X-Git-Url: http://git.samba.org/?a=blobdiff_plain;f=source3%2Fmodules%2Fvfs_extd_audit.c;h=80dece7eddceca2250c535df47d9f3e103708709;hb=HEAD;hp=7d1fe273978fa4f9452114b47a2b96cdb0592e7c;hpb=306783d6f5d577a0b8bd31d659d8c802f22f0333;p=samba.git diff --git a/source3/modules/vfs_extd_audit.c b/source3/modules/vfs_extd_audit.c index 7d1fe273978..ea784ff6eba 100644 --- a/source3/modules/vfs_extd_audit.c +++ b/source3/modules/vfs_extd_audit.c @@ -36,16 +36,87 @@ static int vfs_extd_audit_debug_level = DBGC_VFS; static int audit_syslog_facility(vfs_handle_struct *handle) { static const struct enum_list enum_log_facilities[] = { - { LOG_USER, "USER" }, - { LOG_LOCAL0, "LOCAL0" }, - { LOG_LOCAL1, "LOCAL1" }, - { LOG_LOCAL2, "LOCAL2" }, - { LOG_LOCAL3, "LOCAL3" }, - { LOG_LOCAL4, "LOCAL4" }, - { LOG_LOCAL5, "LOCAL5" }, - { LOG_LOCAL6, "LOCAL6" }, - { LOG_LOCAL7, "LOCAL7" }, - { -1, NULL} +#ifdef LOG_AUTH + { LOG_AUTH, "AUTH" }, +#endif +#ifdef LOG_AUTHPRIV + { LOG_AUTHPRIV, "AUTHPRIV" }, +#endif +#ifdef LOG_AUDIT + { LOG_AUDIT, "AUDIT" }, +#endif +#ifdef LOG_CONSOLE + { LOG_CONSOLE, "CONSOLE" }, +#endif +#ifdef LOG_CRON + { LOG_CRON, "CRON" }, +#endif +#ifdef LOG_DAEMON + { LOG_DAEMON, "DAEMON" }, +#endif +#ifdef LOG_FTP + { LOG_FTP, "FTP" }, +#endif +#ifdef LOG_INSTALL + { LOG_INSTALL, "INSTALL" }, +#endif +#ifdef LOG_KERN + { LOG_KERN, "KERN" }, +#endif +#ifdef LOG_LAUNCHD + { LOG_LAUNCHD, "LAUNCHD" }, +#endif +#ifdef LOG_LFMT + { LOG_LFMT, "LFMT" }, +#endif +#ifdef LOG_LPR + { LOG_LPR, "LPR" }, +#endif +#ifdef LOG_MAIL + { LOG_MAIL, "MAIL" }, +#endif +#ifdef LOG_MEGASAFE + { LOG_MEGASAFE, "MEGASAFE" }, +#endif +#ifdef LOG_NETINFO + { LOG_NETINFO, "NETINFO" }, +#endif +#ifdef LOG_NEWS + { LOG_NEWS, "NEWS" }, +#endif +#ifdef LOG_NFACILITIES + { LOG_NFACILITIES, "NFACILITIES" }, +#endif +#ifdef LOG_NTP + { LOG_NTP, "NTP" }, +#endif +#ifdef LOG_RAS + { LOG_RAS, "RAS" }, +#endif +#ifdef LOG_REMOTEAUTH + { LOG_REMOTEAUTH, "REMOTEAUTH" }, +#endif +#ifdef LOG_SECURITY + { LOG_SECURITY, "SECURITY" }, +#endif +#ifdef LOG_SYSLOG + { LOG_SYSLOG, "SYSLOG" }, +#endif +#ifdef LOG_USER + { LOG_USER, "USER" }, +#endif +#ifdef LOG_UUCP + { LOG_UUCP, "UUCP" }, +#endif + { LOG_LOCAL0, "LOCAL0" }, + { LOG_LOCAL1, "LOCAL1" }, + { LOG_LOCAL2, "LOCAL2" }, + { LOG_LOCAL3, "LOCAL3" }, + { LOG_LOCAL4, "LOCAL4" }, + { LOG_LOCAL5, "LOCAL5" }, + { LOG_LOCAL6, "LOCAL6" }, + { LOG_LOCAL7, "LOCAL7" }, + { -1, NULL } }; int facility; @@ -67,7 +138,7 @@ static int audit_syslog_priority(vfs_handle_struct *handle) { LOG_NOTICE, "NOTICE" }, { LOG_INFO, "INFO" }, { LOG_DEBUG, "DEBUG" }, - { -1, NULL} + { -1, NULL } }; int priority; @@ -116,93 +187,70 @@ static void audit_disconnect(vfs_handle_struct *handle) return; } -static DIR *audit_opendir(vfs_handle_struct *handle, - const struct smb_filename *smb_fname, - const char *mask, - uint32_t attr) -{ - DIR *result; - - result = SMB_VFS_NEXT_OPENDIR(handle, smb_fname, mask, attr); - - if (lp_syslog() > 0) { - syslog(audit_syslog_priority(handle), "opendir %s %s%s\n", - smb_fname->base_name, - (result == NULL) ? "failed: " : "", - (result == NULL) ? strerror(errno) : ""); - } - DEBUG(1, ("vfs_extd_audit: opendir %s %s %s\n", - smb_fname->base_name, - (result == NULL) ? "failed: " : "", - (result == NULL) ? strerror(errno) : "")); - - return result; -} - -static int audit_mkdir(vfs_handle_struct *handle, +static int audit_mkdirat(vfs_handle_struct *handle, + struct files_struct *dirfsp, const struct smb_filename *smb_fname, mode_t mode) { + struct smb_filename *full_fname = NULL; int result; - result = SMB_VFS_NEXT_MKDIR(handle, smb_fname, mode); - - if (lp_syslog() > 0) { - syslog(audit_syslog_priority(handle), "mkdir %s %s%s\n", - smb_fname->base_name, - (result < 0) ? "failed: " : "", - (result < 0) ? strerror(errno) : ""); + full_fname = full_path_from_dirfsp_atname(talloc_tos(), + dirfsp, + smb_fname); + if (full_fname == NULL) { + errno = ENOMEM; + return -1; } - DEBUG(0, ("vfs_extd_audit: mkdir %s %s %s\n", - smb_fname->base_name, - (result < 0) ? "failed: " : "", - (result < 0) ? strerror(errno) : "")); - return result; -} - -static int audit_rmdir(vfs_handle_struct *handle, - const struct smb_filename *smb_fname) -{ - int result; - - result = SMB_VFS_NEXT_RMDIR(handle, smb_fname); + result = SMB_VFS_NEXT_MKDIRAT(handle, + dirfsp, + smb_fname, + mode); if (lp_syslog() > 0) { - syslog(audit_syslog_priority(handle), "rmdir %s %s%s\n", - smb_fname->base_name, + syslog(audit_syslog_priority(handle), "mkdirat %s %s%s\n", + full_fname->base_name, (result < 0) ? "failed: " : "", (result < 0) ? strerror(errno) : ""); } - DEBUG(0, ("vfs_extd_audit: rmdir %s %s %s\n", - smb_fname->base_name, + DEBUG(0, ("vfs_extd_audit: mkdirat %s %s %s\n", + full_fname->base_name, (result < 0) ? "failed: " : "", (result < 0) ? strerror(errno) : "")); + TALLOC_FREE(full_fname); return result; } -static int audit_open(vfs_handle_struct *handle, - struct smb_filename *smb_fname, files_struct *fsp, - int flags, mode_t mode) +static int audit_openat(vfs_handle_struct *handle, + const struct files_struct *dirfsp, + const struct smb_filename *smb_fname, + files_struct *fsp, + const struct vfs_open_how *how) { - int result; + int ret; - result = SMB_VFS_NEXT_OPEN(handle, smb_fname, fsp, flags, mode); + ret = SMB_VFS_NEXT_OPENAT(handle, dirfsp, smb_fname, fsp, how); if (lp_syslog() > 0) { - syslog(audit_syslog_priority(handle), "open %s (fd %d) %s%s%s\n", - smb_fname->base_name, result, - ((flags & O_WRONLY) || (flags & O_RDWR)) ? "for writing " : "", - (result < 0) ? "failed: " : "", - (result < 0) ? strerror(errno) : ""); + syslog(audit_syslog_priority(handle), + "openat %s/%s (fd %d) %s%s%s\n", + smb_fname_str_dbg(fsp->fsp_name), + smb_fname->base_name, + ret, + ((how->flags & O_WRONLY) || (how->flags & O_RDWR)) ? + "for writing " : "", + (ret < 0) ? "failed: " : "", + (ret < 0) ? strerror(errno) : ""); } - DEBUG(2, ("vfs_extd_audit: open %s %s %s\n", + DEBUG(2, ("vfs_extd_audit: open %s/%s %s %s\n", + smb_fname_str_dbg(fsp->fsp_name), smb_fname_str_dbg(smb_fname), - (result < 0) ? "failed: " : "", - (result < 0) ? strerror(errno) : "")); + (ret < 0) ? "failed: " : "", + (ret < 0) ? strerror(errno) : "")); - return result; + return ret; } static int audit_close(vfs_handle_struct *handle, files_struct *fsp) @@ -213,104 +261,108 @@ static int audit_close(vfs_handle_struct *handle, files_struct *fsp) if (lp_syslog() > 0) { syslog(audit_syslog_priority(handle), "close fd %d %s%s\n", - fsp->fh->fd, + fsp_get_pathref_fd(fsp), (result < 0) ? "failed: " : "", (result < 0) ? strerror(errno) : ""); } DEBUG(2, ("vfs_extd_audit: close fd %d %s %s\n", - fsp->fh->fd, + fsp_get_pathref_fd(fsp), (result < 0) ? "failed: " : "", (result < 0) ? strerror(errno) : "")); return result; } -static int audit_rename(vfs_handle_struct *handle, +static int audit_renameat(vfs_handle_struct *handle, + files_struct *srcfsp, const struct smb_filename *smb_fname_src, + files_struct *dstfsp, const struct smb_filename *smb_fname_dst) { + struct smb_filename *full_fname_src = NULL; + struct smb_filename *full_fname_dst = NULL; int result; + int saved_errno = 0; + + full_fname_src = full_path_from_dirfsp_atname(talloc_tos(), + srcfsp, + smb_fname_src); + if (full_fname_src == NULL) { + errno = ENOMEM; + return -1; + } - result = SMB_VFS_NEXT_RENAME(handle, smb_fname_src, smb_fname_dst); + full_fname_dst = full_path_from_dirfsp_atname(talloc_tos(), + dstfsp, + smb_fname_dst); + if (full_fname_dst == NULL) { + TALLOC_FREE(full_fname_src); + errno = ENOMEM; + return -1; + } + result = SMB_VFS_NEXT_RENAMEAT(handle, + srcfsp, + smb_fname_src, + dstfsp, + smb_fname_dst); + if (result == -1) { + saved_errno = errno; + } if (lp_syslog() > 0) { - syslog(audit_syslog_priority(handle), "rename %s -> %s %s%s\n", - smb_fname_src->base_name, - smb_fname_dst->base_name, + syslog(audit_syslog_priority(handle), "renameat %s -> %s %s%s\n", + full_fname_src->base_name, + full_fname_dst->base_name, (result < 0) ? "failed: " : "", - (result < 0) ? strerror(errno) : ""); + (result < 0) ? strerror(saved_errno) : ""); } - DEBUG(1, ("vfs_extd_audit: rename old: %s newname: %s %s %s\n", - smb_fname_str_dbg(smb_fname_src), - smb_fname_str_dbg(smb_fname_dst), + DEBUG(1, ("vfs_extd_audit: renameat old: %s newname: %s %s %s\n", + smb_fname_str_dbg(full_fname_src), + smb_fname_str_dbg(full_fname_dst), (result < 0) ? "failed: " : "", - (result < 0) ? strerror(errno) : "")); + (result < 0) ? strerror(saved_errno) : "")); - return result; -} + TALLOC_FREE(full_fname_src); + TALLOC_FREE(full_fname_dst); -static int audit_unlink(vfs_handle_struct *handle, - const struct smb_filename *smb_fname) -{ - int result; - - result = SMB_VFS_NEXT_UNLINK(handle, smb_fname); - - if (lp_syslog() > 0) { - syslog(audit_syslog_priority(handle), "unlink %s %s%s\n", - smb_fname->base_name, - (result < 0) ? "failed: " : "", - (result < 0) ? strerror(errno) : ""); + if (result == -1) { + errno = saved_errno; } - DEBUG(0, ("vfs_extd_audit: unlink %s %s %s\n", - smb_fname_str_dbg(smb_fname), - (result < 0) ? "failed: " : "", - (result < 0) ? strerror(errno) : "")); - return result; } -static int audit_chmod(vfs_handle_struct *handle, +static int audit_unlinkat(vfs_handle_struct *handle, + struct files_struct *dirfsp, const struct smb_filename *smb_fname, - mode_t mode) + int flags) { + struct smb_filename *full_fname = NULL; int result; - result = SMB_VFS_NEXT_CHMOD(handle, smb_fname, mode); - - if (lp_syslog() > 0) { - syslog(audit_syslog_priority(handle), "chmod %s mode 0x%x %s%s\n", - smb_fname->base_name, mode, - (result < 0) ? "failed: " : "", - (result < 0) ? strerror(errno) : ""); + full_fname = full_path_from_dirfsp_atname(talloc_tos(), + dirfsp, + smb_fname); + if (full_fname == NULL) { + return -1; } - DEBUG(1, ("vfs_extd_audit: chmod %s mode 0x%x %s %s\n", - smb_fname->base_name, (unsigned int)mode, - (result < 0) ? "failed: " : "", - (result < 0) ? strerror(errno) : "")); - - return result; -} -static int audit_chmod_acl(vfs_handle_struct *handle, - const struct smb_filename *smb_fname, - mode_t mode) -{ - int result; - - result = SMB_VFS_NEXT_CHMOD_ACL(handle, smb_fname, mode); + result = SMB_VFS_NEXT_UNLINKAT(handle, + dirfsp, + smb_fname, + flags); if (lp_syslog() > 0) { - syslog(audit_syslog_priority(handle), "chmod_acl %s mode 0x%x %s%s\n", - smb_fname->base_name, mode, + syslog(audit_syslog_priority(handle), "unlinkat %s %s%s\n", + full_fname->base_name, (result < 0) ? "failed: " : "", (result < 0) ? strerror(errno) : ""); } - DEBUG(1, ("vfs_extd_audit: chmod_acl %s mode 0x%x %s %s\n", - smb_fname->base_name, (unsigned int)mode, + DBG_ERR("unlinkat %s %s %s\n", + smb_fname_str_dbg(full_fname), (result < 0) ? "failed: " : "", - (result < 0) ? strerror(errno) : "")); + (result < 0) ? strerror(errno) : ""); + TALLOC_FREE(full_fname); return result; } @@ -326,7 +378,7 @@ static int audit_fchmod(vfs_handle_struct *handle, files_struct *fsp, mode_t mod (result < 0) ? "failed: " : "", (result < 0) ? strerror(errno) : ""); } - DEBUG(1, ("vfs_extd_audit: fchmod %s mode 0x%x %s %s", + DEBUG(1, ("vfs_extd_audit: fchmod %s mode 0x%x %s %s\n", fsp_str_dbg(fsp), (unsigned int)mode, (result < 0) ? "failed: " : "", (result < 0) ? strerror(errno) : "")); @@ -334,40 +386,15 @@ static int audit_fchmod(vfs_handle_struct *handle, files_struct *fsp, mode_t mod return result; } -static int audit_fchmod_acl(vfs_handle_struct *handle, files_struct *fsp, mode_t mode) -{ - int result; - - result = SMB_VFS_NEXT_FCHMOD_ACL(handle, fsp, mode); - - if (lp_syslog() > 0) { - syslog(audit_syslog_priority(handle), "fchmod_acl %s mode 0x%x %s%s\n", - fsp->fsp_name->base_name, mode, - (result < 0) ? "failed: " : "", - (result < 0) ? strerror(errno) : ""); - } - DEBUG(1, ("vfs_extd_audit: fchmod_acl %s mode 0x%x %s %s", - fsp_str_dbg(fsp), (unsigned int)mode, - (result < 0) ? "failed: " : "", - (result < 0) ? strerror(errno) : "")); - - return result; -} - static struct vfs_fn_pointers vfs_extd_audit_fns = { .connect_fn = audit_connect, .disconnect_fn = audit_disconnect, - .opendir_fn = audit_opendir, - .mkdir_fn = audit_mkdir, - .rmdir_fn = audit_rmdir, - .open_fn = audit_open, + .mkdirat_fn = audit_mkdirat, + .openat_fn = audit_openat, .close_fn = audit_close, - .rename_fn = audit_rename, - .unlink_fn = audit_unlink, - .chmod_fn = audit_chmod, + .renameat_fn = audit_renameat, + .unlinkat_fn = audit_unlinkat, .fchmod_fn = audit_fchmod, - .chmod_acl_fn = audit_chmod_acl, - .fchmod_acl_fn = audit_fchmod_acl, }; static_decl_vfs;