X-Git-Url: http://git.samba.org/?a=blobdiff_plain;f=source3%2Fmodules%2Fvfs_full_audit.c;h=bf53ae269c4011bab9cbe41dacf682d9c70a362f;hb=HEAD;hp=9ea9c01a306f1a30c41cd7f36fab14513eb188ae;hpb=c68671bb949159de77170d8b73883171c50c9d96;p=samba.git diff --git a/source3/modules/vfs_full_audit.c b/source3/modules/vfs_full_audit.c index 9ea9c01a306..9fd8a751572 100644 --- a/source3/modules/vfs_full_audit.c +++ b/source3/modules/vfs_full_audit.c @@ -1,4 +1,4 @@ -/* +/* * Auditing VFS module for samba. Log selected file operations to syslog * facility. * @@ -12,12 +12,12 @@ * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. - * + * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. - * + * * You should have received a copy of the GNU General Public License * along with this program; if not, see . */ @@ -31,18 +31,20 @@ * path = /tmp * vfs objects = full_audit * full_audit:prefix = %u|%I - * full_audit:success = open opendir + * full_audit:success = open opendir create_file * full_audit:failure = all * * vfs op can be "all" which means log all operations. * vfs op can be "none" which means no logging. * * This leads to syslog entries of the form: - * smbd_audit: nobody|192.168.234.1|opendir|ok|. - * smbd_audit: nobody|192.168.234.1|open|fail (File not found)|r|x.txt + * smbd_audit: nobody|192.168.234.1|opendir|ok|/tmp + * smbd_audit: nobody|192.168.234.1|create_file|fail (No such file or directory)|0x1|file|open|/ts/doesNotExist + * smbd_audit: nobody|192.168.234.1|open|ok|w|/tmp/file.txt + * smbd_audit: nobody|192.168.234.1|create_file|ok|0x3|file|open|/tmp/file.txt * * where "nobody" is the connected username and "192.168.234.1" is the - * client's IP address. + * client's IP address. * * Options: * @@ -70,6 +72,8 @@ #include "libcli/security/sddl.h" #include "passdb/machine_sid.h" #include "lib/util/tevent_ntstatus.h" +#include "lib/util/string_wrappers.h" +#include "source3/lib/substitute.h" static int vfs_full_audit_debug_level = DBGC_VFS; @@ -99,22 +103,21 @@ typedef enum _vfs_op_type { SMB_VFS_OP_STATVFS, SMB_VFS_OP_FS_CAPABILITIES, SMB_VFS_OP_GET_DFS_REFERRALS, + SMB_VFS_OP_CREATE_DFS_PATHAT, + SMB_VFS_OP_READ_DFS_PATHAT, /* Directory operations */ - SMB_VFS_OP_OPENDIR, SMB_VFS_OP_FDOPENDIR, SMB_VFS_OP_READDIR, - SMB_VFS_OP_SEEKDIR, - SMB_VFS_OP_TELLDIR, SMB_VFS_OP_REWINDDIR, - SMB_VFS_OP_MKDIR, - SMB_VFS_OP_RMDIR, + SMB_VFS_OP_MKDIRAT, SMB_VFS_OP_CLOSEDIR, /* File operations */ SMB_VFS_OP_OPEN, + SMB_VFS_OP_OPENAT, SMB_VFS_OP_CREATE_FILE, SMB_VFS_OP_CLOSE, SMB_VFS_OP_READ, @@ -129,89 +132,82 @@ typedef enum _vfs_op_type { SMB_VFS_OP_SENDFILE, SMB_VFS_OP_RECVFILE, SMB_VFS_OP_RENAMEAT, - SMB_VFS_OP_FSYNC, SMB_VFS_OP_FSYNC_SEND, SMB_VFS_OP_FSYNC_RECV, SMB_VFS_OP_STAT, SMB_VFS_OP_FSTAT, SMB_VFS_OP_LSTAT, + SMB_VFS_OP_FSTATAT, SMB_VFS_OP_GET_ALLOC_SIZE, - SMB_VFS_OP_UNLINK, - SMB_VFS_OP_CHMOD, + SMB_VFS_OP_UNLINKAT, SMB_VFS_OP_FCHMOD, - SMB_VFS_OP_CHOWN, SMB_VFS_OP_FCHOWN, SMB_VFS_OP_LCHOWN, SMB_VFS_OP_CHDIR, SMB_VFS_OP_GETWD, SMB_VFS_OP_NTIMES, + SMB_VFS_OP_FNTIMES, SMB_VFS_OP_FTRUNCATE, SMB_VFS_OP_FALLOCATE, SMB_VFS_OP_LOCK, - SMB_VFS_OP_KERNEL_FLOCK, + SMB_VFS_OP_FILESYSTEM_SHAREMODE, + SMB_VFS_OP_FCNTL, SMB_VFS_OP_LINUX_SETLEASE, SMB_VFS_OP_GETLOCK, - SMB_VFS_OP_SYMLINK, - SMB_VFS_OP_READLINK, + SMB_VFS_OP_SYMLINKAT, + SMB_VFS_OP_READLINKAT, SMB_VFS_OP_LINKAT, - SMB_VFS_OP_MKNOD, + SMB_VFS_OP_MKNODAT, SMB_VFS_OP_REALPATH, - SMB_VFS_OP_CHFLAGS, + SMB_VFS_OP_FCHFLAGS, SMB_VFS_OP_FILE_ID_CREATE, SMB_VFS_OP_FS_FILE_ID, - SMB_VFS_OP_STREAMINFO, + SMB_VFS_OP_FSTREAMINFO, SMB_VFS_OP_GET_REAL_FILENAME, + SMB_VFS_OP_GET_REAL_FILENAME_AT, SMB_VFS_OP_CONNECTPATH, SMB_VFS_OP_BRL_LOCK_WINDOWS, SMB_VFS_OP_BRL_UNLOCK_WINDOWS, SMB_VFS_OP_STRICT_LOCK_CHECK, SMB_VFS_OP_TRANSLATE_NAME, + SMB_VFS_OP_PARENT_PATHNAME, SMB_VFS_OP_FSCTL, SMB_VFS_OP_OFFLOAD_READ_SEND, SMB_VFS_OP_OFFLOAD_READ_RECV, SMB_VFS_OP_OFFLOAD_WRITE_SEND, SMB_VFS_OP_OFFLOAD_WRITE_RECV, - SMB_VFS_OP_GET_COMPRESSION, + SMB_VFS_OP_FGET_COMPRESSION, SMB_VFS_OP_SET_COMPRESSION, SMB_VFS_OP_SNAP_CHECK_PATH, SMB_VFS_OP_SNAP_CREATE, SMB_VFS_OP_SNAP_DELETE, /* DOS attribute operations. */ - SMB_VFS_OP_GET_DOS_ATTRIBUTES, SMB_VFS_OP_GET_DOS_ATTRIBUTES_SEND, SMB_VFS_OP_GET_DOS_ATTRIBUTES_RECV, SMB_VFS_OP_FGET_DOS_ATTRIBUTES, - SMB_VFS_OP_SET_DOS_ATTRIBUTES, SMB_VFS_OP_FSET_DOS_ATTRIBUTES, /* NT ACL operations. */ SMB_VFS_OP_FGET_NT_ACL, - SMB_VFS_OP_GET_NT_ACL, SMB_VFS_OP_FSET_NT_ACL, SMB_VFS_OP_AUDIT_FILE, /* POSIX ACL operations. */ - SMB_VFS_OP_SYS_ACL_GET_FILE, SMB_VFS_OP_SYS_ACL_GET_FD, - SMB_VFS_OP_SYS_ACL_BLOB_GET_FILE, SMB_VFS_OP_SYS_ACL_BLOB_GET_FD, - SMB_VFS_OP_SYS_ACL_SET_FILE, SMB_VFS_OP_SYS_ACL_SET_FD, - SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE, + SMB_VFS_OP_SYS_ACL_DELETE_DEF_FD, /* EA operations. */ - SMB_VFS_OP_GETXATTR, SMB_VFS_OP_GETXATTRAT_SEND, SMB_VFS_OP_GETXATTRAT_RECV, SMB_VFS_OP_FGETXATTR, - SMB_VFS_OP_LISTXATTR, SMB_VFS_OP_FLISTXATTR, SMB_VFS_OP_REMOVEXATTR, SMB_VFS_OP_FREMOVEXATTR, - SMB_VFS_OP_SETXATTR, SMB_VFS_OP_FSETXATTR, /* aio operations */ @@ -226,7 +222,7 @@ typedef enum _vfs_op_type { SMB_VFS_OP_DURABLE_DISCONNECT, SMB_VFS_OP_DURABLE_RECONNECT, - SMB_VFS_OP_READDIR_ATTR, + SMB_VFS_OP_FREADDIR_ATTR, /* This should always be last enum value */ @@ -248,16 +244,15 @@ static struct { { SMB_VFS_OP_STATVFS, "statvfs" }, { SMB_VFS_OP_FS_CAPABILITIES, "fs_capabilities" }, { SMB_VFS_OP_GET_DFS_REFERRALS, "get_dfs_referrals" }, - { SMB_VFS_OP_OPENDIR, "opendir" }, + { SMB_VFS_OP_CREATE_DFS_PATHAT, "create_dfs_pathat" }, + { SMB_VFS_OP_READ_DFS_PATHAT, "read_dfs_pathat" }, { SMB_VFS_OP_FDOPENDIR, "fdopendir" }, { SMB_VFS_OP_READDIR, "readdir" }, - { SMB_VFS_OP_SEEKDIR, "seekdir" }, - { SMB_VFS_OP_TELLDIR, "telldir" }, { SMB_VFS_OP_REWINDDIR, "rewinddir" }, - { SMB_VFS_OP_MKDIR, "mkdir" }, - { SMB_VFS_OP_RMDIR, "rmdir" }, + { SMB_VFS_OP_MKDIRAT, "mkdirat" }, { SMB_VFS_OP_CLOSEDIR, "closedir" }, { SMB_VFS_OP_OPEN, "open" }, + { SMB_VFS_OP_OPENAT, "openat" }, { SMB_VFS_OP_CREATE_FILE, "create_file" }, { SMB_VFS_OP_CLOSE, "close" }, { SMB_VFS_OP_READ, "read" }, @@ -272,79 +267,72 @@ static struct { { SMB_VFS_OP_SENDFILE, "sendfile" }, { SMB_VFS_OP_RECVFILE, "recvfile" }, { SMB_VFS_OP_RENAMEAT, "renameat" }, - { SMB_VFS_OP_FSYNC, "fsync" }, { SMB_VFS_OP_FSYNC_SEND, "fsync_send" }, { SMB_VFS_OP_FSYNC_RECV, "fsync_recv" }, { SMB_VFS_OP_STAT, "stat" }, { SMB_VFS_OP_FSTAT, "fstat" }, { SMB_VFS_OP_LSTAT, "lstat" }, + { SMB_VFS_OP_FSTATAT, "fstatat" }, { SMB_VFS_OP_GET_ALLOC_SIZE, "get_alloc_size" }, - { SMB_VFS_OP_UNLINK, "unlink" }, - { SMB_VFS_OP_CHMOD, "chmod" }, + { SMB_VFS_OP_UNLINKAT, "unlinkat" }, { SMB_VFS_OP_FCHMOD, "fchmod" }, - { SMB_VFS_OP_CHOWN, "chown" }, { SMB_VFS_OP_FCHOWN, "fchown" }, { SMB_VFS_OP_LCHOWN, "lchown" }, { SMB_VFS_OP_CHDIR, "chdir" }, { SMB_VFS_OP_GETWD, "getwd" }, { SMB_VFS_OP_NTIMES, "ntimes" }, + { SMB_VFS_OP_FNTIMES, "fntimes" }, { SMB_VFS_OP_FTRUNCATE, "ftruncate" }, { SMB_VFS_OP_FALLOCATE,"fallocate" }, { SMB_VFS_OP_LOCK, "lock" }, - { SMB_VFS_OP_KERNEL_FLOCK, "kernel_flock" }, + { SMB_VFS_OP_FILESYSTEM_SHAREMODE, "filesystem_sharemode" }, + { SMB_VFS_OP_FCNTL, "fcntl" }, { SMB_VFS_OP_LINUX_SETLEASE, "linux_setlease" }, { SMB_VFS_OP_GETLOCK, "getlock" }, - { SMB_VFS_OP_SYMLINK, "symlink" }, - { SMB_VFS_OP_READLINK, "readlink" }, + { SMB_VFS_OP_SYMLINKAT, "symlinkat" }, + { SMB_VFS_OP_READLINKAT,"readlinkat" }, { SMB_VFS_OP_LINKAT, "linkat" }, - { SMB_VFS_OP_MKNOD, "mknod" }, + { SMB_VFS_OP_MKNODAT, "mknodat" }, { SMB_VFS_OP_REALPATH, "realpath" }, - { SMB_VFS_OP_CHFLAGS, "chflags" }, + { SMB_VFS_OP_FCHFLAGS, "fchflags" }, { SMB_VFS_OP_FILE_ID_CREATE, "file_id_create" }, { SMB_VFS_OP_FS_FILE_ID, "fs_file_id" }, - { SMB_VFS_OP_STREAMINFO, "streaminfo" }, + { SMB_VFS_OP_FSTREAMINFO, "fstreaminfo" }, { SMB_VFS_OP_GET_REAL_FILENAME, "get_real_filename" }, + { SMB_VFS_OP_GET_REAL_FILENAME_AT, "get_real_filename_at" }, { SMB_VFS_OP_CONNECTPATH, "connectpath" }, { SMB_VFS_OP_BRL_LOCK_WINDOWS, "brl_lock_windows" }, { SMB_VFS_OP_BRL_UNLOCK_WINDOWS, "brl_unlock_windows" }, { SMB_VFS_OP_STRICT_LOCK_CHECK, "strict_lock_check" }, { SMB_VFS_OP_TRANSLATE_NAME, "translate_name" }, + { SMB_VFS_OP_PARENT_PATHNAME, "parent_pathname" }, { SMB_VFS_OP_FSCTL, "fsctl" }, { SMB_VFS_OP_OFFLOAD_READ_SEND, "offload_read_send" }, { SMB_VFS_OP_OFFLOAD_READ_RECV, "offload_read_recv" }, { SMB_VFS_OP_OFFLOAD_WRITE_SEND, "offload_write_send" }, { SMB_VFS_OP_OFFLOAD_WRITE_RECV, "offload_write_recv" }, - { SMB_VFS_OP_GET_COMPRESSION, "get_compression" }, + { SMB_VFS_OP_FGET_COMPRESSION, "fget_compression" }, { SMB_VFS_OP_SET_COMPRESSION, "set_compression" }, { SMB_VFS_OP_SNAP_CHECK_PATH, "snap_check_path" }, { SMB_VFS_OP_SNAP_CREATE, "snap_create" }, { SMB_VFS_OP_SNAP_DELETE, "snap_delete" }, - { SMB_VFS_OP_GET_DOS_ATTRIBUTES, "get_dos_attributes" }, { SMB_VFS_OP_GET_DOS_ATTRIBUTES_SEND, "get_dos_attributes_send" }, { SMB_VFS_OP_GET_DOS_ATTRIBUTES_RECV, "get_dos_attributes_recv" }, { SMB_VFS_OP_FGET_DOS_ATTRIBUTES, "fget_dos_attributes" }, - { SMB_VFS_OP_SET_DOS_ATTRIBUTES, "set_dos_attributes" }, { SMB_VFS_OP_FSET_DOS_ATTRIBUTES, "fset_dos_attributes" }, { SMB_VFS_OP_FGET_NT_ACL, "fget_nt_acl" }, - { SMB_VFS_OP_GET_NT_ACL, "get_nt_acl" }, { SMB_VFS_OP_FSET_NT_ACL, "fset_nt_acl" }, { SMB_VFS_OP_AUDIT_FILE, "audit_file" }, - { SMB_VFS_OP_SYS_ACL_GET_FILE, "sys_acl_get_file" }, { SMB_VFS_OP_SYS_ACL_GET_FD, "sys_acl_get_fd" }, - { SMB_VFS_OP_SYS_ACL_BLOB_GET_FILE, "sys_acl_blob_get_file" }, { SMB_VFS_OP_SYS_ACL_BLOB_GET_FD, "sys_acl_blob_get_fd" }, - { SMB_VFS_OP_SYS_ACL_SET_FILE, "sys_acl_set_file" }, { SMB_VFS_OP_SYS_ACL_SET_FD, "sys_acl_set_fd" }, - { SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE, "sys_acl_delete_def_file" }, - { SMB_VFS_OP_GETXATTR, "getxattr" }, + { SMB_VFS_OP_SYS_ACL_DELETE_DEF_FD, "sys_acl_delete_def_fd" }, { SMB_VFS_OP_GETXATTRAT_SEND, "getxattrat_send" }, { SMB_VFS_OP_GETXATTRAT_RECV, "getxattrat_recv" }, { SMB_VFS_OP_FGETXATTR, "fgetxattr" }, - { SMB_VFS_OP_LISTXATTR, "listxattr" }, { SMB_VFS_OP_FLISTXATTR, "flistxattr" }, { SMB_VFS_OP_REMOVEXATTR, "removexattr" }, { SMB_VFS_OP_FREMOVEXATTR, "fremovexattr" }, - { SMB_VFS_OP_SETXATTR, "setxattr" }, { SMB_VFS_OP_FSETXATTR, "fsetxattr" }, { SMB_VFS_OP_AIO_FORCE, "aio_force" }, { SMB_VFS_OP_IS_OFFLINE, "is_offline" }, @@ -352,7 +340,7 @@ static struct { { SMB_VFS_OP_DURABLE_COOKIE, "durable_cookie" }, { SMB_VFS_OP_DURABLE_DISCONNECT, "durable_disconnect" }, { SMB_VFS_OP_DURABLE_RECONNECT, "durable_reconnect" }, - { SMB_VFS_OP_READDIR_ATTR, "readdir_attr" }, + { SMB_VFS_OP_FREADDIR_ATTR, "freaddir_attr" }, { SMB_VFS_OP_LAST, NULL } }; @@ -476,6 +464,8 @@ static int audit_syslog_priority(vfs_handle_struct *handle) static char *audit_prefix(TALLOC_CTX *ctx, connection_struct *conn) { + const struct loadparm_substitution *lp_sub = + loadparm_s3_global_substitution(); char *prefix = NULL; char *result; @@ -485,8 +475,8 @@ static char *audit_prefix(TALLOC_CTX *ctx, connection_struct *conn) if (!prefix) { return NULL; } - result = talloc_sub_advanced(ctx, - lp_servicename(talloc_tos(), SNUM(conn)), + result = talloc_sub_full(ctx, + lp_servicename(talloc_tos(), lp_sub, SNUM(conn)), conn->session_info->unix_info->unix_name, conn->connectpath, conn->session_info->unix_token->gid, @@ -519,13 +509,13 @@ static struct bitmap *init_bitmap(TALLOC_CTX *mem_ctx, const char **ops) struct bitmap *bm; if (ops == NULL) { + DBG_ERR("init_bitmap, ops list is empty (logic error)\n"); return NULL; } bm = bitmap_talloc(mem_ctx, SMB_VFS_OP_LAST); if (bm == NULL) { - DEBUG(0, ("Could not alloc bitmap -- " - "defaulting to logging everything\n")); + DBG_ERR("Could not alloc bitmap\n"); return NULL; } @@ -567,8 +557,7 @@ static struct bitmap *init_bitmap(TALLOC_CTX *mem_ctx, const char **ops) } } if (i == SMB_VFS_OP_LAST) { - DEBUG(0, ("Could not find opname %s, logging all\n", - *ops)); + DBG_ERR("Could not find opname %s\n", *ops); TALLOC_FREE(bm); return NULL; } @@ -756,9 +745,19 @@ static int smb_full_audit_connect(vfs_handle_struct *handle, pd->success_ops = init_bitmap( pd, lp_parm_string_list(SNUM(handle->conn), "full_audit", "success", none)); + if (pd->success_ops == NULL) { + DBG_ERR("Invalid success operations list. Failing connect\n"); + SMB_VFS_NEXT_DISCONNECT(handle); + return -1; + } pd->failure_ops = init_bitmap( pd, lp_parm_string_list(SNUM(handle->conn), "full_audit", "failure", none)); + if (pd->failure_ops == NULL) { + DBG_ERR("Invalid failure operations list. Failing connect\n"); + SMB_VFS_NEXT_DISCONNECT(handle); + return -1; + } /* Store the private data. */ SMB_VFS_HANDLE_SET_DATA(handle, pd, NULL, @@ -772,10 +771,13 @@ static int smb_full_audit_connect(vfs_handle_struct *handle, static void smb_full_audit_disconnect(vfs_handle_struct *handle) { + const struct loadparm_substitution *lp_sub = + loadparm_s3_global_substitution(); + SMB_VFS_NEXT_DISCONNECT(handle); do_log(SMB_VFS_OP_DISCONNECT, True, handle, - "%s", lp_servicename(talloc_tos(), SNUM(handle->conn))); + "%s", lp_servicename(talloc_tos(), lp_sub, SNUM(handle->conn))); /* The bitmaps will be disconnected when the private data is deleted. */ @@ -793,7 +795,11 @@ static uint64_t smb_full_audit_disk_free(vfs_handle_struct *handle, /* Don't have a reasonable notion of failure here */ - do_log(SMB_VFS_OP_DISK_FREE, True, handle, "%s", smb_fname->base_name); + do_log(SMB_VFS_OP_DISK_FREE, + True, + handle, + "%s", + smb_fname_str_do_log(handle->conn, smb_fname)); return result; } @@ -808,8 +814,11 @@ static int smb_full_audit_get_quota(struct vfs_handle_struct *handle, result = SMB_VFS_NEXT_GET_QUOTA(handle, smb_fname, qtype, id, qt); - do_log(SMB_VFS_OP_GET_QUOTA, (result >= 0), handle, "%s", - smb_fname->base_name); + do_log(SMB_VFS_OP_GET_QUOTA, + (result >= 0), + handle, + "%s", + smb_fname_str_do_log(handle->conn, smb_fname)); return result; } @@ -879,6 +888,72 @@ static NTSTATUS smb_full_audit_get_dfs_referrals( return status; } +static NTSTATUS smb_full_audit_create_dfs_pathat(struct vfs_handle_struct *handle, + struct files_struct *dirfsp, + const struct smb_filename *smb_fname, + const struct referral *reflist, + size_t referral_count) +{ + NTSTATUS status; + struct smb_filename *full_fname = NULL; + + full_fname = full_path_from_dirfsp_atname(talloc_tos(), + dirfsp, + smb_fname); + if (full_fname == NULL) { + return NT_STATUS_NO_MEMORY; + } + + status = SMB_VFS_NEXT_CREATE_DFS_PATHAT(handle, + dirfsp, + smb_fname, + reflist, + referral_count); + + do_log(SMB_VFS_OP_CREATE_DFS_PATHAT, + NT_STATUS_IS_OK(status), + handle, + "%s", + smb_fname_str_do_log(handle->conn, full_fname)); + + TALLOC_FREE(full_fname); + return status; +} + +static NTSTATUS smb_full_audit_read_dfs_pathat(struct vfs_handle_struct *handle, + TALLOC_CTX *mem_ctx, + struct files_struct *dirfsp, + struct smb_filename *smb_fname, + struct referral **ppreflist, + size_t *preferral_count) +{ + struct smb_filename *full_fname = NULL; + NTSTATUS status; + + full_fname = full_path_from_dirfsp_atname(talloc_tos(), + dirfsp, + smb_fname); + if (full_fname == NULL) { + return NT_STATUS_NO_MEMORY; + } + + status = SMB_VFS_NEXT_READ_DFS_PATHAT(handle, + mem_ctx, + dirfsp, + smb_fname, + ppreflist, + preferral_count); + + do_log(SMB_VFS_OP_READ_DFS_PATHAT, + NT_STATUS_IS_OK(status), + handle, + "%s", + smb_fname_str_do_log(handle->conn, full_fname)); + + TALLOC_FREE(full_fname); + return status; +} + static NTSTATUS smb_full_audit_snap_check_path(struct vfs_handle_struct *handle, TALLOC_CTX *mem_ctx, const char *service_path, @@ -925,21 +1000,6 @@ static NTSTATUS smb_full_audit_snap_delete(struct vfs_handle_struct *handle, return status; } -static DIR *smb_full_audit_opendir(vfs_handle_struct *handle, - const struct smb_filename *smb_fname, - const char *mask, - uint32_t attr) -{ - DIR *result; - - result = SMB_VFS_NEXT_OPENDIR(handle, smb_fname, mask, attr); - - do_log(SMB_VFS_OP_OPENDIR, (result != NULL), handle, "%s", - smb_fname->base_name); - - return result; -} - static DIR *smb_full_audit_fdopendir(vfs_handle_struct *handle, files_struct *fsp, const char *mask, uint32_t attr) { @@ -954,11 +1014,12 @@ static DIR *smb_full_audit_fdopendir(vfs_handle_struct *handle, } static struct dirent *smb_full_audit_readdir(vfs_handle_struct *handle, - DIR *dirp, SMB_STRUCT_STAT *sbuf) + struct files_struct *dirfsp, + DIR *dirp) { struct dirent *result; - result = SMB_VFS_NEXT_READDIR(handle, dirp, sbuf); + result = SMB_VFS_NEXT_READDIR(handle, dirfsp, dirp); /* This operation has no reasonable error condition * (End of dir is also failure), so always succeed. @@ -968,26 +1029,6 @@ static struct dirent *smb_full_audit_readdir(vfs_handle_struct *handle, return result; } -static void smb_full_audit_seekdir(vfs_handle_struct *handle, - DIR *dirp, long offset) -{ - SMB_VFS_NEXT_SEEKDIR(handle, dirp, offset); - - do_log(SMB_VFS_OP_SEEKDIR, True, handle, ""); -} - -static long smb_full_audit_telldir(vfs_handle_struct *handle, - DIR *dirp) -{ - long result; - - result = SMB_VFS_NEXT_TELLDIR(handle, dirp); - - do_log(SMB_VFS_OP_TELLDIR, True, handle, ""); - - return result; -} - static void smb_full_audit_rewinddir(vfs_handle_struct *handle, DIR *dirp) { @@ -996,28 +1037,34 @@ static void smb_full_audit_rewinddir(vfs_handle_struct *handle, do_log(SMB_VFS_OP_REWINDDIR, True, handle, ""); } -static int smb_full_audit_mkdir(vfs_handle_struct *handle, - const struct smb_filename *smb_fname, mode_t mode) +static int smb_full_audit_mkdirat(vfs_handle_struct *handle, + struct files_struct *dirfsp, + const struct smb_filename *smb_fname, + mode_t mode) { + struct smb_filename *full_fname = NULL; int result; - - result = SMB_VFS_NEXT_MKDIR(handle, smb_fname, mode); - - do_log(SMB_VFS_OP_MKDIR, (result >= 0), handle, "%s", - smb_fname->base_name); - return result; -} + full_fname = full_path_from_dirfsp_atname(talloc_tos(), + dirfsp, + smb_fname); + if (full_fname == NULL) { + errno = ENOMEM; + return -1; + } -static int smb_full_audit_rmdir(vfs_handle_struct *handle, - const struct smb_filename *smb_fname) -{ - int result; - - result = SMB_VFS_NEXT_RMDIR(handle, smb_fname); + result = SMB_VFS_NEXT_MKDIRAT(handle, + dirfsp, + smb_fname, + mode); + + do_log(SMB_VFS_OP_MKDIRAT, + (result >= 0), + handle, + "%s", + smb_fname_str_do_log(handle->conn, full_fname)); - do_log(SMB_VFS_OP_RMDIR, (result >= 0), handle, "%s", - smb_fname->base_name); + TALLOC_FREE(full_fname); return result; } @@ -1028,30 +1075,32 @@ static int smb_full_audit_closedir(vfs_handle_struct *handle, int result; result = SMB_VFS_NEXT_CLOSEDIR(handle, dirp); - + do_log(SMB_VFS_OP_CLOSEDIR, (result >= 0), handle, ""); return result; } -static int smb_full_audit_open(vfs_handle_struct *handle, - struct smb_filename *smb_fname, - files_struct *fsp, int flags, mode_t mode) +static int smb_full_audit_openat(vfs_handle_struct *handle, + const struct files_struct *dirfsp, + const struct smb_filename *smb_fname, + struct files_struct *fsp, + const struct vfs_open_how *how) { int result; - - result = SMB_VFS_NEXT_OPEN(handle, smb_fname, fsp, flags, mode); - do_log(SMB_VFS_OP_OPEN, (result >= 0), handle, "%s|%s", - ((flags & O_WRONLY) || (flags & O_RDWR))?"w":"r", - smb_fname_str_do_log(handle->conn, smb_fname)); + result = SMB_VFS_NEXT_OPENAT(handle, dirfsp, smb_fname, fsp, how); + + do_log(SMB_VFS_OP_OPENAT, (result >= 0), handle, "%s|%s", + ((how->flags & O_WRONLY) || (how->flags & O_RDWR))?"w":"r", + fsp_str_do_log(fsp)); return result; } static NTSTATUS smb_full_audit_create_file(vfs_handle_struct *handle, struct smb_request *req, - uint16_t root_dir_fid, + struct files_struct *dirfsp, struct smb_filename *smb_fname, uint32_t access_mask, uint32_t share_access, @@ -1098,7 +1147,7 @@ static NTSTATUS smb_full_audit_create_file(vfs_handle_struct *handle, result = SMB_VFS_NEXT_CREATE_FILE( handle, /* handle */ req, /* req */ - root_dir_fid, /* root_dir_fid */ + dirfsp, /* dirfsp */ smb_fname, /* fname */ access_mask, /* access_mask */ share_access, /* share_access */ @@ -1127,7 +1176,7 @@ static NTSTATUS smb_full_audit_create_file(vfs_handle_struct *handle, static int smb_full_audit_close(vfs_handle_struct *handle, files_struct *fsp) { int result; - + result = SMB_VFS_NEXT_CLOSE(handle, fsp); do_log(SMB_VFS_OP_CLOSE, (result >= 0), handle, "%s", @@ -1356,6 +1405,25 @@ static int smb_full_audit_renameat(vfs_handle_struct *handle, const struct smb_filename *smb_fname_dst) { int result; + int saved_errno; + struct smb_filename *full_fname_src = NULL; + struct smb_filename *full_fname_dst = NULL; + + full_fname_src = full_path_from_dirfsp_atname(talloc_tos(), + srcfsp, + smb_fname_src); + if (full_fname_src == NULL) { + errno = ENOMEM; + return -1; + } + full_fname_dst = full_path_from_dirfsp_atname(talloc_tos(), + dstfsp, + smb_fname_dst); + if (full_fname_dst == NULL) { + TALLOC_FREE(full_fname_src); + errno = ENOMEM; + return -1; + } result = SMB_VFS_NEXT_RENAMEAT(handle, srcfsp, @@ -1363,10 +1431,19 @@ static int smb_full_audit_renameat(vfs_handle_struct *handle, dstfsp, smb_fname_dst); + if (result == -1) { + saved_errno = errno; + } do_log(SMB_VFS_OP_RENAMEAT, (result >= 0), handle, "%s|%s", - smb_fname_str_do_log(handle->conn, smb_fname_src), - smb_fname_str_do_log(handle->conn, smb_fname_dst)); + smb_fname_str_do_log(handle->conn, full_fname_src), + smb_fname_str_do_log(handle->conn, full_fname_dst)); + + TALLOC_FREE(full_fname_src); + TALLOC_FREE(full_fname_dst); + if (result == -1) { + errno = saved_errno; + } return result; } @@ -1443,20 +1520,20 @@ static int smb_full_audit_stat(vfs_handle_struct *handle, struct smb_filename *smb_fname) { int result; - + result = SMB_VFS_NEXT_STAT(handle, smb_fname); do_log(SMB_VFS_OP_STAT, (result >= 0), handle, "%s", smb_fname_str_do_log(handle->conn, smb_fname)); - return result; + return result; } static int smb_full_audit_fstat(vfs_handle_struct *handle, files_struct *fsp, SMB_STRUCT_STAT *sbuf) { int result; - + result = SMB_VFS_NEXT_FSTAT(handle, fsp, sbuf); do_log(SMB_VFS_OP_FSTAT, (result >= 0), handle, "%s", @@ -1469,15 +1546,35 @@ static int smb_full_audit_lstat(vfs_handle_struct *handle, struct smb_filename *smb_fname) { int result; - + result = SMB_VFS_NEXT_LSTAT(handle, smb_fname); do_log(SMB_VFS_OP_LSTAT, (result >= 0), handle, "%s", smb_fname_str_do_log(handle->conn, smb_fname)); - return result; + return result; } +static int smb_full_audit_fstatat( + struct vfs_handle_struct *handle, + const struct files_struct *dirfsp, + const struct smb_filename *smb_fname, + SMB_STRUCT_STAT *sbuf, + int flags) +{ + int result; + + result = SMB_VFS_NEXT_FSTATAT(handle, dirfsp, smb_fname, sbuf, flags); + + do_log(SMB_VFS_OP_FSTATAT, + (result >= 0), + handle, + "%s/%s", + fsp_str_do_log(dirfsp), + smb_fname_str_do_log(handle->conn, smb_fname)); + + return result; +} static uint64_t smb_full_audit_get_alloc_size(vfs_handle_struct *handle, files_struct *fsp, const SMB_STRUCT_STAT *sbuf) { @@ -1491,31 +1588,30 @@ static uint64_t smb_full_audit_get_alloc_size(vfs_handle_struct *handle, return result; } -static int smb_full_audit_unlink(vfs_handle_struct *handle, - const struct smb_filename *smb_fname) +static int smb_full_audit_unlinkat(vfs_handle_struct *handle, + struct files_struct *dirfsp, + const struct smb_filename *smb_fname, + int flags) { + struct smb_filename *full_fname = NULL; int result; - - result = SMB_VFS_NEXT_UNLINK(handle, smb_fname); - - do_log(SMB_VFS_OP_UNLINK, (result >= 0), handle, "%s", - smb_fname_str_do_log(handle->conn, smb_fname)); - return result; -} - -static int smb_full_audit_chmod(vfs_handle_struct *handle, - const struct smb_filename *smb_fname, - mode_t mode) -{ - int result; + full_fname = full_path_from_dirfsp_atname(talloc_tos(), + dirfsp, + smb_fname); + if (full_fname == NULL) { + return -1; + } - result = SMB_VFS_NEXT_CHMOD(handle, smb_fname, mode); + result = SMB_VFS_NEXT_UNLINKAT(handle, + dirfsp, + smb_fname, + flags); - do_log(SMB_VFS_OP_CHMOD, (result >= 0), handle, "%s|%o", - smb_fname->base_name, - mode); + do_log(SMB_VFS_OP_UNLINKAT, (result >= 0), handle, "%s", + smb_fname_str_do_log(handle->conn, full_fname)); + TALLOC_FREE(full_fname); return result; } @@ -1523,7 +1619,7 @@ static int smb_full_audit_fchmod(vfs_handle_struct *handle, files_struct *fsp, mode_t mode) { int result; - + result = SMB_VFS_NEXT_FCHMOD(handle, fsp, mode); do_log(SMB_VFS_OP_FCHMOD, (result >= 0), handle, @@ -1532,21 +1628,6 @@ static int smb_full_audit_fchmod(vfs_handle_struct *handle, files_struct *fsp, return result; } -static int smb_full_audit_chown(vfs_handle_struct *handle, - const struct smb_filename *smb_fname, - uid_t uid, - gid_t gid) -{ - int result; - - result = SMB_VFS_NEXT_CHOWN(handle, smb_fname, uid, gid); - - do_log(SMB_VFS_OP_CHOWN, (result >= 0), handle, "%s|%ld|%ld", - smb_fname->base_name, (long int)uid, (long int)gid); - - return result; -} - static int smb_full_audit_fchown(vfs_handle_struct *handle, files_struct *fsp, uid_t uid, gid_t gid) { @@ -1582,8 +1663,11 @@ static int smb_full_audit_chdir(vfs_handle_struct *handle, result = SMB_VFS_NEXT_CHDIR(handle, smb_fname); - do_log(SMB_VFS_OP_CHDIR, (result >= 0), handle, "chdir|%s", - smb_fname->base_name); + do_log(SMB_VFS_OP_CHDIR, + (result >= 0), + handle, + "chdir|%s", + smb_fname_str_do_log(handle->conn, smb_fname)); return result; } @@ -1594,16 +1678,16 @@ static struct smb_filename *smb_full_audit_getwd(vfs_handle_struct *handle, struct smb_filename *result; result = SMB_VFS_NEXT_GETWD(handle, ctx); - + do_log(SMB_VFS_OP_GETWD, (result != NULL), handle, "%s", result == NULL? "" : result->base_name); return result; } -static int smb_full_audit_ntimes(vfs_handle_struct *handle, - const struct smb_filename *smb_fname, - struct smb_file_time *ft) +static int smb_full_audit_fntimes(vfs_handle_struct *handle, + files_struct *fsp, + struct smb_file_time *ft) { int result; time_t create_time = convert_timespec_to_time_t(ft->create_time); @@ -1616,7 +1700,12 @@ static int smb_full_audit_ntimes(vfs_handle_struct *handle, const char *ctime_str = ""; TALLOC_CTX *frame = talloc_stackframe(); - result = SMB_VFS_NEXT_NTIMES(handle, smb_fname, ft); + if (frame == NULL) { + errno = ENOMEM; + return -1; + } + + result = SMB_VFS_NEXT_FNTIMES(handle, fsp, ft); if (create_time > 0) { create_time_str = timestring(frame, create_time); @@ -1631,11 +1720,11 @@ static int smb_full_audit_ntimes(vfs_handle_struct *handle, ctime_str = timestring(frame, ctime); } - do_log(SMB_VFS_OP_NTIMES, + do_log(SMB_VFS_OP_FNTIMES, (result >= 0), handle, "%s|%s|%s|%s|%s", - smb_fname_str_do_log(handle->conn, smb_fname), + fsp_str_do_log(fsp), create_time_str, atime_str, mtime_str, @@ -1686,15 +1775,38 @@ static bool smb_full_audit_lock(vfs_handle_struct *handle, files_struct *fsp, return result; } -static int smb_full_audit_kernel_flock(struct vfs_handle_struct *handle, - struct files_struct *fsp, - uint32_t share_mode, uint32_t access_mask) +static int smb_full_audit_filesystem_sharemode(struct vfs_handle_struct *handle, + struct files_struct *fsp, + uint32_t share_access, + uint32_t access_mask) +{ + int result; + + result = SMB_VFS_NEXT_FILESYSTEM_SHAREMODE(handle, + fsp, + share_access, + access_mask); + + do_log(SMB_VFS_OP_FILESYSTEM_SHAREMODE, (result >= 0), handle, "%s", + fsp_str_do_log(fsp)); + + return result; +} + +static int smb_full_audit_fcntl(struct vfs_handle_struct *handle, + struct files_struct *fsp, + int cmd, va_list cmd_arg) { + void *arg; + va_list dup_cmd_arg; int result; - result = SMB_VFS_NEXT_KERNEL_FLOCK(handle, fsp, share_mode, access_mask); + va_copy(dup_cmd_arg, cmd_arg); + arg = va_arg(dup_cmd_arg, void *); + result = SMB_VFS_NEXT_FCNTL(handle, fsp, cmd, arg); + va_end(dup_cmd_arg); - do_log(SMB_VFS_OP_KERNEL_FLOCK, (result >= 0), handle, "%s", + do_log(SMB_VFS_OP_FCNTL, (result >= 0), handle, "%s", fsp_str_do_log(fsp)); return result; @@ -1725,31 +1837,67 @@ static bool smb_full_audit_getlock(vfs_handle_struct *handle, files_struct *fsp, return result; } -static int smb_full_audit_symlink(vfs_handle_struct *handle, - const char *link_contents, +static int smb_full_audit_symlinkat(vfs_handle_struct *handle, + const struct smb_filename *link_contents, + struct files_struct *dirfsp, const struct smb_filename *new_smb_fname) { + struct smb_filename *full_fname = NULL; int result; - result = SMB_VFS_NEXT_SYMLINK(handle, link_contents, new_smb_fname); + full_fname = full_path_from_dirfsp_atname(talloc_tos(), + dirfsp, + new_smb_fname); + if (full_fname == NULL) { + return -1; + } + + result = SMB_VFS_NEXT_SYMLINKAT(handle, + link_contents, + dirfsp, + new_smb_fname); + + do_log(SMB_VFS_OP_SYMLINKAT, + (result >= 0), + handle, + "%s|%s", + link_contents->base_name, + smb_fname_str_do_log(handle->conn, full_fname)); - do_log(SMB_VFS_OP_SYMLINK, (result >= 0), handle, - "%s|%s", link_contents, new_smb_fname->base_name); + TALLOC_FREE(full_fname); return result; } -static int smb_full_audit_readlink(vfs_handle_struct *handle, +static int smb_full_audit_readlinkat(vfs_handle_struct *handle, + const struct files_struct *dirfsp, const struct smb_filename *smb_fname, char *buf, size_t bufsiz) { + struct smb_filename *full_fname = NULL; int result; - result = SMB_VFS_NEXT_READLINK(handle, smb_fname, buf, bufsiz); + full_fname = full_path_from_dirfsp_atname(talloc_tos(), + dirfsp, + smb_fname); + if (full_fname == NULL) { + return -1; + } + + result = SMB_VFS_NEXT_READLINKAT(handle, + dirfsp, + smb_fname, + buf, + bufsiz); - do_log(SMB_VFS_OP_READLINK, (result >= 0), handle, "%s", - smb_fname->base_name); + do_log(SMB_VFS_OP_READLINKAT, + (result >= 0), + handle, + "%s", + smb_fname_str_do_log(handle->conn, full_fname)); + + TALLOC_FREE(full_fname); return result; } @@ -1761,8 +1909,23 @@ static int smb_full_audit_linkat(vfs_handle_struct *handle, const struct smb_filename *new_smb_fname, int flags) { + struct smb_filename *old_full_fname = NULL; + struct smb_filename *new_full_fname = NULL; int result; + old_full_fname = full_path_from_dirfsp_atname(talloc_tos(), + srcfsp, + old_smb_fname); + if (old_full_fname == NULL) { + return -1; + } + new_full_fname = full_path_from_dirfsp_atname(talloc_tos(), + dstfsp, + new_smb_fname); + if (new_full_fname == NULL) { + TALLOC_FREE(old_full_fname); + return -1; + } result = SMB_VFS_NEXT_LINKAT(handle, srcfsp, old_smb_fname, @@ -1770,23 +1933,48 @@ static int smb_full_audit_linkat(vfs_handle_struct *handle, new_smb_fname, flags); - do_log(SMB_VFS_OP_LINKAT, (result >= 0), handle, - "%s|%s", old_smb_fname->base_name, new_smb_fname->base_name); + do_log(SMB_VFS_OP_LINKAT, + (result >= 0), + handle, + "%s|%s", + smb_fname_str_do_log(handle->conn, old_full_fname), + smb_fname_str_do_log(handle->conn, new_full_fname)); + + TALLOC_FREE(old_full_fname); + TALLOC_FREE(new_full_fname); return result; } -static int smb_full_audit_mknod(vfs_handle_struct *handle, +static int smb_full_audit_mknodat(vfs_handle_struct *handle, + files_struct *dirfsp, const struct smb_filename *smb_fname, mode_t mode, SMB_DEV_T dev) { + struct smb_filename *full_fname = NULL; int result; - result = SMB_VFS_NEXT_MKNOD(handle, smb_fname, mode, dev); + full_fname = full_path_from_dirfsp_atname(talloc_tos(), + dirfsp, + smb_fname); + if (full_fname == NULL) { + return -1; + } + + result = SMB_VFS_NEXT_MKNODAT(handle, + dirfsp, + smb_fname, + mode, + dev); + + do_log(SMB_VFS_OP_MKNODAT, + (result >= 0), + handle, + "%s", + smb_fname_str_do_log(handle->conn, full_fname)); - do_log(SMB_VFS_OP_MKNOD, (result >= 0), handle, "%s", - smb_fname->base_name); + TALLOC_FREE(full_fname); return result; } @@ -1799,22 +1987,28 @@ static struct smb_filename *smb_full_audit_realpath(vfs_handle_struct *handle, result_fname = SMB_VFS_NEXT_REALPATH(handle, ctx, smb_fname); - do_log(SMB_VFS_OP_REALPATH, (result_fname != NULL), handle, "%s", - smb_fname->base_name); + do_log(SMB_VFS_OP_REALPATH, + (result_fname != NULL), + handle, + "%s", + smb_fname_str_do_log(handle->conn, smb_fname)); return result_fname; } -static int smb_full_audit_chflags(vfs_handle_struct *handle, - const struct smb_filename *smb_fname, +static int smb_full_audit_fchflags(vfs_handle_struct *handle, + struct files_struct *fsp, unsigned int flags) { int result; - result = SMB_VFS_NEXT_CHFLAGS(handle, smb_fname, flags); + result = SMB_VFS_NEXT_FCHFLAGS(handle, fsp, flags); - do_log(SMB_VFS_OP_CHFLAGS, (result != 0), handle, "%s", - smb_fname->base_name); + do_log(SMB_VFS_OP_FCHFLAGS, + (result != 0), + handle, + "%s", + smb_fname_str_do_log(handle->conn, fsp->fsp_name)); return result; } @@ -1822,16 +2016,17 @@ static int smb_full_audit_chflags(vfs_handle_struct *handle, static struct file_id smb_full_audit_file_id_create(struct vfs_handle_struct *handle, const SMB_STRUCT_STAT *sbuf) { - struct file_id id_zero; + struct file_id id_zero = { 0 }; struct file_id result; - - ZERO_STRUCT(id_zero); + struct file_id_buf idbuf; result = SMB_VFS_NEXT_FILE_ID_CREATE(handle, sbuf); do_log(SMB_VFS_OP_FILE_ID_CREATE, !file_id_equal(&id_zero, &result), - handle, "%s", file_id_string_tos(&result)); + handle, + "%s", + file_id_str_buf(result, &idbuf)); return result; } @@ -1850,50 +2045,63 @@ static uint64_t smb_full_audit_fs_file_id(struct vfs_handle_struct *handle, return result; } -static NTSTATUS smb_full_audit_streaminfo(vfs_handle_struct *handle, - struct files_struct *fsp, - const struct smb_filename *smb_fname, - TALLOC_CTX *mem_ctx, - unsigned int *pnum_streams, - struct stream_struct **pstreams) +static NTSTATUS smb_full_audit_fstreaminfo(vfs_handle_struct *handle, + struct files_struct *fsp, + TALLOC_CTX *mem_ctx, + unsigned int *pnum_streams, + struct stream_struct **pstreams) { - NTSTATUS result; + NTSTATUS result; - result = SMB_VFS_NEXT_STREAMINFO(handle, fsp, smb_fname, mem_ctx, - pnum_streams, pstreams); + result = SMB_VFS_NEXT_FSTREAMINFO(handle, fsp, mem_ctx, + pnum_streams, pstreams); - do_log(SMB_VFS_OP_STREAMINFO, NT_STATUS_IS_OK(result), handle, - "%s", smb_fname->base_name); + do_log(SMB_VFS_OP_FSTREAMINFO, + NT_STATUS_IS_OK(result), + handle, + "%s", + smb_fname_str_do_log(handle->conn, fsp->fsp_name)); - return result; + return result; } -static int smb_full_audit_get_real_filename(struct vfs_handle_struct *handle, - const char *path, - const char *name, - TALLOC_CTX *mem_ctx, - char **found_name) +static NTSTATUS smb_full_audit_get_real_filename_at( + struct vfs_handle_struct *handle, + struct files_struct *dirfsp, + const char *name, + TALLOC_CTX *mem_ctx, + char **found_name) { - int result; + NTSTATUS result; - result = SMB_VFS_NEXT_GET_REAL_FILENAME(handle, path, name, mem_ctx, - found_name); + result = SMB_VFS_NEXT_GET_REAL_FILENAME_AT( + handle, dirfsp, name, mem_ctx, found_name); - do_log(SMB_VFS_OP_GET_REAL_FILENAME, (result == 0), handle, - "%s/%s->%s", path, name, (result == 0) ? *found_name : ""); + do_log(SMB_VFS_OP_GET_REAL_FILENAME_AT, + NT_STATUS_IS_OK(result), + handle, + "%s/%s->%s", + fsp_str_dbg(dirfsp), + name, + NT_STATUS_IS_OK(result) ? *found_name : ""); return result; } -static const char *smb_full_audit_connectpath(vfs_handle_struct *handle, - const struct smb_filename *smb_fname) +static const char *smb_full_audit_connectpath( + vfs_handle_struct *handle, + const struct files_struct *dirfsp, + const struct smb_filename *smb_fname) { const char *result; - result = SMB_VFS_NEXT_CONNECTPATH(handle, smb_fname); + result = SMB_VFS_NEXT_CONNECTPATH(handle, dirfsp, smb_fname); - do_log(SMB_VFS_OP_CONNECTPATH, result != NULL, handle, - "%s", smb_fname->base_name); + do_log(SMB_VFS_OP_CONNECTPATH, + result != NULL, + handle, + "%s", + smb_fname_str_do_log(handle->conn, smb_fname)); return result; } @@ -1966,6 +2174,28 @@ static NTSTATUS smb_full_audit_translate_name(struct vfs_handle_struct *handle, return result; } +static NTSTATUS smb_full_audit_parent_pathname(struct vfs_handle_struct *handle, + TALLOC_CTX *mem_ctx, + const struct smb_filename *smb_fname_in, + struct smb_filename **parent_dir_out, + struct smb_filename **atname_out) +{ + NTSTATUS result; + + result = SMB_VFS_NEXT_PARENT_PATHNAME(handle, + mem_ctx, + smb_fname_in, + parent_dir_out, + atname_out); + do_log(SMB_VFS_OP_CONNECTPATH, + NT_STATUS_IS_OK(result), + handle, + "%s", + smb_fname_str_do_log(handle->conn, smb_fname_in)); + + return result; +} + static NTSTATUS smb_full_audit_fsctl(struct vfs_handle_struct *handle, struct files_struct *fsp, TALLOC_CTX *ctx, @@ -2019,12 +2249,14 @@ static NTSTATUS smb_full_audit_offload_read_recv( struct tevent_req *req, struct vfs_handle_struct *handle, TALLOC_CTX *mem_ctx, + uint32_t *flags, + uint64_t *xferlen, DATA_BLOB *_token_blob) { NTSTATUS status; status = SMB_VFS_NEXT_OFFLOAD_READ_RECV(req, handle, mem_ctx, - _token_blob); + flags, xferlen, _token_blob); do_log(SMB_VFS_OP_OFFLOAD_READ_RECV, NT_STATUS_IS_OK(status), handle, ""); @@ -2065,21 +2297,19 @@ static NTSTATUS smb_full_audit_offload_write_recv(struct vfs_handle_struct *hand return result; } -static NTSTATUS smb_full_audit_get_compression(vfs_handle_struct *handle, +static NTSTATUS smb_full_audit_fget_compression(vfs_handle_struct *handle, TALLOC_CTX *mem_ctx, struct files_struct *fsp, - struct smb_filename *smb_fname, uint16_t *_compression_fmt) { NTSTATUS result; - result = SMB_VFS_NEXT_GET_COMPRESSION(handle, mem_ctx, fsp, smb_fname, + result = SMB_VFS_NEXT_FGET_COMPRESSION(handle, mem_ctx, fsp, _compression_fmt); - do_log(SMB_VFS_OP_GET_COMPRESSION, NT_STATUS_IS_OK(result), handle, + do_log(SMB_VFS_OP_FGET_COMPRESSION, NT_STATUS_IS_OK(result), handle, "%s", - (fsp ? fsp_str_do_log(fsp) : - smb_fname_str_do_log(handle->conn, smb_fname))); + fsp_str_do_log(fsp)); return result; } @@ -2100,37 +2330,20 @@ static NTSTATUS smb_full_audit_set_compression(vfs_handle_struct *handle, return result; } -static NTSTATUS smb_full_audit_readdir_attr(struct vfs_handle_struct *handle, - const struct smb_filename *fname, - TALLOC_CTX *mem_ctx, - struct readdir_attr_data **pattr_data) +static NTSTATUS smb_full_audit_freaddir_attr(struct vfs_handle_struct *handle, + struct files_struct *fsp, + TALLOC_CTX *mem_ctx, + struct readdir_attr_data **pattr_data) { NTSTATUS status; - status = SMB_VFS_NEXT_READDIR_ATTR(handle, fname, mem_ctx, pattr_data); - - do_log(SMB_VFS_OP_READDIR_ATTR, NT_STATUS_IS_OK(status), handle, "%s", - smb_fname_str_do_log(handle->conn, fname)); - - return status; -} - -static NTSTATUS smb_full_audit_get_dos_attributes( - struct vfs_handle_struct *handle, - struct smb_filename *smb_fname, - uint32_t *dosmode) -{ - NTSTATUS status; - - status = SMB_VFS_NEXT_GET_DOS_ATTRIBUTES(handle, - smb_fname, - dosmode); + status = SMB_VFS_NEXT_FREADDIR_ATTR(handle, fsp, mem_ctx, pattr_data); - do_log(SMB_VFS_OP_GET_DOS_ATTRIBUTES, - NT_STATUS_IS_OK(status), - handle, - "%s", - smb_fname_str_do_log(handle->conn, smb_fname)); + do_log(SMB_VFS_OP_FREADDIR_ATTR, + NT_STATUS_IS_OK(status), + handle, + "%s", + fsp_str_do_log(fsp)); return status; } @@ -2276,26 +2489,6 @@ static NTSTATUS smb_full_audit_fget_dos_attributes( return status; } -static NTSTATUS smb_full_audit_set_dos_attributes( - struct vfs_handle_struct *handle, - const struct smb_filename *smb_fname, - uint32_t dosmode) -{ - NTSTATUS status; - - status = SMB_VFS_NEXT_SET_DOS_ATTRIBUTES(handle, - smb_fname, - dosmode); - - do_log(SMB_VFS_OP_SET_DOS_ATTRIBUTES, - NT_STATUS_IS_OK(status), - handle, - "%s", - smb_fname_str_do_log(handle->conn, smb_fname)); - - return status; -} - static NTSTATUS smb_full_audit_fset_dos_attributes( struct vfs_handle_struct *handle, struct files_struct *fsp, @@ -2332,23 +2525,6 @@ static NTSTATUS smb_full_audit_fget_nt_acl(vfs_handle_struct *handle, files_stru return result; } -static NTSTATUS smb_full_audit_get_nt_acl(vfs_handle_struct *handle, - const struct smb_filename *smb_fname, - uint32_t security_info, - TALLOC_CTX *mem_ctx, - struct security_descriptor **ppdesc) -{ - NTSTATUS result; - - result = SMB_VFS_NEXT_GET_NT_ACL(handle, smb_fname, security_info, - mem_ctx, ppdesc); - - do_log(SMB_VFS_OP_GET_NT_ACL, NT_STATUS_IS_OK(result), handle, - "%s", smb_fname_str_do_log(handle->conn, smb_fname)); - - return result; -} - static NTSTATUS smb_full_audit_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32_t security_info_sent, const struct security_descriptor *psd) @@ -2396,28 +2572,17 @@ static NTSTATUS smb_full_audit_audit_file(struct vfs_handle_struct *handle, return result; } -static SMB_ACL_T smb_full_audit_sys_acl_get_file(vfs_handle_struct *handle, - const struct smb_filename *smb_fname, - SMB_ACL_TYPE_T type, - TALLOC_CTX *mem_ctx) -{ - SMB_ACL_T result; - - result = SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, smb_fname, - type, mem_ctx); - - do_log(SMB_VFS_OP_SYS_ACL_GET_FILE, (result != NULL), handle, - "%s", smb_fname->base_name); - - return result; -} - static SMB_ACL_T smb_full_audit_sys_acl_get_fd(vfs_handle_struct *handle, - files_struct *fsp, TALLOC_CTX *mem_ctx) + files_struct *fsp, + SMB_ACL_TYPE_T type, + TALLOC_CTX *mem_ctx) { SMB_ACL_T result; - result = SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp, mem_ctx); + result = SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, + fsp, + type, + mem_ctx); do_log(SMB_VFS_OP_SYS_ACL_GET_FD, (result != NULL), handle, "%s", fsp_str_do_log(fsp)); @@ -2425,23 +2590,6 @@ static SMB_ACL_T smb_full_audit_sys_acl_get_fd(vfs_handle_struct *handle, return result; } -static int smb_full_audit_sys_acl_blob_get_file(vfs_handle_struct *handle, - const struct smb_filename *smb_fname, - TALLOC_CTX *mem_ctx, - char **blob_description, - DATA_BLOB *blob) -{ - int result; - - result = SMB_VFS_NEXT_SYS_ACL_BLOB_GET_FILE(handle, smb_fname, - mem_ctx, blob_description, blob); - - do_log(SMB_VFS_OP_SYS_ACL_BLOB_GET_FILE, (result >= 0), handle, - "%s", smb_fname->base_name); - - return result; -} - static int smb_full_audit_sys_acl_blob_get_fd(vfs_handle_struct *handle, files_struct *fsp, TALLOC_CTX *mem_ctx, @@ -2458,28 +2606,14 @@ static int smb_full_audit_sys_acl_blob_get_fd(vfs_handle_struct *handle, return result; } -static int smb_full_audit_sys_acl_set_file(vfs_handle_struct *handle, - const struct smb_filename *smb_fname, - SMB_ACL_TYPE_T acltype, - SMB_ACL_T theacl) -{ - int result; - - result = SMB_VFS_NEXT_SYS_ACL_SET_FILE(handle, smb_fname, acltype, - theacl); - - do_log(SMB_VFS_OP_SYS_ACL_SET_FILE, (result >= 0), handle, - "%s", smb_fname->base_name); - - return result; -} - -static int smb_full_audit_sys_acl_set_fd(vfs_handle_struct *handle, files_struct *fsp, - SMB_ACL_T theacl) +static int smb_full_audit_sys_acl_set_fd(vfs_handle_struct *handle, + struct files_struct *fsp, + SMB_ACL_TYPE_T type, + SMB_ACL_T theacl) { int result; - result = SMB_VFS_NEXT_SYS_ACL_SET_FD(handle, fsp, theacl); + result = SMB_VFS_NEXT_SYS_ACL_SET_FD(handle, fsp, type, theacl); do_log(SMB_VFS_OP_SYS_ACL_SET_FD, (result >= 0), handle, "%s", fsp_str_do_log(fsp)); @@ -2487,29 +2621,18 @@ static int smb_full_audit_sys_acl_set_fd(vfs_handle_struct *handle, files_struct return result; } -static int smb_full_audit_sys_acl_delete_def_file(vfs_handle_struct *handle, - const struct smb_filename *smb_fname) +static int smb_full_audit_sys_acl_delete_def_fd(vfs_handle_struct *handle, + struct files_struct *fsp) { int result; - result = SMB_VFS_NEXT_SYS_ACL_DELETE_DEF_FILE(handle, smb_fname); + result = SMB_VFS_NEXT_SYS_ACL_DELETE_DEF_FD(handle, fsp); - do_log(SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE, (result >= 0), handle, - "%s", smb_fname->base_name); - - return result; -} - -static ssize_t smb_full_audit_getxattr(struct vfs_handle_struct *handle, - const struct smb_filename *smb_fname, - const char *name, void *value, size_t size) -{ - ssize_t result; - - result = SMB_VFS_NEXT_GETXATTR(handle, smb_fname, name, value, size); - - do_log(SMB_VFS_OP_GETXATTR, (result >= 0), handle, - "%s|%s", smb_fname->base_name, name); + do_log(SMB_VFS_OP_SYS_ACL_DELETE_DEF_FD, + (result >= 0), + handle, + "%s", + fsp_str_do_log(fsp)); return result; } @@ -2661,21 +2784,6 @@ static ssize_t smb_full_audit_fgetxattr(struct vfs_handle_struct *handle, return result; } -static ssize_t smb_full_audit_listxattr(struct vfs_handle_struct *handle, - const struct smb_filename *smb_fname, - char *list, - size_t size) -{ - ssize_t result; - - result = SMB_VFS_NEXT_LISTXATTR(handle, smb_fname, list, size); - - do_log(SMB_VFS_OP_LISTXATTR, (result >= 0), handle, "%s", - smb_fname->base_name); - - return result; -} - static ssize_t smb_full_audit_flistxattr(struct vfs_handle_struct *handle, struct files_struct *fsp, char *list, size_t size) @@ -2690,20 +2798,6 @@ static ssize_t smb_full_audit_flistxattr(struct vfs_handle_struct *handle, return result; } -static int smb_full_audit_removexattr(struct vfs_handle_struct *handle, - const struct smb_filename *smb_fname, - const char *name) -{ - int result; - - result = SMB_VFS_NEXT_REMOVEXATTR(handle, smb_fname, name); - - do_log(SMB_VFS_OP_REMOVEXATTR, (result >= 0), handle, - "%s|%s", smb_fname->base_name, name); - - return result; -} - static int smb_full_audit_fremovexattr(struct vfs_handle_struct *handle, struct files_struct *fsp, const char *name) @@ -2718,22 +2812,6 @@ static int smb_full_audit_fremovexattr(struct vfs_handle_struct *handle, return result; } -static int smb_full_audit_setxattr(struct vfs_handle_struct *handle, - const struct smb_filename *smb_fname, - const char *name, const void *value, size_t size, - int flags) -{ - int result; - - result = SMB_VFS_NEXT_SETXATTR(handle, smb_fname, name, value, size, - flags); - - do_log(SMB_VFS_OP_SETXATTR, (result >= 0), handle, - "%s|%s", smb_fname->base_name, name); - - return result; -} - static int smb_full_audit_fsetxattr(struct vfs_handle_struct *handle, struct files_struct *fsp, const char *name, const void *value, size_t size, int flags) @@ -2839,16 +2917,14 @@ static struct vfs_fn_pointers vfs_full_audit_fns = { .statvfs_fn = smb_full_audit_statvfs, .fs_capabilities_fn = smb_full_audit_fs_capabilities, .get_dfs_referrals_fn = smb_full_audit_get_dfs_referrals, - .opendir_fn = smb_full_audit_opendir, + .create_dfs_pathat_fn = smb_full_audit_create_dfs_pathat, + .read_dfs_pathat_fn = smb_full_audit_read_dfs_pathat, .fdopendir_fn = smb_full_audit_fdopendir, .readdir_fn = smb_full_audit_readdir, - .seekdir_fn = smb_full_audit_seekdir, - .telldir_fn = smb_full_audit_telldir, .rewind_dir_fn = smb_full_audit_rewinddir, - .mkdir_fn = smb_full_audit_mkdir, - .rmdir_fn = smb_full_audit_rmdir, + .mkdirat_fn = smb_full_audit_mkdirat, .closedir_fn = smb_full_audit_closedir, - .open_fn = smb_full_audit_open, + .openat_fn = smb_full_audit_openat, .create_file_fn = smb_full_audit_create_file, .close_fn = smb_full_audit_close, .pread_fn = smb_full_audit_pread, @@ -2866,80 +2942,70 @@ static struct vfs_fn_pointers vfs_full_audit_fns = { .stat_fn = smb_full_audit_stat, .fstat_fn = smb_full_audit_fstat, .lstat_fn = smb_full_audit_lstat, + .fstatat_fn = smb_full_audit_fstatat, .get_alloc_size_fn = smb_full_audit_get_alloc_size, - .unlink_fn = smb_full_audit_unlink, - .chmod_fn = smb_full_audit_chmod, + .unlinkat_fn = smb_full_audit_unlinkat, .fchmod_fn = smb_full_audit_fchmod, - .chown_fn = smb_full_audit_chown, .fchown_fn = smb_full_audit_fchown, .lchown_fn = smb_full_audit_lchown, .chdir_fn = smb_full_audit_chdir, .getwd_fn = smb_full_audit_getwd, - .ntimes_fn = smb_full_audit_ntimes, + .fntimes_fn = smb_full_audit_fntimes, .ftruncate_fn = smb_full_audit_ftruncate, .fallocate_fn = smb_full_audit_fallocate, .lock_fn = smb_full_audit_lock, - .kernel_flock_fn = smb_full_audit_kernel_flock, + .filesystem_sharemode_fn = smb_full_audit_filesystem_sharemode, + .fcntl_fn = smb_full_audit_fcntl, .linux_setlease_fn = smb_full_audit_linux_setlease, .getlock_fn = smb_full_audit_getlock, - .symlink_fn = smb_full_audit_symlink, - .readlink_fn = smb_full_audit_readlink, + .symlinkat_fn = smb_full_audit_symlinkat, + .readlinkat_fn = smb_full_audit_readlinkat, .linkat_fn = smb_full_audit_linkat, - .mknod_fn = smb_full_audit_mknod, + .mknodat_fn = smb_full_audit_mknodat, .realpath_fn = smb_full_audit_realpath, - .chflags_fn = smb_full_audit_chflags, + .fchflags_fn = smb_full_audit_fchflags, .file_id_create_fn = smb_full_audit_file_id_create, .fs_file_id_fn = smb_full_audit_fs_file_id, .offload_read_send_fn = smb_full_audit_offload_read_send, .offload_read_recv_fn = smb_full_audit_offload_read_recv, .offload_write_send_fn = smb_full_audit_offload_write_send, .offload_write_recv_fn = smb_full_audit_offload_write_recv, - .get_compression_fn = smb_full_audit_get_compression, + .fget_compression_fn = smb_full_audit_fget_compression, .set_compression_fn = smb_full_audit_set_compression, .snap_check_path_fn = smb_full_audit_snap_check_path, .snap_create_fn = smb_full_audit_snap_create, .snap_delete_fn = smb_full_audit_snap_delete, - .streaminfo_fn = smb_full_audit_streaminfo, - .get_real_filename_fn = smb_full_audit_get_real_filename, + .fstreaminfo_fn = smb_full_audit_fstreaminfo, + .get_real_filename_at_fn = smb_full_audit_get_real_filename_at, .connectpath_fn = smb_full_audit_connectpath, .brl_lock_windows_fn = smb_full_audit_brl_lock_windows, .brl_unlock_windows_fn = smb_full_audit_brl_unlock_windows, .strict_lock_check_fn = smb_full_audit_strict_lock_check, .translate_name_fn = smb_full_audit_translate_name, + .parent_pathname_fn = smb_full_audit_parent_pathname, .fsctl_fn = smb_full_audit_fsctl, - .get_dos_attributes_fn = smb_full_audit_get_dos_attributes, .get_dos_attributes_send_fn = smb_full_audit_get_dos_attributes_send, .get_dos_attributes_recv_fn = smb_full_audit_get_dos_attributes_recv, .fget_dos_attributes_fn = smb_full_audit_fget_dos_attributes, - .set_dos_attributes_fn = smb_full_audit_set_dos_attributes, .fset_dos_attributes_fn = smb_full_audit_fset_dos_attributes, .fget_nt_acl_fn = smb_full_audit_fget_nt_acl, - .get_nt_acl_fn = smb_full_audit_get_nt_acl, .fset_nt_acl_fn = smb_full_audit_fset_nt_acl, .audit_file_fn = smb_full_audit_audit_file, - .sys_acl_get_file_fn = smb_full_audit_sys_acl_get_file, .sys_acl_get_fd_fn = smb_full_audit_sys_acl_get_fd, - .sys_acl_blob_get_file_fn = smb_full_audit_sys_acl_blob_get_file, .sys_acl_blob_get_fd_fn = smb_full_audit_sys_acl_blob_get_fd, - .sys_acl_set_file_fn = smb_full_audit_sys_acl_set_file, .sys_acl_set_fd_fn = smb_full_audit_sys_acl_set_fd, - .sys_acl_delete_def_file_fn = smb_full_audit_sys_acl_delete_def_file, - .getxattr_fn = smb_full_audit_getxattr, + .sys_acl_delete_def_fd_fn = smb_full_audit_sys_acl_delete_def_fd, .getxattrat_send_fn = smb_full_audit_getxattrat_send, .getxattrat_recv_fn = smb_full_audit_getxattrat_recv, .fgetxattr_fn = smb_full_audit_fgetxattr, - .listxattr_fn = smb_full_audit_listxattr, .flistxattr_fn = smb_full_audit_flistxattr, - .removexattr_fn = smb_full_audit_removexattr, .fremovexattr_fn = smb_full_audit_fremovexattr, - .setxattr_fn = smb_full_audit_setxattr, .fsetxattr_fn = smb_full_audit_fsetxattr, .aio_force_fn = smb_full_audit_aio_force, .durable_cookie_fn = smb_full_audit_durable_cookie, .durable_disconnect_fn = smb_full_audit_durable_disconnect, .durable_reconnect_fn = smb_full_audit_durable_reconnect, - .readdir_attr_fn = smb_full_audit_readdir_attr - + .freaddir_attr_fn = smb_full_audit_freaddir_attr, }; static_decl_vfs; @@ -2964,6 +3030,6 @@ NTSTATUS vfs_full_audit_init(TALLOC_CTX *ctx) DEBUG(10, ("vfs_full_audit: Debug class number of " "'full_audit': %d\n", vfs_full_audit_debug_level)); } - + return ret; }