 +00:00
result = SMB_VFS_NEXT_CLOSEDIR ( handle , dirp ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_CLOSEDIR , ( result > = 0 ) , handle , " " ) ;
return result ;
}
2009-02-02 21:37:51 -08:00
static void smb_full_audit_init_search_op ( vfs_handle_struct * handle ,
2012-03-28 13:22:03 +11:00
DIR * dirp )
2009-02-02 21:37:51 -08:00
{
SMB_VFS_NEXT_INIT_SEARCH_OP ( handle , dirp ) ;
do_log ( SMB_VFS_OP_INIT_SEARCH_OP , True , handle , " " ) ;
}
2006-07-11 18:01:26 +00:00
static int smb_full_audit_open ( vfs_handle_struct * handle ,
2009-06-16 12:01:13 -07:00
struct smb_filename * smb_fname ,
files_struct * fsp , int flags , mode_t mode )
2004-04-29 12:11:59 +00:00
{
int result ;
2009-06-16 12:01:13 -07:00
result = SMB_VFS_NEXT_OPEN ( handle , smb_fname , fsp , flags , mode ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_OPEN , ( result > = 0 ) , handle , " %s|%s " ,
( ( flags & O_WRONLY ) | | ( flags & O_RDWR ) ) ? " w " : " r " ,
2009-06-30 23:08:02 -07:00
smb_fname_str_do_log ( smb_fname ) ) ;
2004-04-29 12:11:59 +00:00
return result ;
}
2008-11-23 14:37:37 -08:00
static NTSTATUS smb_full_audit_create_file ( vfs_handle_struct * handle ,
struct smb_request * req ,
uint16_t root_dir_fid ,
2009-06-12 12:54:11 -07:00
struct smb_filename * smb_fname ,
2008-11-23 14:37:37 -08:00
uint32_t access_mask ,
uint32_t share_access ,
uint32_t create_disposition ,
uint32_t create_options ,
uint32_t file_attributes ,
uint32_t oplock_request ,
uint64_t allocation_size ,
2010-03-05 15:10:30 -08:00
uint32_t private_flags ,
2008-11-23 14:37:37 -08:00
struct security_descriptor * sd ,
struct ea_list * ea_list ,
files_struct * * result_fsp ,
2009-06-12 12:54:11 -07:00
int * pinfo )
2008-11-23 14:37:37 -08:00
{
NTSTATUS result ;
2009-08-26 01:38:07 +00:00
const char * str_create_disposition ;
switch ( create_disposition ) {
case FILE_SUPERSEDE :
str_create_disposition = " supersede " ;
break ;
case FILE_OVERWRITE_IF :
str_create_disposition = " overwrite_if " ;
break ;
case FILE_OPEN :
str_create_disposition = " open " ;
break ;
case FILE_OVERWRITE :
str_create_disposition = " overwrite " ;
break ;
case FILE_CREATE :
str_create_disposition = " create " ;
break ;
case FILE_OPEN_IF :
str_create_disposition = " open_if " ;
break ;
default :
str_create_disposition = " unknown " ;
}
2008-11-23 14:37:37 -08:00
result = SMB_VFS_NEXT_CREATE_FILE (
handle , /* handle */
req , /* req */
root_dir_fid , /* root_dir_fid */
2009-06-12 12:54:11 -07:00
smb_fname , /* fname */
2008-11-23 14:37:37 -08:00
access_mask , /* access_mask */
share_access , /* share_access */
create_disposition , /* create_disposition*/
create_options , /* create_options */
file_attributes , /* file_attributes */
oplock_request , /* oplock_request */
allocation_size , /* allocation_size */
2010-03-05 15:10:30 -08:00
private_flags ,
2008-11-23 14:37:37 -08:00
sd , /* sd */
ea_list , /* ea_list */
result_fsp , /* result */
2009-06-12 12:54:11 -07:00
pinfo ) ; /* pinfo */
2008-11-23 14:37:37 -08:00
2009-08-26 01:38:07 +00:00
do_log ( SMB_VFS_OP_CREATE_FILE , ( NT_STATUS_IS_OK ( result ) ) , handle ,
" 0x%x|%s|%s|%s " , access_mask ,
create_options & FILE_DIRECTORY_FILE ? " dir " : " file " ,
str_create_disposition , smb_fname_str_do_log ( smb_fname ) ) ;
2008-11-23 14:37:37 -08:00
return result ;
}
2008-01-11 14:19:28 +01:00
static int smb_full_audit_close ( vfs_handle_struct * handle , files_struct * fsp )
2004-04-29 12:11:59 +00:00
{
int result ;
2008-01-11 14:19:28 +01:00
result = SMB_VFS_NEXT_CLOSE ( handle , fsp ) ;
2004-04-29 12:11:59 +00:00
2009-07-10 18:11:32 -07:00
do_log ( SMB_VFS_OP_CLOSE , ( result > = 0 ) , handle , " %s " ,
fsp_str_do_log ( fsp ) ) ;
2004-04-29 12:11:59 +00:00
return result ;
}
2004-08-31 15:11:41 +00:00
static ssize_t smb_full_audit_read ( vfs_handle_struct * handle , files_struct * fsp ,
2008-01-10 15:33:51 +01:00
void * data , size_t n )
2004-04-29 12:11:59 +00:00
{
ssize_t result ;
2008-01-10 15:33:51 +01:00
result = SMB_VFS_NEXT_READ ( handle , fsp , data , n ) ;
2004-04-29 12:11:59 +00:00
2009-07-10 18:11:32 -07:00
do_log ( SMB_VFS_OP_READ , ( result > = 0 ) , handle , " %s " ,
fsp_str_do_log ( fsp ) ) ;
2004-04-29 12:11:59 +00:00
return result ;
}
2004-08-31 15:11:41 +00:00
static ssize_t smb_full_audit_pread ( vfs_handle_struct * handle , files_struct * fsp ,
2012-04-05 14:53:08 +10:00
void * data , size_t n , off_t offset )
2004-04-29 12:11:59 +00:00
{
ssize_t result ;
2008-01-07 00:14:19 +01:00
result = SMB_VFS_NEXT_PREAD ( handle , fsp , data , n , offset ) ;
2004-04-29 12:11:59 +00:00
2009-07-10 18:11:32 -07:00
do_log ( SMB_VFS_OP_PREAD , ( result > = 0 ) , handle , " %s " ,
fsp_str_do_log ( fsp ) ) ;
2004-04-29 12:11:59 +00:00
return result ;
}
2012-07-09 17:17:25 +02:00
struct smb_full_audit_pread_state {
vfs_handle_struct * handle ;
files_struct * fsp ;
ssize_t ret ;
int err ;
} ;
static void smb_full_audit_pread_done ( struct tevent_req * subreq ) ;
static struct tevent_req * smb_full_audit_pread_send (
struct vfs_handle_struct * handle , TALLOC_CTX * mem_ctx ,
struct tevent_context * ev , struct files_struct * fsp ,
void * data , size_t n , off_t offset )
{
struct tevent_req * req , * subreq ;
struct smb_full_audit_pread_state * state ;
req = tevent_req_create ( mem_ctx , & state ,
struct smb_full_audit_pread_state ) ;
if ( req = = NULL ) {
do_log ( SMB_VFS_OP_PREAD_SEND , false , handle , " %s " ,
fsp_str_do_log ( fsp ) ) ;
return NULL ;
}
state - > handle = handle ;
state - > fsp = fsp ;
subreq = SMB_VFS_NEXT_PREAD_SEND ( state , ev , handle , fsp , data ,
n , offset ) ;
if ( tevent_req_nomem ( subreq , req ) ) {
do_log ( SMB_VFS_OP_PREAD_SEND , false , handle , " %s " ,
fsp_str_do_log ( fsp ) ) ;
return tevent_req_post ( req , ev ) ;
}
tevent_req_set_callback ( subreq , smb_full_audit_pread_done , req ) ;
do_log ( SMB_VFS_OP_PREAD_SEND , true , handle , " %s " , fsp_str_do_log ( fsp ) ) ;
return req ;
}
static void smb_full_audit_pread_done ( struct tevent_req * subreq )
{
struct tevent_req * req = tevent_req_callback_data (
subreq , struct tevent_req ) ;
struct smb_full_audit_pread_state * state = tevent_req_data (
req , struct smb_full_audit_pread_state ) ;
state - > ret = SMB_VFS_PREAD_RECV ( subreq , & state - > err ) ;
TALLOC_FREE ( subreq ) ;
tevent_req_done ( req ) ;
}
static ssize_t smb_full_audit_pread_recv ( struct tevent_req * req , int * err )
{
struct smb_full_audit_pread_state * state = tevent_req_data (
req , struct smb_full_audit_pread_state ) ;
if ( tevent_req_is_unix_error ( req , err ) ) {
do_log ( SMB_VFS_OP_PREAD_RECV , false , state - > handle , " %s " ,
fsp_str_do_log ( state - > fsp ) ) ;
return - 1 ;
}
do_log ( SMB_VFS_OP_PREAD_RECV , ( state - > ret > = 0 ) , state - > handle , " %s " ,
fsp_str_do_log ( state - > fsp ) ) ;
* err = state - > err ;
return state - > ret ;
}
2004-08-31 15:11:41 +00:00
static ssize_t smb_full_audit_write ( vfs_handle_struct * handle , files_struct * fsp ,
2008-01-10 15:49:35 +01:00
const void * data , size_t n )
2004-04-29 12:11:59 +00:00
{
ssize_t result ;
2008-01-10 15:49:35 +01:00
result = SMB_VFS_NEXT_WRITE ( handle , fsp , data , n ) ;
2004-04-29 12:11:59 +00:00
2009-07-10 18:11:32 -07:00
do_log ( SMB_VFS_OP_WRITE , ( result > = 0 ) , handle , " %s " ,
fsp_str_do_log ( fsp ) ) ;
2004-04-29 12:11:59 +00:00
return result ;
}
2004-08-31 15:11:41 +00:00
static ssize_t smb_full_audit_pwrite ( vfs_handle_struct * handle , files_struct * fsp ,
2008-01-07 09:23:04 +01:00
const void * data , size_t n ,
2012-04-05 14:53:08 +10:00
off_t offset )
2004-04-29 12:11:59 +00:00
{
ssize_t result ;
2008-01-07 09:23:04 +01:00
result = SMB_VFS_NEXT_PWRITE ( handle , fsp , data , n , offset ) ;
2004-04-29 12:11:59 +00:00
2009-07-10 18:11:32 -07:00
do_log ( SMB_VFS_OP_PWRITE , ( result > = 0 ) , handle , " %s " ,
fsp_str_do_log ( fsp ) ) ;
2004-04-29 12:11:59 +00:00
return result ;
}
2012-07-09 17:17:25 +02:00
struct smb_full_audit_pwrite_state {
vfs_handle_struct * handle ;
files_struct * fsp ;
ssize_t ret ;
int err ;
} ;
static void smb_full_audit_pwrite_done ( struct tevent_req * subreq ) ;
static struct tevent_req * smb_full_audit_pwrite_send (
struct vfs_handle_struct * handle , TALLOC_CTX * mem_ctx ,
struct tevent_context * ev , struct files_struct * fsp ,
const void * data , size_t n , off_t offset )
{
struct tevent_req * req , * subreq ;
struct smb_full_audit_pwrite_state * state ;
req = tevent_req_create ( mem_ctx , & state ,
struct smb_full_audit_pwrite_state ) ;
if ( req = = NULL ) {
do_log ( SMB_VFS_OP_PWRITE_SEND , false , handle , " %s " ,
fsp_str_do_log ( fsp ) ) ;
return NULL ;
}
state - > handle = handle ;
state - > fsp = fsp ;
subreq = SMB_VFS_NEXT_PWRITE_SEND ( state , ev , handle , fsp , data ,
n , offset ) ;
if ( tevent_req_nomem ( subreq , req ) ) {
do_log ( SMB_VFS_OP_PWRITE_SEND , false , handle , " %s " ,
fsp_str_do_log ( fsp ) ) ;
return tevent_req_post ( req , ev ) ;
}
tevent_req_set_callback ( subreq , smb_full_audit_pwrite_done , req ) ;
do_log ( SMB_VFS_OP_PWRITE_SEND , true , handle , " %s " ,
fsp_str_do_log ( fsp ) ) ;
return req ;
}
static void smb_full_audit_pwrite_done ( struct tevent_req * subreq )
{
struct tevent_req * req = tevent_req_callback_data (
subreq , struct tevent_req ) ;
struct smb_full_audit_pwrite_state * state = tevent_req_data (
req , struct smb_full_audit_pwrite_state ) ;
state - > ret = SMB_VFS_PWRITE_RECV ( subreq , & state - > err ) ;
TALLOC_FREE ( subreq ) ;
tevent_req_done ( req ) ;
}
static ssize_t smb_full_audit_pwrite_recv ( struct tevent_req * req , int * err )
{
struct smb_full_audit_pwrite_state * state = tevent_req_data (
req , struct smb_full_audit_pwrite_state ) ;
if ( tevent_req_is_unix_error ( req , err ) ) {
do_log ( SMB_VFS_OP_PWRITE_RECV , false , state - > handle , " %s " ,
fsp_str_do_log ( state - > fsp ) ) ;
return - 1 ;
}
do_log ( SMB_VFS_OP_PWRITE_RECV , ( state - > ret > = 0 ) , state - > handle , " %s " ,
fsp_str_do_log ( state - > fsp ) ) ;
* err = state - > err ;
return state - > ret ;
}
2012-04-05 14:53:08 +10:00
static off_t smb_full_audit_lseek ( vfs_handle_struct * handle , files_struct * fsp ,
off_t offset , int whence )
2004-04-29 12:11:59 +00:00
{
ssize_t result ;
2008-01-07 10:15:08 +01:00
result = SMB_VFS_NEXT_LSEEK ( handle , fsp , offset , whence ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_LSEEK , ( result ! = ( ssize_t ) - 1 ) , handle ,
2009-07-10 18:11:32 -07:00
" %s " , fsp_str_do_log ( fsp ) ) ;
2004-04-29 12:11:59 +00:00
return result ;
}
2004-08-31 15:11:41 +00:00
static ssize_t smb_full_audit_sendfile ( vfs_handle_struct * handle , int tofd ,
2008-01-11 00:51:19 +01:00
files_struct * fromfsp ,
2012-04-05 14:53:08 +10:00
const DATA_BLOB * hdr , off_t offset ,
2004-04-29 12:11:59 +00:00
size_t n )
{
ssize_t result ;
2008-01-11 00:51:19 +01:00
result = SMB_VFS_NEXT_SENDFILE ( handle , tofd , fromfsp , hdr , offset , n ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_SENDFILE , ( result > = 0 ) , handle ,
2009-07-10 18:11:32 -07:00
" %s " , fsp_str_do_log ( fromfsp ) ) ;
2007-10-29 17:16:13 -07:00
return result ;
}
static ssize_t smb_full_audit_recvfile ( vfs_handle_struct * handle , int fromfd ,
2008-01-11 01:26:54 +01:00
files_struct * tofsp ,
2012-04-05 14:53:08 +10:00
off_t offset ,
2007-10-29 17:16:13 -07:00
size_t n )
{
ssize_t result ;
2008-01-11 01:26:54 +01:00
result = SMB_VFS_NEXT_RECVFILE ( handle , fromfd , tofsp , offset , n ) ;
2007-10-29 17:16:13 -07:00
do_log ( SMB_VFS_OP_RECVFILE , ( result > = 0 ) , handle ,
2009-07-10 18:11:32 -07:00
" %s " , fsp_str_do_log ( tofsp ) ) ;
2004-04-29 12:11:59 +00:00
return result ;
}
2006-07-11 18:01:26 +00:00
static int smb_full_audit_rename ( vfs_handle_struct * handle ,
2009-06-30 17:04:38 -07:00
const struct smb_filename * smb_fname_src ,
const struct smb_filename * smb_fname_dst )
2004-04-29 12:11:59 +00:00
{
int result ;
2009-06-30 17:04:38 -07:00
result = SMB_VFS_NEXT_RENAME ( handle , smb_fname_src , smb_fname_dst ) ;
2004-04-29 12:11:59 +00:00
2009-06-30 17:04:38 -07:00
do_log ( SMB_VFS_OP_RENAME , ( result > = 0 ) , handle , " %s|%s " ,
2009-06-30 23:08:02 -07:00
smb_fname_str_do_log ( smb_fname_src ) ,
smb_fname_str_do_log ( smb_fname_dst ) ) ;
2004-04-29 12:11:59 +00:00
return result ;
}
2008-01-07 12:49:02 +01:00
static int smb_full_audit_fsync ( vfs_handle_struct * handle , files_struct * fsp )
2004-04-29 12:11:59 +00:00
{
int result ;
2008-01-07 12:49:02 +01:00
result = SMB_VFS_NEXT_FSYNC ( handle , fsp ) ;
2004-04-29 12:11:59 +00:00
2009-07-10 18:11:32 -07:00
do_log ( SMB_VFS_OP_FSYNC , ( result > = 0 ) , handle , " %s " ,
fsp_str_do_log ( fsp ) ) ;
2004-04-29 12:11:59 +00:00
return result ;
}
2012-07-13 10:22:25 +02:00
struct smb_full_audit_fsync_state {
vfs_handle_struct * handle ;
files_struct * fsp ;
int ret ;
int err ;
} ;
static void smb_full_audit_fsync_done ( struct tevent_req * subreq ) ;
static struct tevent_req * smb_full_audit_fsync_send (
struct vfs_handle_struct * handle , TALLOC_CTX * mem_ctx ,
struct tevent_context * ev , struct files_struct * fsp )
{
struct tevent_req * req , * subreq ;
struct smb_full_audit_fsync_state * state ;
req = tevent_req_create ( mem_ctx , & state ,
struct smb_full_audit_fsync_state ) ;
if ( req = = NULL ) {
do_log ( SMB_VFS_OP_FSYNC_SEND , false , handle , " %s " ,
fsp_str_do_log ( fsp ) ) ;
return NULL ;
}
state - > handle = handle ;
state - > fsp = fsp ;
subreq = SMB_VFS_NEXT_FSYNC_SEND ( state , ev , handle , fsp ) ;
if ( tevent_req_nomem ( subreq , req ) ) {
do_log ( SMB_VFS_OP_FSYNC_SEND , false , handle , " %s " ,
fsp_str_do_log ( fsp ) ) ;
return tevent_req_post ( req , ev ) ;
}
tevent_req_set_callback ( subreq , smb_full_audit_fsync_done , req ) ;
do_log ( SMB_VFS_OP_FSYNC_SEND , true , handle , " %s " , fsp_str_do_log ( fsp ) ) ;
return req ;
}
static void smb_full_audit_fsync_done ( struct tevent_req * subreq )
{
struct tevent_req * req = tevent_req_callback_data (
subreq , struct tevent_req ) ;
struct smb_full_audit_fsync_state * state = tevent_req_data (
req , struct smb_full_audit_fsync_state ) ;
state - > ret = SMB_VFS_FSYNC_RECV ( subreq , & state - > err ) ;
TALLOC_FREE ( subreq ) ;
tevent_req_done ( req ) ;
}
static int smb_full_audit_fsync_recv ( struct tevent_req * req , int * err )
{
struct smb_full_audit_fsync_state * state = tevent_req_data (
req , struct smb_full_audit_fsync_state ) ;
if ( tevent_req_is_unix_error ( req , err ) ) {
do_log ( SMB_VFS_OP_FSYNC_RECV , false , state - > handle , " %s " ,
fsp_str_do_log ( state - > fsp ) ) ;
return - 1 ;
}
do_log ( SMB_VFS_OP_FSYNC_RECV , ( state - > ret > = 0 ) , state - > handle , " %s " ,
fsp_str_do_log ( state - > fsp ) ) ;
* err = state - > err ;
return state - > ret ;
}
2006-07-11 18:01:26 +00:00
static int smb_full_audit_stat ( vfs_handle_struct * handle ,
2009-06-22 15:26:56 -07:00
struct smb_filename * smb_fname )
2004-04-29 12:11:59 +00:00
{
int result ;
2009-06-22 15:26:56 -07:00
result = SMB_VFS_NEXT_STAT ( handle , smb_fname ) ;
2004-04-29 12:11:59 +00:00
2009-06-22 15:26:56 -07:00
do_log ( SMB_VFS_OP_STAT , ( result > = 0 ) , handle , " %s " ,
2009-06-30 23:08:02 -07:00
smb_fname_str_do_log ( smb_fname ) ) ;
2004-04-29 12:11:59 +00:00
return result ;
}
2008-01-07 13:21:26 +01:00
static int smb_full_audit_fstat ( vfs_handle_struct * handle , files_struct * fsp ,
2004-04-29 12:11:59 +00:00
SMB_STRUCT_STAT * sbuf )
{
int result ;
2008-01-07 13:21:26 +01:00
result = SMB_VFS_NEXT_FSTAT ( handle , fsp , sbuf ) ;
2004-04-29 12:11:59 +00:00
2009-07-10 18:11:32 -07:00
do_log ( SMB_VFS_OP_FSTAT , ( result > = 0 ) , handle , " %s " ,
fsp_str_do_log ( fsp ) ) ;
2004-04-29 12:11:59 +00:00
return result ;
}
2006-07-11 18:01:26 +00:00
static int smb_full_audit_lstat ( vfs_handle_struct * handle ,
2009-06-22 15:26:56 -07:00
struct smb_filename * smb_fname )
2004-04-29 12:11:59 +00:00
{
int result ;
2009-06-22 15:26:56 -07:00
result = SMB_VFS_NEXT_LSTAT ( handle , smb_fname ) ;
2004-04-29 12:11:59 +00:00
2009-06-22 15:26:56 -07:00
do_log ( SMB_VFS_OP_LSTAT , ( result > = 0 ) , handle , " %s " ,
2009-06-30 23:08:02 -07:00
smb_fname_str_do_log ( smb_fname ) ) ;
2004-04-29 12:11:59 +00:00
return result ;
}
2009-07-19 02:32:44 +02:00
static uint64_t smb_full_audit_get_alloc_size ( vfs_handle_struct * handle ,
2009-01-26 15:39:40 -08:00
files_struct * fsp , const SMB_STRUCT_STAT * sbuf )
{
2010-04-05 13:50:59 -07:00
uint64_t result ;
2009-01-26 15:39:40 -08:00
result = SMB_VFS_NEXT_GET_ALLOC_SIZE ( handle , fsp , sbuf ) ;
2010-04-05 13:50:59 -07:00
do_log ( SMB_VFS_OP_GET_ALLOC_SIZE , ( result ! = ( uint64_t ) - 1 ) , handle ,
" %llu " , result ) ;
2009-01-26 15:39:40 -08:00
return result ;
}
2006-07-11 18:01:26 +00:00
static int smb_full_audit_unlink ( vfs_handle_struct * handle ,
2009-07-02 09:27:44 -07:00
const struct smb_filename * smb_fname )
2004-04-29 12:11:59 +00:00
{
int result ;
2009-07-02 09:27:44 -07:00
result = SMB_VFS_NEXT_UNLINK ( handle , smb_fname ) ;
2004-04-29 12:11:59 +00:00
2009-07-02 09:27:44 -07:00
do_log ( SMB_VFS_OP_UNLINK , ( result > = 0 ) , handle , " %s " ,
smb_fname_str_do_log ( smb_fname ) ) ;
2004-04-29 12:11:59 +00:00
return result ;
}
2006-07-11 18:01:26 +00:00
static int smb_full_audit_chmod ( vfs_handle_struct * handle ,
2004-04-29 12:11:59 +00:00
const char * path , mode_t mode )
{
int result ;
2006-07-11 18:01:26 +00:00
result = SMB_VFS_NEXT_CHMOD ( handle , path , mode ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_CHMOD , ( result > = 0 ) , handle , " %s|%o " , path , mode ) ;
return result ;
}
2008-01-07 13:44:37 +01:00
static int smb_full_audit_fchmod ( vfs_handle_struct * handle , files_struct * fsp ,
2004-04-29 12:11:59 +00:00
mode_t mode )
{
int result ;
2008-01-07 13:44:37 +01:00
result = SMB_VFS_NEXT_FCHMOD ( handle , fsp , mode ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_FCHMOD , ( result > = 0 ) , handle ,
2009-07-10 18:11:32 -07:00
" %s|%o " , fsp_str_do_log ( fsp ) , mode ) ;
2004-04-29 12:11:59 +00:00
return result ;
}
2006-07-11 18:01:26 +00:00
static int smb_full_audit_chown ( vfs_handle_struct * handle ,
2004-04-29 12:11:59 +00:00
const char * path , uid_t uid , gid_t gid )
{
int result ;
2006-07-11 18:01:26 +00:00
result = SMB_VFS_NEXT_CHOWN ( handle , path , uid , gid ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_CHOWN , ( result > = 0 ) , handle , " %s|%ld|%ld " ,
path , ( long int ) uid , ( long int ) gid ) ;
return result ;
}
2008-01-07 14:26:00 +01:00
static int smb_full_audit_fchown ( vfs_handle_struct * handle , files_struct * fsp ,
2004-04-29 12:11:59 +00:00
uid_t uid , gid_t gid )
{
int result ;
2008-01-07 14:26:00 +01:00
result = SMB_VFS_NEXT_FCHOWN ( handle , fsp , uid , gid ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_FCHOWN , ( result > = 0 ) , handle , " %s|%ld|%ld " ,
2009-07-10 18:11:32 -07:00
fsp_str_do_log ( fsp ) , ( long int ) uid , ( long int ) gid ) ;
2004-04-29 12:11:59 +00:00
return result ;
}
2007-05-23 23:55:12 +00:00
static int smb_full_audit_lchown ( vfs_handle_struct * handle ,
const char * path , uid_t uid , gid_t gid )
{
int result ;
result = SMB_VFS_NEXT_LCHOWN ( handle , path , uid , gid ) ;
do_log ( SMB_VFS_OP_LCHOWN , ( result > = 0 ) , handle , " %s|%ld|%ld " ,
path , ( long int ) uid , ( long int ) gid ) ;
return result ;
}
2006-07-11 18:01:26 +00:00
static int smb_full_audit_chdir ( vfs_handle_struct * handle ,
2004-04-29 12:11:59 +00:00
const char * path )
{
int result ;
2006-07-11 18:01:26 +00:00
result = SMB_VFS_NEXT_CHDIR ( handle , path ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_CHDIR , ( result > = 0 ) , handle , " chdir|%s " , path ) ;
return result ;
}
2011-05-31 16:36:06 -07:00
static char * smb_full_audit_getwd ( vfs_handle_struct * handle )
2004-04-29 12:11:59 +00:00
{
char * result ;
2011-05-31 16:36:06 -07:00
result = SMB_VFS_NEXT_GETWD ( handle ) ;
2004-04-29 12:11:59 +00:00
2011-05-31 16:36:06 -07:00
do_log ( SMB_VFS_OP_GETWD , ( result ! = NULL ) , handle , " %s " ,
result = = NULL ? " " : result ) ;
2004-04-29 12:11:59 +00:00
return result ;
}
2007-03-05 23:40:03 +00:00
static int smb_full_audit_ntimes ( vfs_handle_struct * handle ,
2009-07-02 13:39:20 -07:00
const struct smb_filename * smb_fname ,
struct smb_file_time * ft )
2004-04-29 12:11:59 +00:00
{
int result ;
2009-07-02 13:39:20 -07:00
result = SMB_VFS_NEXT_NTIMES ( handle , smb_fname , ft ) ;
2004-04-29 12:11:59 +00:00
2009-07-02 13:39:20 -07:00
do_log ( SMB_VFS_OP_NTIMES , ( result > = 0 ) , handle , " %s " ,
smb_fname_str_do_log ( smb_fname ) ) ;
2004-04-29 12:11:59 +00:00
return result ;
}
2004-08-31 15:11:41 +00:00
static int smb_full_audit_ftruncate ( vfs_handle_struct * handle , files_struct * fsp ,
2012-04-05 14:53:08 +10:00
off_t len )
2004-04-29 12:11:59 +00:00
{
int result ;
2008-01-07 15:55:09 +01:00
result = SMB_VFS_NEXT_FTRUNCATE ( handle , fsp , len ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_FTRUNCATE , ( result > = 0 ) , handle ,
2009-07-10 18:11:32 -07:00
" %s " , fsp_str_do_log ( fsp ) ) ;
2004-04-29 12:11:59 +00:00
return result ;
}
2010-12-17 23:08:01 -08:00
static int smb_full_audit_fallocate ( vfs_handle_struct * handle , files_struct * fsp ,
enum vfs_fallocate_mode mode ,
2012-04-05 14:53:08 +10:00
off_t offset ,
off_t len )
2010-12-02 16:25:59 -08:00
{
int result ;
2010-12-17 23:08:01 -08:00
result = SMB_VFS_NEXT_FALLOCATE ( handle , fsp , mode , offset , len ) ;
2010-12-02 16:25:59 -08:00
2010-12-17 23:08:01 -08:00
do_log ( SMB_VFS_OP_FALLOCATE , ( result > = 0 ) , handle ,
2010-12-02 16:25:59 -08:00
" %s " , fsp_str_do_log ( fsp ) ) ;
return result ;
}
2008-01-07 16:38:23 +01:00
static bool smb_full_audit_lock ( vfs_handle_struct * handle , files_struct * fsp ,
2012-04-05 14:53:08 +10:00
int op , off_t offset , off_t count , int type )
2004-04-29 12:11:59 +00:00
{
2007-10-18 17:40:25 -07:00
bool result ;
2004-04-29 12:11:59 +00:00
2008-01-07 16:38:23 +01:00
result = SMB_VFS_NEXT_LOCK ( handle , fsp , op , offset , count , type ) ;
2004-04-29 12:11:59 +00:00
2009-07-10 18:11:32 -07:00
do_log ( SMB_VFS_OP_LOCK , result , handle , " %s " , fsp_str_do_log ( fsp ) ) ;
2004-04-29 12:11:59 +00:00
return result ;
}
2006-12-06 10:21:20 +00:00
static int smb_full_audit_kernel_flock ( struct vfs_handle_struct * handle ,
2008-01-07 17:14:20 +01:00
struct files_struct * fsp ,
2009-10-06 17:14:56 +02:00
uint32 share_mode , uint32 access_mask )
2006-12-06 10:21:20 +00:00
{
int result ;
2009-10-06 17:14:56 +02:00
result = SMB_VFS_NEXT_KERNEL_FLOCK ( handle , fsp , share_mode , access_mask ) ;
2006-12-06 10:21:20 +00:00
do_log ( SMB_VFS_OP_KERNEL_FLOCK , ( result > = 0 ) , handle , " %s " ,
2009-07-10 18:11:32 -07:00
fsp_str_do_log ( fsp ) ) ;
2006-12-06 10:21:20 +00:00
return result ;
}
2007-02-14 02:37:14 +00:00
static int smb_full_audit_linux_setlease ( vfs_handle_struct * handle , files_struct * fsp ,
2008-01-07 21:47:53 +01:00
int leasetype )
2007-02-14 02:37:14 +00:00
{
int result ;
2008-01-07 21:47:53 +01:00
result = SMB_VFS_NEXT_LINUX_SETLEASE ( handle , fsp , leasetype ) ;
2007-02-14 02:37:14 +00:00
do_log ( SMB_VFS_OP_LINUX_SETLEASE , ( result > = 0 ) , handle , " %s " ,
2009-07-10 18:11:32 -07:00
fsp_str_do_log ( fsp ) ) ;
2007-02-14 02:37:14 +00:00
return result ;
}
2008-01-07 22:18:50 +01:00
static bool smb_full_audit_getlock ( vfs_handle_struct * handle , files_struct * fsp ,
2012-04-05 14:53:08 +10:00
off_t * poffset , off_t * pcount , int * ptype , pid_t * ppid )
2006-04-10 15:33:04 +00:00
{
2007-10-18 17:40:25 -07:00
bool result ;
2006-04-10 15:33:04 +00:00
2008-01-07 22:18:50 +01:00
result = SMB_VFS_NEXT_GETLOCK ( handle , fsp , poffset , pcount , ptype , ppid ) ;
2006-04-10 15:33:04 +00:00
2009-07-10 18:11:32 -07:00
do_log ( SMB_VFS_OP_GETLOCK , result , handle , " %s " , fsp_str_do_log ( fsp ) ) ;
2006-04-10 15:33:04 +00:00
return result ;
}
2006-07-11 18:01:26 +00:00
static int smb_full_audit_symlink ( vfs_handle_struct * handle ,
2004-04-29 12:11:59 +00:00
const char * oldpath , const char * newpath )
{
int result ;
2006-07-11 18:01:26 +00:00
result = SMB_VFS_NEXT_SYMLINK ( handle , oldpath , newpath ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_SYMLINK , ( result > = 0 ) , handle ,
" %s|%s " , oldpath , newpath ) ;
return result ;
}
2006-07-11 18:01:26 +00:00
static int smb_full_audit_readlink ( vfs_handle_struct * handle ,
2004-04-29 12:11:59 +00:00
const char * path , char * buf , size_t bufsiz )
{
int result ;
2006-07-11 18:01:26 +00:00
result = SMB_VFS_NEXT_READLINK ( handle , path , buf , bufsiz ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_READLINK , ( result > = 0 ) , handle , " %s " , path ) ;
return result ;
}
2006-07-11 18:01:26 +00:00
static int smb_full_audit_link ( vfs_handle_struct * handle ,
2004-04-29 12:11:59 +00:00
const char * oldpath , const char * newpath )
{
int result ;
2006-07-11 18:01:26 +00:00
result = SMB_VFS_NEXT_LINK ( handle , oldpath , newpath ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_LINK , ( result > = 0 ) , handle ,
" %s|%s " , oldpath , newpath ) ;
return result ;
}
2006-07-11 18:01:26 +00:00
static int smb_full_audit_mknod ( vfs_handle_struct * handle ,
2004-04-29 12:11:59 +00:00
const char * pathname , mode_t mode , SMB_DEV_T dev )
{
int result ;
2006-07-11 18:01:26 +00:00
result = SMB_VFS_NEXT_MKNOD ( handle , pathname , mode , dev ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_MKNOD , ( result > = 0 ) , handle , " %s " , pathname ) ;
return result ;
}
2006-07-11 18:01:26 +00:00
static char * smb_full_audit_realpath ( vfs_handle_struct * handle ,
2010-11-19 16:29:26 -08:00
const char * path )
2004-04-29 12:11:59 +00:00
{
char * result ;
2010-11-19 16:29:26 -08:00
result = SMB_VFS_NEXT_REALPATH ( handle , path ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_REALPATH , ( result ! = NULL ) , handle , " %s " , path ) ;
return result ;
}
2007-03-19 17:02:15 +00:00
static NTSTATUS smb_full_audit_notify_watch ( struct vfs_handle_struct * handle ,
struct sys_notify_context * ctx ,
2012-03-19 21:57:50 +01:00
const char * path ,
2012-03-26 12:46:11 +02:00
uint32_t * filter ,
uint32_t * subdir_filter ,
2007-03-19 17:02:15 +00:00
void ( * callback ) ( struct sys_notify_context * ctx ,
void * private_data ,
struct notify_event * ev ) ,
void * private_data , void * handle_p )
{
NTSTATUS result ;
2012-03-26 12:46:11 +02:00
result = SMB_VFS_NEXT_NOTIFY_WATCH ( handle , ctx , path ,
filter , subdir_filter , callback ,
2012-03-19 21:57:50 +01:00
private_data , handle_p ) ;
2007-03-19 17:02:15 +00:00
do_log ( SMB_VFS_OP_NOTIFY_WATCH , NT_STATUS_IS_OK ( result ) , handle , " " ) ;
return result ;
}
2007-03-08 01:40:49 +00:00
static int smb_full_audit_chflags ( vfs_handle_struct * handle ,
2007-09-28 01:32:08 +00:00
const char * path , unsigned int flags )
2007-03-08 01:40:49 +00:00
{
int result ;
result = SMB_VFS_NEXT_CHFLAGS ( handle , path , flags ) ;
do_log ( SMB_VFS_OP_CHFLAGS , ( result ! = 0 ) , handle , " %s " , path ) ;
return result ;
}
2007-08-02 09:19:04 +00:00
static struct file_id smb_full_audit_file_id_create ( struct vfs_handle_struct * handle ,
2009-02-15 23:38:53 -08:00
const SMB_STRUCT_STAT * sbuf )
2007-08-02 09:19:04 +00:00
{
struct file_id id_zero ;
struct file_id result ;
ZERO_STRUCT ( id_zero ) ;
2009-02-15 23:38:53 -08:00
result = SMB_VFS_NEXT_FILE_ID_CREATE ( handle , sbuf ) ;
2007-08-02 09:19:04 +00:00
do_log ( SMB_VFS_OP_FILE_ID_CREATE ,
! file_id_equal ( & id_zero , & result ) ,
2007-09-10 10:56:07 +00:00
handle , " %s " , file_id_string_tos ( & result ) ) ;
2007-08-02 09:19:04 +00:00
return result ;
}
2008-06-07 09:04:03 +02:00
static NTSTATUS smb_full_audit_streaminfo ( vfs_handle_struct * handle ,
struct files_struct * fsp ,
const char * fname ,
TALLOC_CTX * mem_ctx ,
unsigned int * pnum_streams ,
struct stream_struct * * pstreams )
{
NTSTATUS result ;
result = SMB_VFS_NEXT_STREAMINFO ( handle , fsp , fname , mem_ctx ,
pnum_streams , pstreams ) ;
do_log ( SMB_VFS_OP_STREAMINFO , NT_STATUS_IS_OK ( result ) , handle ,
" %s " , fname ) ;
return result ;
}
2009-01-05 12:58:23 +01:00
static int smb_full_audit_get_real_filename ( struct vfs_handle_struct * handle ,
const char * path ,
const char * name ,
TALLOC_CTX * mem_ctx ,
char * * found_name )
{
int result ;
result = SMB_VFS_NEXT_GET_REAL_FILENAME ( handle , path , name , mem_ctx ,
found_name ) ;
do_log ( SMB_VFS_OP_GET_REAL_FILENAME , ( result = = 0 ) , handle ,
" %s/%s->%s " , path , name , ( result = = 0 ) ? " " : * found_name ) ;
return result ;
}
2009-05-28 19:20:14 +02:00
static const char * smb_full_audit_connectpath ( vfs_handle_struct * handle ,
const char * fname )
{
const char * result ;
result = SMB_VFS_NEXT_CONNECTPATH ( handle , fname ) ;
do_log ( SMB_VFS_OP_CONNECTPATH , result ! = NULL , handle ,
" %s " , fname ) ;
return result ;
}
2009-02-09 21:51:29 -08:00
static NTSTATUS smb_full_audit_brl_lock_windows ( struct vfs_handle_struct * handle ,
struct byte_range_lock * br_lck ,
struct lock_struct * plock ,
bool blocking_lock ,
struct blocking_lock_record * blr )
{
NTSTATUS result ;
result = SMB_VFS_NEXT_BRL_LOCK_WINDOWS ( handle , br_lck , plock ,
blocking_lock , blr ) ;
do_log ( SMB_VFS_OP_BRL_LOCK_WINDOWS , NT_STATUS_IS_OK ( result ) , handle ,
2013-09-10 19:41:32 +02:00
" %s:%llu-%llu. type=%d. blocking=%d " ,
fsp_str_do_log ( brl_fsp ( br_lck ) ) ,
2012-09-20 08:20:57 +02:00
plock - > start , plock - > size , plock - > lock_type , blocking_lock ) ;
2009-02-09 21:51:29 -08:00
return result ;
}
static bool smb_full_audit_brl_unlock_windows ( struct vfs_handle_struct * handle ,
struct messaging_context * msg_ctx ,
struct byte_range_lock * br_lck ,
const struct lock_struct * plock )
{
bool result ;
result = SMB_VFS_NEXT_BRL_UNLOCK_WINDOWS ( handle , msg_ctx , br_lck ,
plock ) ;
do_log ( SMB_VFS_OP_BRL_UNLOCK_WINDOWS , ( result = = 0 ) , handle ,
2013-09-10 19:41:32 +02:00
" %s:%llu-%llu:%d " , fsp_str_do_log ( brl_fsp ( br_lck ) ) ,
plock - > start ,
2009-02-09 21:51:29 -08:00
plock - > size , plock - > lock_type ) ;
return result ;
}
static bool smb_full_audit_brl_cancel_windows ( struct vfs_handle_struct * handle ,
struct byte_range_lock * br_lck ,
struct lock_struct * plock ,
struct blocking_lock_record * blr )
{
bool result ;
result = SMB_VFS_NEXT_BRL_CANCEL_WINDOWS ( handle , br_lck , plock , blr ) ;
do_log ( SMB_VFS_OP_BRL_CANCEL_WINDOWS , ( result = = 0 ) , handle ,
2013-09-10 19:41:32 +02:00
" %s:%llu-%llu:%d " , fsp_str_do_log ( brl_fsp ( br_lck ) ) ,
plock - > start ,
2012-09-20 08:20:57 +02:00
plock - > size , plock - > lock_type ) ;
2009-02-09 21:51:29 -08:00
return result ;
}
2009-03-13 14:15:28 -07:00
static bool smb_full_audit_strict_lock ( struct vfs_handle_struct * handle ,
struct files_struct * fsp ,
struct lock_struct * plock )
{
bool result ;
result = SMB_VFS_NEXT_STRICT_LOCK ( handle , fsp , plock ) ;
do_log ( SMB_VFS_OP_STRICT_LOCK , result , handle ,
2009-07-10 18:11:32 -07:00
" %s:%llu-%llu:%d " , fsp_str_do_log ( fsp ) , plock - > start ,
2012-09-20 08:20:57 +02:00
plock - > size , plock - > lock_type ) ;
2009-03-13 14:15:28 -07:00
return result ;
}
static void smb_full_audit_strict_unlock ( struct vfs_handle_struct * handle ,
struct files_struct * fsp ,
struct lock_struct * plock )
{
SMB_VFS_NEXT_STRICT_UNLOCK ( handle , fsp , plock ) ;
do_log ( SMB_VFS_OP_STRICT_UNLOCK , true , handle ,
2009-07-10 18:11:32 -07:00
" %s:%llu-%llu:%d " , fsp_str_do_log ( fsp ) , plock - > start ,
2012-09-20 08:20:57 +02:00
plock - > size , plock - > lock_type ) ;
2009-03-13 14:15:28 -07:00
}
2009-11-16 09:49:23 +01:00
static NTSTATUS smb_full_audit_translate_name ( struct vfs_handle_struct * handle ,
const char * name ,
enum vfs_translate_direction direction ,
TALLOC_CTX * mem_ctx ,
char * * mapped_name )
2009-08-26 14:56:09 -07:00
{
NTSTATUS result ;
2009-11-16 09:49:23 +01:00
result = SMB_VFS_NEXT_TRANSLATE_NAME ( handle , name , direction , mem_ctx ,
mapped_name ) ;
2009-08-26 14:56:09 -07:00
do_log ( SMB_VFS_OP_TRANSLATE_NAME , NT_STATUS_IS_OK ( result ) , handle , " " ) ;
return result ;
}
2013-01-15 17:22:59 +01:00
static struct tevent_req * smb_full_audit_copy_chunk_send ( struct vfs_handle_struct * handle ,
TALLOC_CTX * mem_ctx ,
struct tevent_context * ev ,
struct files_struct * src_fsp ,
off_t src_off ,
struct files_struct * dest_fsp ,
off_t dest_off ,
off_t num )
{
struct tevent_req * req ;
req = SMB_VFS_NEXT_COPY_CHUNK_SEND ( handle , mem_ctx , ev , src_fsp ,
src_off , dest_fsp , dest_off , num ) ;
do_log ( SMB_VFS_OP_COPY_CHUNK_SEND , req , handle , " " ) ;
return req ;
}
static NTSTATUS smb_full_audit_copy_chunk_recv ( struct vfs_handle_struct * handle ,
struct tevent_req * req ,
off_t * copied )
{
NTSTATUS result ;
result = SMB_VFS_NEXT_COPY_CHUNK_RECV ( handle , req , copied ) ;
do_log ( SMB_VFS_OP_COPY_CHUNK_RECV , NT_STATUS_IS_OK ( result ) , handle , " " ) ;
return result ;
}
2013-11-18 14:54:30 +01:00
static NTSTATUS smb_full_audit_get_compression ( vfs_handle_struct * handle ,
TALLOC_CTX * mem_ctx ,
struct files_struct * fsp ,
struct smb_filename * smb_fname ,
uint16_t * _compression_fmt )
{
NTSTATUS result ;
result = SMB_VFS_NEXT_GET_COMPRESSION ( handle , mem_ctx , fsp , smb_fname ,
_compression_fmt ) ;
do_log ( SMB_VFS_OP_GET_COMPRESSION , NT_STATUS_IS_OK ( result ) , handle ,
" %s " ,
( fsp ? fsp_str_do_log ( fsp ) : smb_fname_str_do_log ( smb_fname ) ) ) ;
return result ;
}
static NTSTATUS smb_full_audit_set_compression ( vfs_handle_struct * handle ,
TALLOC_CTX * mem_ctx ,
struct files_struct * fsp ,
uint16_t compression_fmt )
{
NTSTATUS result ;
result = SMB_VFS_NEXT_SET_COMPRESSION ( handle , mem_ctx , fsp ,
compression_fmt ) ;
do_log ( SMB_VFS_OP_SET_COMPRESSION , NT_STATUS_IS_OK ( result ) , handle ,
" %s " , fsp_str_do_log ( fsp ) ) ;
return result ;
}
2007-10-13 21:06:49 +02:00
static NTSTATUS smb_full_audit_fget_nt_acl ( vfs_handle_struct * handle , files_struct * fsp ,
2012-10-10 11:50:27 +11:00
uint32 security_info ,
TALLOC_CTX * mem_ctx ,
struct security_descriptor * * ppdesc )
2004-04-29 12:11:59 +00:00
{
2007-10-13 21:06:49 +02:00
NTSTATUS result ;
2004-04-29 12:11:59 +00:00
2012-10-10 11:50:27 +11:00
result = SMB_VFS_NEXT_FGET_NT_ACL ( handle , fsp , security_info ,
mem_ctx , ppdesc ) ;
2004-04-29 12:11:59 +00:00
2007-10-13 21:06:49 +02:00
do_log ( SMB_VFS_OP_FGET_NT_ACL , NT_STATUS_IS_OK ( result ) , handle ,
2009-07-10 18:11:32 -07:00
" %s " , fsp_str_do_log ( fsp ) ) ;
2004-04-29 12:11:59 +00:00
return result ;
}
2007-10-13 21:06:49 +02:00
static NTSTATUS smb_full_audit_get_nt_acl ( vfs_handle_struct * handle ,
const char * name ,
uint32 security_info ,
2012-10-10 11:50:27 +11:00
TALLOC_CTX * mem_ctx ,
2010-05-18 10:29:34 +02:00
struct security_descriptor * * ppdesc )
2004-04-29 12:11:59 +00:00
{
2007-10-13 21:06:49 +02:00
NTSTATUS result ;
2004-04-29 12:11:59 +00:00
2012-10-10 11:50:27 +11:00
result = SMB_VFS_NEXT_GET_NT_ACL ( handle , name , security_info ,
mem_ctx , ppdesc ) ;
2004-04-29 12:11:59 +00:00
2007-10-13 21:06:49 +02:00
do_log ( SMB_VFS_OP_GET_NT_ACL , NT_STATUS_IS_OK ( result ) , handle ,
2008-08-14 10:58:50 -07:00
" %s " , name ) ;
2004-04-29 12:11:59 +00:00
return result ;
}
2007-06-26 22:49:10 +00:00
static NTSTATUS smb_full_audit_fset_nt_acl ( vfs_handle_struct * handle , files_struct * fsp ,
2008-01-06 18:48:02 +01:00
uint32 security_info_sent ,
2010-05-18 10:29:34 +02:00
const struct security_descriptor * psd )
2004-04-29 12:11:59 +00:00
{
2007-06-26 22:49:10 +00:00
NTSTATUS result ;
2004-04-29 12:11:59 +00:00
2008-01-06 18:48:02 +01:00
result = SMB_VFS_NEXT_FSET_NT_ACL ( handle , fsp , security_info_sent , psd ) ;
2004-04-29 12:11:59 +00:00
2009-07-10 18:11:32 -07:00
do_log ( SMB_VFS_OP_FSET_NT_ACL , NT_STATUS_IS_OK ( result ) , handle , " %s " ,
fsp_str_do_log ( fsp ) ) ;
2004-04-29 12:11:59 +00:00
return result ;
}
2006-07-11 18:01:26 +00:00
static int smb_full_audit_chmod_acl ( vfs_handle_struct * handle ,
2004-04-29 12:11:59 +00:00
const char * path , mode_t mode )
{
int result ;
2006-07-11 18:01:26 +00:00
result = SMB_VFS_NEXT_CHMOD_ACL ( handle , path , mode ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_CHMOD_ACL , ( result > = 0 ) , handle ,
" %s|%o " , path , mode ) ;
return result ;
}
2004-08-31 15:11:41 +00:00
static int smb_full_audit_fchmod_acl ( vfs_handle_struct * handle , files_struct * fsp ,
2008-01-08 01:14:24 +01:00
mode_t mode )
2004-04-29 12:11:59 +00:00
{
int result ;
2008-01-08 01:14:24 +01:00
result = SMB_VFS_NEXT_FCHMOD_ACL ( handle , fsp , mode ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_FCHMOD_ACL , ( result > = 0 ) , handle ,
2009-07-10 18:11:32 -07:00
" %s|%o " , fsp_str_do_log ( fsp ) , mode ) ;
2004-04-29 12:11:59 +00:00
return result ;
}
2004-08-31 15:11:41 +00:00
static SMB_ACL_T smb_full_audit_sys_acl_get_file ( vfs_handle_struct * handle ,
2004-04-29 12:11:59 +00:00
const char * path_p ,
2012-10-10 10:18:32 +11:00
SMB_ACL_TYPE_T type ,
TALLOC_CTX * mem_ctx )
2004-04-29 12:11:59 +00:00
{
SMB_ACL_T result ;
2012-10-10 10:18:32 +11:00
result = SMB_VFS_NEXT_SYS_ACL_GET_FILE ( handle , path_p , type , mem_ctx ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_SYS_ACL_GET_FILE , ( result ! = NULL ) , handle ,
" %s " , path_p ) ;
return result ;
}
2004-08-31 15:11:41 +00:00
static SMB_ACL_T smb_full_audit_sys_acl_get_fd ( vfs_handle_struct * handle ,
2012-10-10 10:18:32 +11:00
files_struct * fsp , TALLOC_CTX * mem_ctx )
2004-04-29 12:11:59 +00:00
{
SMB_ACL_T result ;
2012-10-10 10:18:32 +11:00
result = SMB_VFS_NEXT_SYS_ACL_GET_FD ( handle , fsp , mem_ctx ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_SYS_ACL_GET_FD , ( result ! = NULL ) , handle ,
2009-07-10 18:11:32 -07:00
" %s " , fsp_str_do_log ( fsp ) ) ;
2004-04-29 12:11:59 +00:00
return result ;
}
2012-09-10 12:44:01 +10:00
static int smb_full_audit_sys_acl_blob_get_file ( vfs_handle_struct * handle ,
const char * path_p ,
2012-09-20 08:35:27 +02:00
TALLOC_CTX * mem_ctx ,
2012-09-10 12:44:01 +10:00
char * * blob_description ,
DATA_BLOB * blob )
{
2012-09-20 08:35:27 +02:00
int result ;
2012-09-10 12:44:01 +10:00
2012-10-10 16:44:41 +11:00
result = SMB_VFS_NEXT_SYS_ACL_BLOB_GET_FILE ( handle , path_p , mem_ctx , blob_description , blob ) ;
2012-09-10 12:44:01 +10:00
2012-09-20 08:35:27 +02:00
do_log ( SMB_VFS_OP_SYS_ACL_BLOB_GET_FILE , ( result > = 0 ) , handle ,
2012-09-10 12:44:01 +10:00
" %s " , path_p ) ;
return result ;
}
static int smb_full_audit_sys_acl_blob_get_fd ( vfs_handle_struct * handle ,
2012-09-20 08:35:27 +02:00
files_struct * fsp ,
TALLOC_CTX * mem_ctx ,
2012-09-10 12:44:01 +10:00
char * * blob_description ,
DATA_BLOB * blob )
{
2012-09-20 08:35:27 +02:00
int result ;
2012-09-10 12:44:01 +10:00
2012-09-20 08:35:27 +02:00
result = SMB_VFS_NEXT_SYS_ACL_BLOB_GET_FD ( handle , fsp , mem_ctx , blob_description , blob ) ;
2012-09-10 12:44:01 +10:00
2012-09-20 08:35:27 +02:00
do_log ( SMB_VFS_OP_SYS_ACL_BLOB_GET_FD , ( result > = 0 ) , handle ,
2012-09-10 12:44:01 +10:00
" %s " , fsp_str_do_log ( fsp ) ) ;
return result ;
}
2004-08-31 15:11:41 +00:00
static int smb_full_audit_sys_acl_set_file ( vfs_handle_struct * handle ,
2006-07-11 18:01:26 +00:00
2004-04-29 12:11:59 +00:00
const char * name , SMB_ACL_TYPE_T acltype ,
SMB_ACL_T theacl )
{
int result ;
2006-07-11 18:01:26 +00:00
result = SMB_VFS_NEXT_SYS_ACL_SET_FILE ( handle , name , acltype ,
2004-04-29 12:11:59 +00:00
theacl ) ;
do_log ( SMB_VFS_OP_SYS_ACL_SET_FILE , ( result > = 0 ) , handle ,
" %s " , name ) ;
return result ;
}
2004-08-31 15:11:41 +00:00
static int smb_full_audit_sys_acl_set_fd ( vfs_handle_struct * handle , files_struct * fsp ,
2008-01-08 01:54:19 +01:00
SMB_ACL_T theacl )
2004-04-29 12:11:59 +00:00
{
int result ;
2008-01-08 01:54:19 +01:00
result = SMB_VFS_NEXT_SYS_ACL_SET_FD ( handle , fsp , theacl ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_SYS_ACL_SET_FD , ( result > = 0 ) , handle ,
2009-07-10 18:11:32 -07:00
" %s " , fsp_str_do_log ( fsp ) ) ;
2004-04-29 12:11:59 +00:00
return result ;
}
2004-08-31 15:11:41 +00:00
static int smb_full_audit_sys_acl_delete_def_file ( vfs_handle_struct * handle ,
2006-07-11 18:01:26 +00:00
2004-04-29 12:11:59 +00:00
const char * path )
{
int result ;
2006-07-11 18:01:26 +00:00
result = SMB_VFS_NEXT_SYS_ACL_DELETE_DEF_FILE ( handle , path ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE , ( result > = 0 ) , handle ,
" %s " , path ) ;
return result ;
}
2004-08-31 15:11:41 +00:00
static ssize_t smb_full_audit_getxattr ( struct vfs_handle_struct * handle ,
2006-07-11 18:01:26 +00:00
const char * path ,
2004-04-29 12:11:59 +00:00
const char * name , void * value , size_t size )
{
ssize_t result ;
2006-07-11 18:01:26 +00:00
result = SMB_VFS_NEXT_GETXATTR ( handle , path , name , value , size ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_GETXATTR , ( result > = 0 ) , handle ,
" %s|%s " , path , name ) ;
return result ;
}
2004-08-31 15:11:41 +00:00
static ssize_t smb_full_audit_fgetxattr ( struct vfs_handle_struct * handle ,
2008-01-08 10:00:47 +01:00
struct files_struct * fsp ,
2004-04-29 12:11:59 +00:00
const char * name , void * value , size_t size )
{
ssize_t result ;
2008-01-08 10:00:47 +01:00
result = SMB_VFS_NEXT_FGETXATTR ( handle , fsp , name , value , size ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_FGETXATTR , ( result > = 0 ) , handle ,
2009-07-10 18:11:32 -07:00
" %s|%s " , fsp_str_do_log ( fsp ) , name ) ;
2004-04-29 12:11:59 +00:00
return result ;
}
2004-08-31 15:11:41 +00:00
static ssize_t smb_full_audit_listxattr ( struct vfs_handle_struct * handle ,
2004-04-29 12:11:59 +00:00
const char * path , char * list , size_t size )
{
ssize_t result ;
2006-07-11 18:01:26 +00:00
result = SMB_VFS_NEXT_LISTXATTR ( handle , path , list , size ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_LISTXATTR , ( result > = 0 ) , handle , " %s " , path ) ;
return result ;
}
2004-08-31 15:11:41 +00:00
static ssize_t smb_full_audit_flistxattr ( struct vfs_handle_struct * handle ,
2008-01-08 10:51:40 +01:00
struct files_struct * fsp , char * list ,
2004-04-29 12:11:59 +00:00
size_t size )
{
ssize_t result ;
2008-01-08 10:51:40 +01:00
result = SMB_VFS_NEXT_FLISTXATTR ( handle , fsp , list , size ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_FLISTXATTR , ( result > = 0 ) , handle ,
2009-07-10 18:11:32 -07:00
" %s " , fsp_str_do_log ( fsp ) ) ;
2004-04-29 12:11:59 +00:00
return result ;
}
2004-08-31 15:11:41 +00:00
static int smb_full_audit_removexattr ( struct vfs_handle_struct * handle ,
2006-07-11 18:01:26 +00:00
const char * path ,
2004-04-29 12:11:59 +00:00
const char * name )
{
int result ;
2006-07-11 18:01:26 +00:00
result = SMB_VFS_NEXT_REMOVEXATTR ( handle , path , name ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_REMOVEXATTR , ( result > = 0 ) , handle ,
" %s|%s " , path , name ) ;
return result ;
}
2004-08-31 15:11:41 +00:00
static int smb_full_audit_fremovexattr ( struct vfs_handle_struct * handle ,
2008-01-08 11:29:09 +01:00
struct files_struct * fsp ,
2004-04-29 12:11:59 +00:00
const char * name )
{
int result ;
2008-01-08 11:29:09 +01:00
result = SMB_VFS_NEXT_FREMOVEXATTR ( handle , fsp , name ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_FREMOVEXATTR , ( result > = 0 ) , handle ,
2009-07-10 18:11:32 -07:00
" %s|%s " , fsp_str_do_log ( fsp ) , name ) ;
2004-04-29 12:11:59 +00:00
return result ;
}
2004-08-31 15:11:41 +00:00
static int smb_full_audit_setxattr ( struct vfs_handle_struct * handle ,
2006-07-11 18:01:26 +00:00
const char * path ,
2004-04-29 12:11:59 +00:00
const char * name , const void * value , size_t size ,
int flags )
{
int result ;
2006-07-11 18:01:26 +00:00
result = SMB_VFS_NEXT_SETXATTR ( handle , path , name , value , size ,
2004-04-29 12:11:59 +00:00
flags ) ;
do_log ( SMB_VFS_OP_SETXATTR , ( result > = 0 ) , handle ,
" %s|%s " , path , name ) ;
return result ;
}
2004-08-31 15:11:41 +00:00
static int smb_full_audit_fsetxattr ( struct vfs_handle_struct * handle ,
2008-01-08 11:47:33 +01:00
struct files_struct * fsp , const char * name ,
2004-04-29 12:11:59 +00:00
const void * value , size_t size , int flags )
{
int result ;
2008-01-08 11:47:33 +01:00
result = SMB_VFS_NEXT_FSETXATTR ( handle , fsp , name , value , size , flags ) ;
2004-04-29 12:11:59 +00:00
do_log ( SMB_VFS_OP_FSETXATTR , ( result > = 0 ) , handle ,
2009-07-10 18:11:32 -07:00
" %s|%s " , fsp_str_do_log ( fsp ) , name ) ;
2004-04-29 12:11:59 +00:00
return result ;
}
2009-02-10 12:14:39 -08:00
static bool smb_full_audit_aio_force ( struct vfs_handle_struct * handle ,
struct files_struct * fsp )
{
bool result ;
result = SMB_VFS_NEXT_AIO_FORCE ( handle , fsp ) ;
do_log ( SMB_VFS_OP_AIO_FORCE , result , handle ,
2009-07-10 18:11:32 -07:00
" %s " , fsp_str_do_log ( fsp ) ) ;
2009-02-10 12:14:39 -08:00
return result ;
}
2005-06-27 22:53:56 +00:00
2011-02-25 06:37:34 -07:00
static bool smb_full_audit_is_offline ( struct vfs_handle_struct * handle ,
const struct smb_filename * fname ,
SMB_STRUCT_STAT * sbuf )
{
bool result ;
result = SMB_VFS_NEXT_IS_OFFLINE ( handle , fname , sbuf ) ;
do_log ( SMB_VFS_OP_IS_OFFLINE , result , handle , " %s " ,
smb_fname_str_do_log ( fname ) ) ;
return result ;
}
2011-02-25 06:43:52 -07:00
static int smb_full_audit_set_offline ( struct vfs_handle_struct * handle ,
const struct smb_filename * fname )
{
int result ;
result = SMB_VFS_NEXT_SET_OFFLINE ( handle , fname ) ;
do_log ( SMB_VFS_OP_SET_OFFLINE , result > = 0 , handle , " %s " ,
smb_fname_str_do_log ( fname ) ) ;
return result ;
}
2009-07-23 20:28:58 -04:00
static struct vfs_fn_pointers vfs_full_audit_fns = {
2009-06-30 22:44:39 -07:00
/* Disk operations */
2009-07-23 20:28:58 -04:00
. connect_fn = smb_full_audit_connect ,
2011-12-03 20:45:04 -08:00
. disconnect_fn = smb_full_audit_disconnect ,
. disk_free_fn = smb_full_audit_disk_free ,
. get_quota_fn = smb_full_audit_get_quota ,
. set_quota_fn = smb_full_audit_set_quota ,
. get_shadow_copy_data_fn = smb_full_audit_get_shadow_copy_data ,
. statvfs_fn = smb_full_audit_statvfs ,
. fs_capabilities_fn = smb_full_audit_fs_capabilities ,
. opendir_fn = smb_full_audit_opendir ,
. fdopendir_fn = smb_full_audit_fdopendir ,
. readdir_fn = smb_full_audit_readdir ,
. seekdir_fn = smb_full_audit_seekdir ,
. telldir_fn = smb_full_audit_telldir ,
. rewind_dir_fn = smb_full_audit_rewinddir ,
. mkdir_fn = smb_full_audit_mkdir ,
. rmdir_fn = smb_full_audit_rmdir ,
. closedir_fn = smb_full_audit_closedir ,
. init_search_op_fn = smb_full_audit_init_search_op ,
2011-04-20 22:55:25 +02:00
. open_fn = smb_full_audit_open ,
2011-12-03 20:45:04 -08:00
. create_file_fn = smb_full_audit_create_file ,
2009-07-23 20:28:58 -04:00
. close_fn = smb_full_audit_close ,
2011-12-03 20:45:04 -08:00
. read_fn = smb_full_audit_read ,
. pread_fn = smb_full_audit_pread ,
2012-07-09 17:17:25 +02:00
. pread_send_fn = smb_full_audit_pread_send ,
. pread_recv_fn = smb_full_audit_pread_recv ,
2011-12-03 20:45:04 -08:00
. write_fn = smb_full_audit_write ,
. pwrite_fn = smb_full_audit_pwrite ,
2012-07-09 17:17:25 +02:00
. pwrite_send_fn = smb_full_audit_pwrite_send ,
. pwrite_recv_fn = smb_full_audit_pwrite_recv ,
2011-12-03 20:45:04 -08:00
. lseek_fn = smb_full_audit_lseek ,
. sendfile_fn = smb_full_audit_sendfile ,
. recvfile_fn = smb_full_audit_recvfile ,
. rename_fn = smb_full_audit_rename ,
. fsync_fn = smb_full_audit_fsync ,
2012-07-13 10:22:25 +02:00
. fsync_send_fn = smb_full_audit_fsync_send ,
. fsync_recv_fn = smb_full_audit_fsync_recv ,
2011-12-03 20:45:04 -08:00
. stat_fn = smb_full_audit_stat ,
. fstat_fn = smb_full_audit_fstat ,
. lstat_fn = smb_full_audit_lstat ,
. get_alloc_size_fn = smb_full_audit_get_alloc_size ,
. unlink_fn = smb_full_audit_unlink ,
. chmod_fn = smb_full_audit_chmod ,
. fchmod_fn = smb_full_audit_fchmod ,
. chown_fn = smb_full_audit_chown ,
. fchown_fn = smb_full_audit_fchown ,
. lchown_fn = smb_full_audit_lchown ,
. chdir_fn = smb_full_audit_chdir ,
. getwd_fn = smb_full_audit_getwd ,
. ntimes_fn = smb_full_audit_ntimes ,
. ftruncate_fn = smb_full_audit_ftruncate ,
. fallocate_fn = smb_full_audit_fallocate ,
. lock_fn = smb_full_audit_lock ,
. kernel_flock_fn = smb_full_audit_kernel_flock ,
. linux_setlease_fn = smb_full_audit_linux_setlease ,
. getlock_fn = smb_full_audit_getlock ,
. symlink_fn = smb_full_audit_symlink ,
. readlink_fn = smb_full_audit_readlink ,
. link_fn = smb_full_audit_link ,
. mknod_fn = smb_full_audit_mknod ,
. realpath_fn = smb_full_audit_realpath ,
. notify_watch_fn = smb_full_audit_notify_watch ,
. chflags_fn = smb_full_audit_chflags ,
. file_id_create_fn = smb_full_audit_file_id_create ,
. streaminfo_fn = smb_full_audit_streaminfo ,
. get_real_filename_fn = smb_full_audit_get_real_filename ,
. connectpath_fn = smb_full_audit_connectpath ,
. brl_lock_windows_fn = smb_full_audit_brl_lock_windows ,
. brl_unlock_windows_fn = smb_full_audit_brl_unlock_windows ,
. brl_cancel_windows_fn = smb_full_audit_brl_cancel_windows ,
. strict_lock_fn = smb_full_audit_strict_lock ,
. strict_unlock_fn = smb_full_audit_strict_unlock ,
. translate_name_fn = smb_full_audit_translate_name ,
2013-01-15 17:22:59 +01:00
. copy_chunk_send_fn = smb_full_audit_copy_chunk_send ,
. copy_chunk_recv_fn = smb_full_audit_copy_chunk_recv ,
2013-11-18 14:54:30 +01:00
. get_compression_fn = smb_full_audit_get_compression ,
. set_compression_fn = smb_full_audit_set_compression ,
2011-12-03 20:45:04 -08:00
. fget_nt_acl_fn = smb_full_audit_fget_nt_acl ,
. get_nt_acl_fn = smb_full_audit_get_nt_acl ,
. fset_nt_acl_fn = smb_full_audit_fset_nt_acl ,
. chmod_acl_fn = smb_full_audit_chmod_acl ,
. fchmod_acl_fn = smb_full_audit_fchmod_acl ,
. sys_acl_get_file_fn = smb_full_audit_sys_acl_get_file ,
. sys_acl_get_fd_fn = smb_full_audit_sys_acl_get_fd ,
2012-09-20 08:35:27 +02:00
. sys_acl_blob_get_file_fn = smb_full_audit_sys_acl_blob_get_file ,
. sys_acl_blob_get_fd_fn = smb_full_audit_sys_acl_blob_get_fd ,
2011-12-03 20:45:04 -08:00
. sys_acl_set_file_fn = smb_full_audit_sys_acl_set_file ,
. sys_acl_set_fd_fn = smb_full_audit_sys_acl_set_fd ,
. sys_acl_delete_def_file_fn = smb_full_audit_sys_acl_delete_def_file ,
. getxattr_fn = smb_full_audit_getxattr ,
. fgetxattr_fn = smb_full_audit_fgetxattr ,
. listxattr_fn = smb_full_audit_listxattr ,
. flistxattr_fn = smb_full_audit_flistxattr ,
. removexattr_fn = smb_full_audit_removexattr ,
. fremovexattr_fn = smb_full_audit_fremovexattr ,
. setxattr_fn = smb_full_audit_setxattr ,
. fsetxattr_fn = smb_full_audit_fsetxattr ,
. aio_force_fn = smb_full_audit_aio_force ,
. is_offline_fn = smb_full_audit_is_offline ,
. set_offline_fn = smb_full_audit_set_offline ,
2009-06-30 22:44:39 -07:00
} ;
2004-04-29 12:11:59 +00:00
NTSTATUS vfs_full_audit_init ( void )
{
NTSTATUS ret = smb_register_vfs ( SMB_VFS_INTERFACE_VERSION ,
2009-07-23 20:28:58 -04:00
" full_audit " , & vfs_full_audit_fns ) ;
2004-04-29 12:11:59 +00:00
if ( ! NT_STATUS_IS_OK ( ret ) )
return ret ;
vfs_full_audit_debug_level = debug_add_class ( " full_audit " ) ;
if ( vfs_full_audit_debug_level = = - 1 ) {
vfs_full_audit_debug_level = DBGC_VFS ;
DEBUG ( 0 , ( " vfs_full_audit: Couldn't register custom debugging "
" class! \n " ) ) ;
} else {
DEBUG ( 10 , ( " vfs_full_audit: Debug class number of "
" 'full_audit': %d \n " , vfs_full_audit_debug_level ) ) ;
}
return ret ;
}