2 * Auditing VFS module for samba. Log selected file operations to syslog
5 * Copyright (C) Tim Potter, 1999-2000
6 * Copyright (C) Alexander Bokovoy, 2002
7 * Copyright (C) John H Terpstra, 2003
8 * Copyright (C) Stefan (metze) Metzmacher, 2003
9 * Copyright (C) Volker Lendecke, 2004
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 3 of the License, or
14 * (at your option) any later version.
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, see <http://www.gnu.org/licenses/>.
26 * This module implements parseable logging for all Samba VFS operations.
28 * You use it as follows:
32 * vfs objects = full_audit
33 * full_audit:prefix = %u|%I
34 * full_audit:success = open opendir
35 * full_audit:failure = all
37 * vfs op can be "all" which means log all operations.
38 * vfs op can be "none" which means no logging.
40 * This leads to syslog entries of the form:
41 * smbd_audit: nobody|192.168.234.1|opendir|ok|.
42 * smbd_audit: nobody|192.168.234.1|open|fail (File not found)|r|x.txt
44 * where "nobody" is the connected username and "192.168.234.1" is the
45 * client's IP address.
49 * prefix: A macro expansion template prepended to the syslog entry.
51 * success: A list of VFS operations for which a successful completion should
52 * be logged. Defaults to no logging at all. The special operation "all" logs
53 * - you guessed it - everything.
55 * failure: A list of VFS operations for which failure to complete should be
56 * logged. Defaults to logging everything.
61 #include "../librpc/gen_ndr/ndr_netlogon.h"
63 static int vfs_full_audit_debug_level = DBGC_VFS;
65 struct vfs_full_audit_private_data {
66 struct bitmap *success_ops;
67 struct bitmap *failure_ops;
71 #define DBGC_CLASS vfs_full_audit_debug_level
73 typedef enum _vfs_op_type {
78 SMB_VFS_OP_CONNECT = 0,
79 SMB_VFS_OP_DISCONNECT,
83 SMB_VFS_OP_GET_SHADOW_COPY_DATA,
85 SMB_VFS_OP_FS_CAPABILITIES,
87 /* Directory operations */
98 SMB_VFS_OP_INIT_SEARCH_OP,
100 /* File operations */
103 SMB_VFS_OP_CREATE_FILE,
117 SMB_VFS_OP_GET_ALLOC_SIZE,
127 SMB_VFS_OP_FTRUNCATE,
128 SMB_VFS_OP_FALLOCATE,
130 SMB_VFS_OP_KERNEL_FLOCK,
131 SMB_VFS_OP_LINUX_SETLEASE,
138 SMB_VFS_OP_NOTIFY_WATCH,
140 SMB_VFS_OP_FILE_ID_CREATE,
141 SMB_VFS_OP_STREAMINFO,
142 SMB_VFS_OP_GET_REAL_FILENAME,
143 SMB_VFS_OP_CONNECTPATH,
144 SMB_VFS_OP_BRL_LOCK_WINDOWS,
145 SMB_VFS_OP_BRL_UNLOCK_WINDOWS,
146 SMB_VFS_OP_BRL_CANCEL_WINDOWS,
147 SMB_VFS_OP_STRICT_LOCK,
148 SMB_VFS_OP_STRICT_UNLOCK,
149 SMB_VFS_OP_TRANSLATE_NAME,
151 /* NT ACL operations. */
153 SMB_VFS_OP_FGET_NT_ACL,
154 SMB_VFS_OP_GET_NT_ACL,
155 SMB_VFS_OP_FSET_NT_ACL,
157 /* POSIX ACL operations. */
159 SMB_VFS_OP_CHMOD_ACL,
160 SMB_VFS_OP_FCHMOD_ACL,
162 SMB_VFS_OP_SYS_ACL_GET_ENTRY,
163 SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE,
164 SMB_VFS_OP_SYS_ACL_GET_PERMSET,
165 SMB_VFS_OP_SYS_ACL_GET_QUALIFIER,
166 SMB_VFS_OP_SYS_ACL_GET_FILE,
167 SMB_VFS_OP_SYS_ACL_GET_FD,
168 SMB_VFS_OP_SYS_ACL_CLEAR_PERMS,
169 SMB_VFS_OP_SYS_ACL_ADD_PERM,
170 SMB_VFS_OP_SYS_ACL_TO_TEXT,
171 SMB_VFS_OP_SYS_ACL_INIT,
172 SMB_VFS_OP_SYS_ACL_CREATE_ENTRY,
173 SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE,
174 SMB_VFS_OP_SYS_ACL_SET_QUALIFIER,
175 SMB_VFS_OP_SYS_ACL_SET_PERMSET,
176 SMB_VFS_OP_SYS_ACL_VALID,
177 SMB_VFS_OP_SYS_ACL_SET_FILE,
178 SMB_VFS_OP_SYS_ACL_SET_FD,
179 SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE,
180 SMB_VFS_OP_SYS_ACL_GET_PERM,
181 SMB_VFS_OP_SYS_ACL_FREE_TEXT,
182 SMB_VFS_OP_SYS_ACL_FREE_ACL,
183 SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER,
187 SMB_VFS_OP_LGETXATTR,
188 SMB_VFS_OP_FGETXATTR,
189 SMB_VFS_OP_LISTXATTR,
190 SMB_VFS_OP_LLISTXATTR,
191 SMB_VFS_OP_FLISTXATTR,
192 SMB_VFS_OP_REMOVEXATTR,
193 SMB_VFS_OP_LREMOVEXATTR,
194 SMB_VFS_OP_FREMOVEXATTR,
196 SMB_VFS_OP_LSETXATTR,
197 SMB_VFS_OP_FSETXATTR,
201 SMB_VFS_OP_AIO_WRITE,
202 SMB_VFS_OP_AIO_RETURN,
203 SMB_VFS_OP_AIO_CANCEL,
204 SMB_VFS_OP_AIO_ERROR,
205 SMB_VFS_OP_AIO_FSYNC,
206 SMB_VFS_OP_AIO_SUSPEND,
207 SMB_VFS_OP_AIO_FORCE,
209 /* offline operations */
210 SMB_VFS_OP_IS_OFFLINE,
211 SMB_VFS_OP_SET_OFFLINE,
213 /* This should always be last enum value */
218 /* The following array *must* be in the same order as defined in vfs.h */
224 { SMB_VFS_OP_CONNECT, "connect" },
225 { SMB_VFS_OP_DISCONNECT, "disconnect" },
226 { SMB_VFS_OP_DISK_FREE, "disk_free" },
227 { SMB_VFS_OP_GET_QUOTA, "get_quota" },
228 { SMB_VFS_OP_SET_QUOTA, "set_quota" },
229 { SMB_VFS_OP_GET_SHADOW_COPY_DATA, "get_shadow_copy_data" },
230 { SMB_VFS_OP_STATVFS, "statvfs" },
231 { SMB_VFS_OP_FS_CAPABILITIES, "fs_capabilities" },
232 { SMB_VFS_OP_OPENDIR, "opendir" },
233 { SMB_VFS_OP_FDOPENDIR, "fdopendir" },
234 { SMB_VFS_OP_READDIR, "readdir" },
235 { SMB_VFS_OP_SEEKDIR, "seekdir" },
236 { SMB_VFS_OP_TELLDIR, "telldir" },
237 { SMB_VFS_OP_REWINDDIR, "rewinddir" },
238 { SMB_VFS_OP_MKDIR, "mkdir" },
239 { SMB_VFS_OP_RMDIR, "rmdir" },
240 { SMB_VFS_OP_CLOSEDIR, "closedir" },
241 { SMB_VFS_OP_INIT_SEARCH_OP, "init_search_op" },
242 { SMB_VFS_OP_OPEN, "open" },
243 { SMB_VFS_OP_CREATE_FILE, "create_file" },
244 { SMB_VFS_OP_CLOSE, "close" },
245 { SMB_VFS_OP_READ, "read" },
246 { SMB_VFS_OP_PREAD, "pread" },
247 { SMB_VFS_OP_WRITE, "write" },
248 { SMB_VFS_OP_PWRITE, "pwrite" },
249 { SMB_VFS_OP_LSEEK, "lseek" },
250 { SMB_VFS_OP_SENDFILE, "sendfile" },
251 { SMB_VFS_OP_RECVFILE, "recvfile" },
252 { SMB_VFS_OP_RENAME, "rename" },
253 { SMB_VFS_OP_FSYNC, "fsync" },
254 { SMB_VFS_OP_STAT, "stat" },
255 { SMB_VFS_OP_FSTAT, "fstat" },
256 { SMB_VFS_OP_LSTAT, "lstat" },
257 { SMB_VFS_OP_GET_ALLOC_SIZE, "get_alloc_size" },
258 { SMB_VFS_OP_UNLINK, "unlink" },
259 { SMB_VFS_OP_CHMOD, "chmod" },
260 { SMB_VFS_OP_FCHMOD, "fchmod" },
261 { SMB_VFS_OP_CHOWN, "chown" },
262 { SMB_VFS_OP_FCHOWN, "fchown" },
263 { SMB_VFS_OP_LCHOWN, "lchown" },
264 { SMB_VFS_OP_CHDIR, "chdir" },
265 { SMB_VFS_OP_GETWD, "getwd" },
266 { SMB_VFS_OP_NTIMES, "ntimes" },
267 { SMB_VFS_OP_FTRUNCATE, "ftruncate" },
268 { SMB_VFS_OP_FALLOCATE,"fallocate" },
269 { SMB_VFS_OP_LOCK, "lock" },
270 { SMB_VFS_OP_KERNEL_FLOCK, "kernel_flock" },
271 { SMB_VFS_OP_LINUX_SETLEASE, "linux_setlease" },
272 { SMB_VFS_OP_GETLOCK, "getlock" },
273 { SMB_VFS_OP_SYMLINK, "symlink" },
274 { SMB_VFS_OP_READLINK, "readlink" },
275 { SMB_VFS_OP_LINK, "link" },
276 { SMB_VFS_OP_MKNOD, "mknod" },
277 { SMB_VFS_OP_REALPATH, "realpath" },
278 { SMB_VFS_OP_NOTIFY_WATCH, "notify_watch" },
279 { SMB_VFS_OP_CHFLAGS, "chflags" },
280 { SMB_VFS_OP_FILE_ID_CREATE, "file_id_create" },
281 { SMB_VFS_OP_STREAMINFO, "streaminfo" },
282 { SMB_VFS_OP_GET_REAL_FILENAME, "get_real_filename" },
283 { SMB_VFS_OP_CONNECTPATH, "connectpath" },
284 { SMB_VFS_OP_BRL_LOCK_WINDOWS, "brl_lock_windows" },
285 { SMB_VFS_OP_BRL_UNLOCK_WINDOWS, "brl_unlock_windows" },
286 { SMB_VFS_OP_BRL_CANCEL_WINDOWS, "brl_cancel_windows" },
287 { SMB_VFS_OP_STRICT_LOCK, "strict_lock" },
288 { SMB_VFS_OP_STRICT_UNLOCK, "strict_unlock" },
289 { SMB_VFS_OP_TRANSLATE_NAME, "translate_name" },
290 { SMB_VFS_OP_FGET_NT_ACL, "fget_nt_acl" },
291 { SMB_VFS_OP_GET_NT_ACL, "get_nt_acl" },
292 { SMB_VFS_OP_FSET_NT_ACL, "fset_nt_acl" },
293 { SMB_VFS_OP_CHMOD_ACL, "chmod_acl" },
294 { SMB_VFS_OP_FCHMOD_ACL, "fchmod_acl" },
295 { SMB_VFS_OP_SYS_ACL_GET_ENTRY, "sys_acl_get_entry" },
296 { SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE, "sys_acl_get_tag_type" },
297 { SMB_VFS_OP_SYS_ACL_GET_PERMSET, "sys_acl_get_permset" },
298 { SMB_VFS_OP_SYS_ACL_GET_QUALIFIER, "sys_acl_get_qualifier" },
299 { SMB_VFS_OP_SYS_ACL_GET_FILE, "sys_acl_get_file" },
300 { SMB_VFS_OP_SYS_ACL_GET_FD, "sys_acl_get_fd" },
301 { SMB_VFS_OP_SYS_ACL_CLEAR_PERMS, "sys_acl_clear_perms" },
302 { SMB_VFS_OP_SYS_ACL_ADD_PERM, "sys_acl_add_perm" },
303 { SMB_VFS_OP_SYS_ACL_TO_TEXT, "sys_acl_to_text" },
304 { SMB_VFS_OP_SYS_ACL_INIT, "sys_acl_init" },
305 { SMB_VFS_OP_SYS_ACL_CREATE_ENTRY, "sys_acl_create_entry" },
306 { SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE, "sys_acl_set_tag_type" },
307 { SMB_VFS_OP_SYS_ACL_SET_QUALIFIER, "sys_acl_set_qualifier" },
308 { SMB_VFS_OP_SYS_ACL_SET_PERMSET, "sys_acl_set_permset" },
309 { SMB_VFS_OP_SYS_ACL_VALID, "sys_acl_valid" },
310 { SMB_VFS_OP_SYS_ACL_SET_FILE, "sys_acl_set_file" },
311 { SMB_VFS_OP_SYS_ACL_SET_FD, "sys_acl_set_fd" },
312 { SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE, "sys_acl_delete_def_file" },
313 { SMB_VFS_OP_SYS_ACL_GET_PERM, "sys_acl_get_perm" },
314 { SMB_VFS_OP_SYS_ACL_FREE_TEXT, "sys_acl_free_text" },
315 { SMB_VFS_OP_SYS_ACL_FREE_ACL, "sys_acl_free_acl" },
316 { SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER, "sys_acl_free_qualifier" },
317 { SMB_VFS_OP_GETXATTR, "getxattr" },
318 { SMB_VFS_OP_LGETXATTR, "lgetxattr" },
319 { SMB_VFS_OP_FGETXATTR, "fgetxattr" },
320 { SMB_VFS_OP_LISTXATTR, "listxattr" },
321 { SMB_VFS_OP_LLISTXATTR, "llistxattr" },
322 { SMB_VFS_OP_FLISTXATTR, "flistxattr" },
323 { SMB_VFS_OP_REMOVEXATTR, "removexattr" },
324 { SMB_VFS_OP_LREMOVEXATTR, "lremovexattr" },
325 { SMB_VFS_OP_FREMOVEXATTR, "fremovexattr" },
326 { SMB_VFS_OP_SETXATTR, "setxattr" },
327 { SMB_VFS_OP_LSETXATTR, "lsetxattr" },
328 { SMB_VFS_OP_FSETXATTR, "fsetxattr" },
329 { SMB_VFS_OP_AIO_READ, "aio_read" },
330 { SMB_VFS_OP_AIO_WRITE, "aio_write" },
331 { SMB_VFS_OP_AIO_RETURN,"aio_return" },
332 { SMB_VFS_OP_AIO_CANCEL,"aio_cancel" },
333 { SMB_VFS_OP_AIO_ERROR, "aio_error" },
334 { SMB_VFS_OP_AIO_FSYNC, "aio_fsync" },
335 { SMB_VFS_OP_AIO_SUSPEND,"aio_suspend" },
336 { SMB_VFS_OP_AIO_FORCE, "aio_force" },
337 { SMB_VFS_OP_IS_OFFLINE, "is_offline" },
338 { SMB_VFS_OP_SET_OFFLINE, "set_offline" },
339 { SMB_VFS_OP_LAST, NULL }
342 static int audit_syslog_facility(vfs_handle_struct *handle)
344 static const struct enum_list enum_log_facilities[] = {
345 { LOG_USER, "USER" },
346 { LOG_LOCAL0, "LOCAL0" },
347 { LOG_LOCAL1, "LOCAL1" },
348 { LOG_LOCAL2, "LOCAL2" },
349 { LOG_LOCAL3, "LOCAL3" },
350 { LOG_LOCAL4, "LOCAL4" },
351 { LOG_LOCAL5, "LOCAL5" },
352 { LOG_LOCAL6, "LOCAL6" },
353 { LOG_LOCAL7, "LOCAL7" }
358 facility = lp_parm_enum(SNUM(handle->conn), "full_audit", "facility", enum_log_facilities, LOG_USER);
363 static int audit_syslog_priority(vfs_handle_struct *handle)
365 static const struct enum_list enum_log_priorities[] = {
366 { LOG_EMERG, "EMERG" },
367 { LOG_ALERT, "ALERT" },
368 { LOG_CRIT, "CRIT" },
370 { LOG_WARNING, "WARNING" },
371 { LOG_NOTICE, "NOTICE" },
372 { LOG_INFO, "INFO" },
373 { LOG_DEBUG, "DEBUG" }
378 priority = lp_parm_enum(SNUM(handle->conn), "full_audit", "priority",
379 enum_log_priorities, LOG_NOTICE);
380 if (priority == -1) {
381 priority = LOG_WARNING;
387 static char *audit_prefix(TALLOC_CTX *ctx, connection_struct *conn)
392 prefix = talloc_strdup(ctx,
393 lp_parm_const_string(SNUM(conn), "full_audit",
398 result = talloc_sub_advanced(ctx,
399 lp_servicename(SNUM(conn)),
400 conn->session_info->unix_name,
402 conn->session_info->utok.gid,
403 conn->session_info->sanitized_username,
404 conn->session_info->info3->base.domain.string,
410 static bool log_success(vfs_handle_struct *handle, vfs_op_type op)
412 struct vfs_full_audit_private_data *pd = NULL;
414 SMB_VFS_HANDLE_GET_DATA(handle, pd,
415 struct vfs_full_audit_private_data,
418 if (pd->success_ops == NULL) {
422 return bitmap_query(pd->success_ops, op);
425 static bool log_failure(vfs_handle_struct *handle, vfs_op_type op)
427 struct vfs_full_audit_private_data *pd = NULL;
429 SMB_VFS_HANDLE_GET_DATA(handle, pd,
430 struct vfs_full_audit_private_data,
433 if (pd->failure_ops == NULL)
436 return bitmap_query(pd->failure_ops, op);
439 static struct bitmap *init_bitmap(TALLOC_CTX *mem_ctx, const char **ops)
447 bm = bitmap_talloc(mem_ctx, SMB_VFS_OP_LAST);
449 DEBUG(0, ("Could not alloc bitmap -- "
450 "defaulting to logging everything\n"));
454 for (; *ops != NULL; ops += 1) {
459 if (strequal(*ops, "all")) {
460 for (i=0; i<SMB_VFS_OP_LAST; i++) {
466 if (strequal(*ops, "none")) {
476 for (i=0; i<SMB_VFS_OP_LAST; i++) {
477 if (vfs_op_names[i].name == NULL) {
478 smb_panic("vfs_full_audit.c: name table not "
479 "in sync with vfs.h\n");
481 if (strequal(op, vfs_op_names[i].name)) {
490 if (i == SMB_VFS_OP_LAST) {
491 DEBUG(0, ("Could not find opname %s, logging all\n",
500 static const char *audit_opname(vfs_op_type op)
502 if (op >= SMB_VFS_OP_LAST)
503 return "INVALID VFS OP";
504 return vfs_op_names[op].name;
507 static TALLOC_CTX *tmp_do_log_ctx;
509 * Get us a temporary talloc context usable just for DEBUG arguments
511 static TALLOC_CTX *do_log_ctx(void)
513 if (tmp_do_log_ctx == NULL) {
514 tmp_do_log_ctx = talloc_named_const(NULL, 0, "do_log_ctx");
516 return tmp_do_log_ctx;
519 static void do_log(vfs_op_type op, bool success, vfs_handle_struct *handle,
520 const char *format, ...)
523 char *audit_pre = NULL;
528 if (success && (!log_success(handle, op)))
531 if (!success && (!log_failure(handle, op)))
535 fstrcpy(err_msg, "ok");
537 fstr_sprintf(err_msg, "fail (%s)", strerror(errno));
539 va_start(ap, format);
540 op_msg = talloc_vasprintf(talloc_tos(), format, ap);
548 * Specify the facility to interoperate with other syslog callers
549 * (smbd for example).
551 priority = audit_syslog_priority(handle) |
552 audit_syslog_facility(handle);
554 audit_pre = audit_prefix(talloc_tos(), handle->conn);
555 syslog(priority, "%s|%s|%s|%s\n",
556 audit_pre ? audit_pre : "",
557 audit_opname(op), err_msg, op_msg);
560 TALLOC_FREE(audit_pre);
562 TALLOC_FREE(tmp_do_log_ctx);
568 * Return a string using the do_log_ctx()
570 static const char *smb_fname_str_do_log(const struct smb_filename *smb_fname)
575 if (smb_fname == NULL) {
578 status = get_full_smb_filename(do_log_ctx(), smb_fname, &fname);
579 if (!NT_STATUS_IS_OK(status)) {
586 * Return an fsp debug string using the do_log_ctx()
588 static const char *fsp_str_do_log(const struct files_struct *fsp)
590 return smb_fname_str_do_log(fsp->fsp_name);
593 /* Implementation of vfs_ops. Pass everything on to the default
594 operation but log event first. */
596 static int smb_full_audit_connect(vfs_handle_struct *handle,
597 const char *svc, const char *user)
600 struct vfs_full_audit_private_data *pd = NULL;
602 result = SMB_VFS_NEXT_CONNECT(handle, svc, user);
607 pd = TALLOC_ZERO_P(handle, struct vfs_full_audit_private_data);
609 SMB_VFS_NEXT_DISCONNECT(handle);
614 openlog("smbd_audit", 0, audit_syslog_facility(handle));
617 pd->success_ops = init_bitmap(
618 pd, lp_parm_string_list(SNUM(handle->conn), "full_audit",
620 pd->failure_ops = init_bitmap(
621 pd, lp_parm_string_list(SNUM(handle->conn), "full_audit",
624 /* Store the private data. */
625 SMB_VFS_HANDLE_SET_DATA(handle, pd, NULL,
626 struct vfs_full_audit_private_data, return -1);
628 do_log(SMB_VFS_OP_CONNECT, True, handle,
634 static void smb_full_audit_disconnect(vfs_handle_struct *handle)
636 SMB_VFS_NEXT_DISCONNECT(handle);
638 do_log(SMB_VFS_OP_DISCONNECT, True, handle,
639 "%s", lp_servicename(SNUM(handle->conn)));
641 /* The bitmaps will be disconnected when the private
647 static uint64_t smb_full_audit_disk_free(vfs_handle_struct *handle,
649 bool small_query, uint64_t *bsize,
650 uint64_t *dfree, uint64_t *dsize)
654 result = SMB_VFS_NEXT_DISK_FREE(handle, path, small_query, bsize,
657 /* Don't have a reasonable notion of failure here */
659 do_log(SMB_VFS_OP_DISK_FREE, True, handle, "%s", path);
664 static int smb_full_audit_get_quota(struct vfs_handle_struct *handle,
665 enum SMB_QUOTA_TYPE qtype, unid_t id,
670 result = SMB_VFS_NEXT_GET_QUOTA(handle, qtype, id, qt);
672 do_log(SMB_VFS_OP_GET_QUOTA, (result >= 0), handle, "");
678 static int smb_full_audit_set_quota(struct vfs_handle_struct *handle,
679 enum SMB_QUOTA_TYPE qtype, unid_t id,
684 result = SMB_VFS_NEXT_SET_QUOTA(handle, qtype, id, qt);
686 do_log(SMB_VFS_OP_SET_QUOTA, (result >= 0), handle, "");
691 static int smb_full_audit_get_shadow_copy_data(struct vfs_handle_struct *handle,
692 struct files_struct *fsp,
693 SHADOW_COPY_DATA *shadow_copy_data, bool labels)
697 result = SMB_VFS_NEXT_GET_SHADOW_COPY_DATA(handle, fsp, shadow_copy_data, labels);
699 do_log(SMB_VFS_OP_GET_SHADOW_COPY_DATA, (result >= 0), handle, "");
704 static int smb_full_audit_statvfs(struct vfs_handle_struct *handle,
706 struct vfs_statvfs_struct *statbuf)
710 result = SMB_VFS_NEXT_STATVFS(handle, path, statbuf);
712 do_log(SMB_VFS_OP_STATVFS, (result >= 0), handle, "");
717 static uint32_t smb_full_audit_fs_capabilities(struct vfs_handle_struct *handle, enum timestamp_set_resolution *p_ts_res)
721 result = SMB_VFS_NEXT_FS_CAPABILITIES(handle, p_ts_res);
723 do_log(SMB_VFS_OP_FS_CAPABILITIES, true, handle, "");
728 static SMB_STRUCT_DIR *smb_full_audit_opendir(vfs_handle_struct *handle,
729 const char *fname, const char *mask, uint32 attr)
731 SMB_STRUCT_DIR *result;
733 result = SMB_VFS_NEXT_OPENDIR(handle, fname, mask, attr);
735 do_log(SMB_VFS_OP_OPENDIR, (result != NULL), handle, "%s", fname);
740 static SMB_STRUCT_DIR *smb_full_audit_fdopendir(vfs_handle_struct *handle,
741 files_struct *fsp, const char *mask, uint32 attr)
743 SMB_STRUCT_DIR *result;
745 result = SMB_VFS_NEXT_FDOPENDIR(handle, fsp, mask, attr);
747 do_log(SMB_VFS_OP_FDOPENDIR, (result != NULL), handle, "%s",
748 fsp_str_do_log(fsp));
753 static SMB_STRUCT_DIRENT *smb_full_audit_readdir(vfs_handle_struct *handle,
754 SMB_STRUCT_DIR *dirp, SMB_STRUCT_STAT *sbuf)
756 SMB_STRUCT_DIRENT *result;
758 result = SMB_VFS_NEXT_READDIR(handle, dirp, sbuf);
760 /* This operation has no reasonable error condition
761 * (End of dir is also failure), so always succeed.
763 do_log(SMB_VFS_OP_READDIR, True, handle, "");
768 static void smb_full_audit_seekdir(vfs_handle_struct *handle,
769 SMB_STRUCT_DIR *dirp, long offset)
771 SMB_VFS_NEXT_SEEKDIR(handle, dirp, offset);
773 do_log(SMB_VFS_OP_SEEKDIR, True, handle, "");
777 static long smb_full_audit_telldir(vfs_handle_struct *handle,
778 SMB_STRUCT_DIR *dirp)
782 result = SMB_VFS_NEXT_TELLDIR(handle, dirp);
784 do_log(SMB_VFS_OP_TELLDIR, True, handle, "");
789 static void smb_full_audit_rewinddir(vfs_handle_struct *handle,
790 SMB_STRUCT_DIR *dirp)
792 SMB_VFS_NEXT_REWINDDIR(handle, dirp);
794 do_log(SMB_VFS_OP_REWINDDIR, True, handle, "");
798 static int smb_full_audit_mkdir(vfs_handle_struct *handle,
799 const char *path, mode_t mode)
803 result = SMB_VFS_NEXT_MKDIR(handle, path, mode);
805 do_log(SMB_VFS_OP_MKDIR, (result >= 0), handle, "%s", path);
810 static int smb_full_audit_rmdir(vfs_handle_struct *handle,
815 result = SMB_VFS_NEXT_RMDIR(handle, path);
817 do_log(SMB_VFS_OP_RMDIR, (result >= 0), handle, "%s", path);
822 static int smb_full_audit_closedir(vfs_handle_struct *handle,
823 SMB_STRUCT_DIR *dirp)
827 result = SMB_VFS_NEXT_CLOSEDIR(handle, dirp);
829 do_log(SMB_VFS_OP_CLOSEDIR, (result >= 0), handle, "");
834 static void smb_full_audit_init_search_op(vfs_handle_struct *handle,
835 SMB_STRUCT_DIR *dirp)
837 SMB_VFS_NEXT_INIT_SEARCH_OP(handle, dirp);
839 do_log(SMB_VFS_OP_INIT_SEARCH_OP, True, handle, "");
843 static int smb_full_audit_open(vfs_handle_struct *handle,
844 struct smb_filename *smb_fname,
845 files_struct *fsp, int flags, mode_t mode)
849 result = SMB_VFS_NEXT_OPEN(handle, smb_fname, fsp, flags, mode);
851 do_log(SMB_VFS_OP_OPEN, (result >= 0), handle, "%s|%s",
852 ((flags & O_WRONLY) || (flags & O_RDWR))?"w":"r",
853 smb_fname_str_do_log(smb_fname));
858 static NTSTATUS smb_full_audit_create_file(vfs_handle_struct *handle,
859 struct smb_request *req,
860 uint16_t root_dir_fid,
861 struct smb_filename *smb_fname,
862 uint32_t access_mask,
863 uint32_t share_access,
864 uint32_t create_disposition,
865 uint32_t create_options,
866 uint32_t file_attributes,
867 uint32_t oplock_request,
868 uint64_t allocation_size,
869 uint32_t private_flags,
870 struct security_descriptor *sd,
871 struct ea_list *ea_list,
872 files_struct **result_fsp,
876 const char* str_create_disposition;
878 switch (create_disposition) {
880 str_create_disposition = "supersede";
882 case FILE_OVERWRITE_IF:
883 str_create_disposition = "overwrite_if";
886 str_create_disposition = "open";
889 str_create_disposition = "overwrite";
892 str_create_disposition = "create";
895 str_create_disposition = "open_if";
898 str_create_disposition = "unknown";
901 result = SMB_VFS_NEXT_CREATE_FILE(
904 root_dir_fid, /* root_dir_fid */
905 smb_fname, /* fname */
906 access_mask, /* access_mask */
907 share_access, /* share_access */
908 create_disposition, /* create_disposition*/
909 create_options, /* create_options */
910 file_attributes, /* file_attributes */
911 oplock_request, /* oplock_request */
912 allocation_size, /* allocation_size */
915 ea_list, /* ea_list */
916 result_fsp, /* result */
919 do_log(SMB_VFS_OP_CREATE_FILE, (NT_STATUS_IS_OK(result)), handle,
920 "0x%x|%s|%s|%s", access_mask,
921 create_options & FILE_DIRECTORY_FILE ? "dir" : "file",
922 str_create_disposition, smb_fname_str_do_log(smb_fname));
927 static int smb_full_audit_close(vfs_handle_struct *handle, files_struct *fsp)
931 result = SMB_VFS_NEXT_CLOSE(handle, fsp);
933 do_log(SMB_VFS_OP_CLOSE, (result >= 0), handle, "%s",
934 fsp_str_do_log(fsp));
939 static ssize_t smb_full_audit_read(vfs_handle_struct *handle, files_struct *fsp,
940 void *data, size_t n)
944 result = SMB_VFS_NEXT_READ(handle, fsp, data, n);
946 do_log(SMB_VFS_OP_READ, (result >= 0), handle, "%s",
947 fsp_str_do_log(fsp));
952 static ssize_t smb_full_audit_pread(vfs_handle_struct *handle, files_struct *fsp,
953 void *data, size_t n, SMB_OFF_T offset)
957 result = SMB_VFS_NEXT_PREAD(handle, fsp, data, n, offset);
959 do_log(SMB_VFS_OP_PREAD, (result >= 0), handle, "%s",
960 fsp_str_do_log(fsp));
965 static ssize_t smb_full_audit_write(vfs_handle_struct *handle, files_struct *fsp,
966 const void *data, size_t n)
970 result = SMB_VFS_NEXT_WRITE(handle, fsp, data, n);
972 do_log(SMB_VFS_OP_WRITE, (result >= 0), handle, "%s",
973 fsp_str_do_log(fsp));
978 static ssize_t smb_full_audit_pwrite(vfs_handle_struct *handle, files_struct *fsp,
979 const void *data, size_t n,
984 result = SMB_VFS_NEXT_PWRITE(handle, fsp, data, n, offset);
986 do_log(SMB_VFS_OP_PWRITE, (result >= 0), handle, "%s",
987 fsp_str_do_log(fsp));
992 static SMB_OFF_T smb_full_audit_lseek(vfs_handle_struct *handle, files_struct *fsp,
993 SMB_OFF_T offset, int whence)
997 result = SMB_VFS_NEXT_LSEEK(handle, fsp, offset, whence);
999 do_log(SMB_VFS_OP_LSEEK, (result != (ssize_t)-1), handle,
1000 "%s", fsp_str_do_log(fsp));
1005 static ssize_t smb_full_audit_sendfile(vfs_handle_struct *handle, int tofd,
1006 files_struct *fromfsp,
1007 const DATA_BLOB *hdr, SMB_OFF_T offset,
1012 result = SMB_VFS_NEXT_SENDFILE(handle, tofd, fromfsp, hdr, offset, n);
1014 do_log(SMB_VFS_OP_SENDFILE, (result >= 0), handle,
1015 "%s", fsp_str_do_log(fromfsp));
1020 static ssize_t smb_full_audit_recvfile(vfs_handle_struct *handle, int fromfd,
1021 files_struct *tofsp,
1027 result = SMB_VFS_NEXT_RECVFILE(handle, fromfd, tofsp, offset, n);
1029 do_log(SMB_VFS_OP_RECVFILE, (result >= 0), handle,
1030 "%s", fsp_str_do_log(tofsp));
1035 static int smb_full_audit_rename(vfs_handle_struct *handle,
1036 const struct smb_filename *smb_fname_src,
1037 const struct smb_filename *smb_fname_dst)
1041 result = SMB_VFS_NEXT_RENAME(handle, smb_fname_src, smb_fname_dst);
1043 do_log(SMB_VFS_OP_RENAME, (result >= 0), handle, "%s|%s",
1044 smb_fname_str_do_log(smb_fname_src),
1045 smb_fname_str_do_log(smb_fname_dst));
1050 static int smb_full_audit_fsync(vfs_handle_struct *handle, files_struct *fsp)
1054 result = SMB_VFS_NEXT_FSYNC(handle, fsp);
1056 do_log(SMB_VFS_OP_FSYNC, (result >= 0), handle, "%s",
1057 fsp_str_do_log(fsp));
1062 static int smb_full_audit_stat(vfs_handle_struct *handle,
1063 struct smb_filename *smb_fname)
1067 result = SMB_VFS_NEXT_STAT(handle, smb_fname);
1069 do_log(SMB_VFS_OP_STAT, (result >= 0), handle, "%s",
1070 smb_fname_str_do_log(smb_fname));
1075 static int smb_full_audit_fstat(vfs_handle_struct *handle, files_struct *fsp,
1076 SMB_STRUCT_STAT *sbuf)
1080 result = SMB_VFS_NEXT_FSTAT(handle, fsp, sbuf);
1082 do_log(SMB_VFS_OP_FSTAT, (result >= 0), handle, "%s",
1083 fsp_str_do_log(fsp));
1088 static int smb_full_audit_lstat(vfs_handle_struct *handle,
1089 struct smb_filename *smb_fname)
1093 result = SMB_VFS_NEXT_LSTAT(handle, smb_fname);
1095 do_log(SMB_VFS_OP_LSTAT, (result >= 0), handle, "%s",
1096 smb_fname_str_do_log(smb_fname));
1101 static uint64_t smb_full_audit_get_alloc_size(vfs_handle_struct *handle,
1102 files_struct *fsp, const SMB_STRUCT_STAT *sbuf)
1106 result = SMB_VFS_NEXT_GET_ALLOC_SIZE(handle, fsp, sbuf);
1108 do_log(SMB_VFS_OP_GET_ALLOC_SIZE, (result != (uint64_t)-1), handle,
1114 static int smb_full_audit_unlink(vfs_handle_struct *handle,
1115 const struct smb_filename *smb_fname)
1119 result = SMB_VFS_NEXT_UNLINK(handle, smb_fname);
1121 do_log(SMB_VFS_OP_UNLINK, (result >= 0), handle, "%s",
1122 smb_fname_str_do_log(smb_fname));
1127 static int smb_full_audit_chmod(vfs_handle_struct *handle,
1128 const char *path, mode_t mode)
1132 result = SMB_VFS_NEXT_CHMOD(handle, path, mode);
1134 do_log(SMB_VFS_OP_CHMOD, (result >= 0), handle, "%s|%o", path, mode);
1139 static int smb_full_audit_fchmod(vfs_handle_struct *handle, files_struct *fsp,
1144 result = SMB_VFS_NEXT_FCHMOD(handle, fsp, mode);
1146 do_log(SMB_VFS_OP_FCHMOD, (result >= 0), handle,
1147 "%s|%o", fsp_str_do_log(fsp), mode);
1152 static int smb_full_audit_chown(vfs_handle_struct *handle,
1153 const char *path, uid_t uid, gid_t gid)
1157 result = SMB_VFS_NEXT_CHOWN(handle, path, uid, gid);
1159 do_log(SMB_VFS_OP_CHOWN, (result >= 0), handle, "%s|%ld|%ld",
1160 path, (long int)uid, (long int)gid);
1165 static int smb_full_audit_fchown(vfs_handle_struct *handle, files_struct *fsp,
1166 uid_t uid, gid_t gid)
1170 result = SMB_VFS_NEXT_FCHOWN(handle, fsp, uid, gid);
1172 do_log(SMB_VFS_OP_FCHOWN, (result >= 0), handle, "%s|%ld|%ld",
1173 fsp_str_do_log(fsp), (long int)uid, (long int)gid);
1178 static int smb_full_audit_lchown(vfs_handle_struct *handle,
1179 const char *path, uid_t uid, gid_t gid)
1183 result = SMB_VFS_NEXT_LCHOWN(handle, path, uid, gid);
1185 do_log(SMB_VFS_OP_LCHOWN, (result >= 0), handle, "%s|%ld|%ld",
1186 path, (long int)uid, (long int)gid);
1191 static int smb_full_audit_chdir(vfs_handle_struct *handle,
1196 result = SMB_VFS_NEXT_CHDIR(handle, path);
1198 do_log(SMB_VFS_OP_CHDIR, (result >= 0), handle, "chdir|%s", path);
1203 static char *smb_full_audit_getwd(vfs_handle_struct *handle,
1208 result = SMB_VFS_NEXT_GETWD(handle, path);
1210 do_log(SMB_VFS_OP_GETWD, (result != NULL), handle, "%s", path);
1215 static int smb_full_audit_ntimes(vfs_handle_struct *handle,
1216 const struct smb_filename *smb_fname,
1217 struct smb_file_time *ft)
1221 result = SMB_VFS_NEXT_NTIMES(handle, smb_fname, ft);
1223 do_log(SMB_VFS_OP_NTIMES, (result >= 0), handle, "%s",
1224 smb_fname_str_do_log(smb_fname));
1229 static int smb_full_audit_ftruncate(vfs_handle_struct *handle, files_struct *fsp,
1234 result = SMB_VFS_NEXT_FTRUNCATE(handle, fsp, len);
1236 do_log(SMB_VFS_OP_FTRUNCATE, (result >= 0), handle,
1237 "%s", fsp_str_do_log(fsp));
1242 static int smb_full_audit_fallocate(vfs_handle_struct *handle, files_struct *fsp,
1243 enum vfs_fallocate_mode mode,
1249 result = SMB_VFS_NEXT_FALLOCATE(handle, fsp, mode, offset, len);
1251 do_log(SMB_VFS_OP_FALLOCATE, (result >= 0), handle,
1252 "%s", fsp_str_do_log(fsp));
1257 static bool smb_full_audit_lock(vfs_handle_struct *handle, files_struct *fsp,
1258 int op, SMB_OFF_T offset, SMB_OFF_T count, int type)
1262 result = SMB_VFS_NEXT_LOCK(handle, fsp, op, offset, count, type);
1264 do_log(SMB_VFS_OP_LOCK, result, handle, "%s", fsp_str_do_log(fsp));
1269 static int smb_full_audit_kernel_flock(struct vfs_handle_struct *handle,
1270 struct files_struct *fsp,
1271 uint32 share_mode, uint32 access_mask)
1275 result = SMB_VFS_NEXT_KERNEL_FLOCK(handle, fsp, share_mode, access_mask);
1277 do_log(SMB_VFS_OP_KERNEL_FLOCK, (result >= 0), handle, "%s",
1278 fsp_str_do_log(fsp));
1283 static int smb_full_audit_linux_setlease(vfs_handle_struct *handle, files_struct *fsp,
1288 result = SMB_VFS_NEXT_LINUX_SETLEASE(handle, fsp, leasetype);
1290 do_log(SMB_VFS_OP_LINUX_SETLEASE, (result >= 0), handle, "%s",
1291 fsp_str_do_log(fsp));
1296 static bool smb_full_audit_getlock(vfs_handle_struct *handle, files_struct *fsp,
1297 SMB_OFF_T *poffset, SMB_OFF_T *pcount, int *ptype, pid_t *ppid)
1301 result = SMB_VFS_NEXT_GETLOCK(handle, fsp, poffset, pcount, ptype, ppid);
1303 do_log(SMB_VFS_OP_GETLOCK, result, handle, "%s", fsp_str_do_log(fsp));
1308 static int smb_full_audit_symlink(vfs_handle_struct *handle,
1309 const char *oldpath, const char *newpath)
1313 result = SMB_VFS_NEXT_SYMLINK(handle, oldpath, newpath);
1315 do_log(SMB_VFS_OP_SYMLINK, (result >= 0), handle,
1316 "%s|%s", oldpath, newpath);
1321 static int smb_full_audit_readlink(vfs_handle_struct *handle,
1322 const char *path, char *buf, size_t bufsiz)
1326 result = SMB_VFS_NEXT_READLINK(handle, path, buf, bufsiz);
1328 do_log(SMB_VFS_OP_READLINK, (result >= 0), handle, "%s", path);
1333 static int smb_full_audit_link(vfs_handle_struct *handle,
1334 const char *oldpath, const char *newpath)
1338 result = SMB_VFS_NEXT_LINK(handle, oldpath, newpath);
1340 do_log(SMB_VFS_OP_LINK, (result >= 0), handle,
1341 "%s|%s", oldpath, newpath);
1346 static int smb_full_audit_mknod(vfs_handle_struct *handle,
1347 const char *pathname, mode_t mode, SMB_DEV_T dev)
1351 result = SMB_VFS_NEXT_MKNOD(handle, pathname, mode, dev);
1353 do_log(SMB_VFS_OP_MKNOD, (result >= 0), handle, "%s", pathname);
1358 static char *smb_full_audit_realpath(vfs_handle_struct *handle,
1363 result = SMB_VFS_NEXT_REALPATH(handle, path);
1365 do_log(SMB_VFS_OP_REALPATH, (result != NULL), handle, "%s", path);
1370 static NTSTATUS smb_full_audit_notify_watch(struct vfs_handle_struct *handle,
1371 struct sys_notify_context *ctx,
1372 struct notify_entry *e,
1373 void (*callback)(struct sys_notify_context *ctx,
1375 struct notify_event *ev),
1376 void *private_data, void *handle_p)
1380 result = SMB_VFS_NEXT_NOTIFY_WATCH(handle, ctx, e, callback, private_data, handle_p);
1382 do_log(SMB_VFS_OP_NOTIFY_WATCH, NT_STATUS_IS_OK(result), handle, "");
1387 static int smb_full_audit_chflags(vfs_handle_struct *handle,
1388 const char *path, unsigned int flags)
1392 result = SMB_VFS_NEXT_CHFLAGS(handle, path, flags);
1394 do_log(SMB_VFS_OP_CHFLAGS, (result != 0), handle, "%s", path);
1399 static struct file_id smb_full_audit_file_id_create(struct vfs_handle_struct *handle,
1400 const SMB_STRUCT_STAT *sbuf)
1402 struct file_id id_zero;
1403 struct file_id result;
1405 ZERO_STRUCT(id_zero);
1407 result = SMB_VFS_NEXT_FILE_ID_CREATE(handle, sbuf);
1409 do_log(SMB_VFS_OP_FILE_ID_CREATE,
1410 !file_id_equal(&id_zero, &result),
1411 handle, "%s", file_id_string_tos(&result));
1416 static NTSTATUS smb_full_audit_streaminfo(vfs_handle_struct *handle,
1417 struct files_struct *fsp,
1419 TALLOC_CTX *mem_ctx,
1420 unsigned int *pnum_streams,
1421 struct stream_struct **pstreams)
1425 result = SMB_VFS_NEXT_STREAMINFO(handle, fsp, fname, mem_ctx,
1426 pnum_streams, pstreams);
1428 do_log(SMB_VFS_OP_STREAMINFO, NT_STATUS_IS_OK(result), handle,
1434 static int smb_full_audit_get_real_filename(struct vfs_handle_struct *handle,
1437 TALLOC_CTX *mem_ctx,
1442 result = SMB_VFS_NEXT_GET_REAL_FILENAME(handle, path, name, mem_ctx,
1445 do_log(SMB_VFS_OP_GET_REAL_FILENAME, (result == 0), handle,
1446 "%s/%s->%s", path, name, (result == 0) ? "" : *found_name);
1451 static const char *smb_full_audit_connectpath(vfs_handle_struct *handle,
1456 result = SMB_VFS_NEXT_CONNECTPATH(handle, fname);
1458 do_log(SMB_VFS_OP_CONNECTPATH, result != NULL, handle,
1464 static NTSTATUS smb_full_audit_brl_lock_windows(struct vfs_handle_struct *handle,
1465 struct byte_range_lock *br_lck,
1466 struct lock_struct *plock,
1468 struct blocking_lock_record *blr)
1472 result = SMB_VFS_NEXT_BRL_LOCK_WINDOWS(handle, br_lck, plock,
1473 blocking_lock, blr);
1475 do_log(SMB_VFS_OP_BRL_LOCK_WINDOWS, NT_STATUS_IS_OK(result), handle,
1476 "%s:%llu-%llu. type=%d. blocking=%d", fsp_str_do_log(br_lck->fsp),
1477 plock->start, plock->size, plock->lock_type, blocking_lock );
1482 static bool smb_full_audit_brl_unlock_windows(struct vfs_handle_struct *handle,
1483 struct messaging_context *msg_ctx,
1484 struct byte_range_lock *br_lck,
1485 const struct lock_struct *plock)
1489 result = SMB_VFS_NEXT_BRL_UNLOCK_WINDOWS(handle, msg_ctx, br_lck,
1492 do_log(SMB_VFS_OP_BRL_UNLOCK_WINDOWS, (result == 0), handle,
1493 "%s:%llu-%llu:%d", fsp_str_do_log(br_lck->fsp), plock->start,
1494 plock->size, plock->lock_type);
1499 static bool smb_full_audit_brl_cancel_windows(struct vfs_handle_struct *handle,
1500 struct byte_range_lock *br_lck,
1501 struct lock_struct *plock,
1502 struct blocking_lock_record *blr)
1506 result = SMB_VFS_NEXT_BRL_CANCEL_WINDOWS(handle, br_lck, plock, blr);
1508 do_log(SMB_VFS_OP_BRL_CANCEL_WINDOWS, (result == 0), handle,
1509 "%s:%llu-%llu:%d", fsp_str_do_log(br_lck->fsp), plock->start,
1515 static bool smb_full_audit_strict_lock(struct vfs_handle_struct *handle,
1516 struct files_struct *fsp,
1517 struct lock_struct *plock)
1521 result = SMB_VFS_NEXT_STRICT_LOCK(handle, fsp, plock);
1523 do_log(SMB_VFS_OP_STRICT_LOCK, result, handle,
1524 "%s:%llu-%llu:%d", fsp_str_do_log(fsp), plock->start,
1530 static void smb_full_audit_strict_unlock(struct vfs_handle_struct *handle,
1531 struct files_struct *fsp,
1532 struct lock_struct *plock)
1534 SMB_VFS_NEXT_STRICT_UNLOCK(handle, fsp, plock);
1536 do_log(SMB_VFS_OP_STRICT_UNLOCK, true, handle,
1537 "%s:%llu-%llu:%d", fsp_str_do_log(fsp), plock->start,
1543 static NTSTATUS smb_full_audit_translate_name(struct vfs_handle_struct *handle,
1545 enum vfs_translate_direction direction,
1546 TALLOC_CTX *mem_ctx,
1551 result = SMB_VFS_NEXT_TRANSLATE_NAME(handle, name, direction, mem_ctx,
1554 do_log(SMB_VFS_OP_TRANSLATE_NAME, NT_STATUS_IS_OK(result), handle, "");
1559 static NTSTATUS smb_full_audit_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
1560 uint32 security_info,
1561 struct security_descriptor **ppdesc)
1565 result = SMB_VFS_NEXT_FGET_NT_ACL(handle, fsp, security_info, ppdesc);
1567 do_log(SMB_VFS_OP_FGET_NT_ACL, NT_STATUS_IS_OK(result), handle,
1568 "%s", fsp_str_do_log(fsp));
1573 static NTSTATUS smb_full_audit_get_nt_acl(vfs_handle_struct *handle,
1575 uint32 security_info,
1576 struct security_descriptor **ppdesc)
1580 result = SMB_VFS_NEXT_GET_NT_ACL(handle, name, security_info, ppdesc);
1582 do_log(SMB_VFS_OP_GET_NT_ACL, NT_STATUS_IS_OK(result), handle,
1588 static NTSTATUS smb_full_audit_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
1589 uint32 security_info_sent,
1590 const struct security_descriptor *psd)
1594 result = SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, security_info_sent, psd);
1596 do_log(SMB_VFS_OP_FSET_NT_ACL, NT_STATUS_IS_OK(result), handle, "%s",
1597 fsp_str_do_log(fsp));
1602 static int smb_full_audit_chmod_acl(vfs_handle_struct *handle,
1603 const char *path, mode_t mode)
1607 result = SMB_VFS_NEXT_CHMOD_ACL(handle, path, mode);
1609 do_log(SMB_VFS_OP_CHMOD_ACL, (result >= 0), handle,
1610 "%s|%o", path, mode);
1615 static int smb_full_audit_fchmod_acl(vfs_handle_struct *handle, files_struct *fsp,
1620 result = SMB_VFS_NEXT_FCHMOD_ACL(handle, fsp, mode);
1622 do_log(SMB_VFS_OP_FCHMOD_ACL, (result >= 0), handle,
1623 "%s|%o", fsp_str_do_log(fsp), mode);
1628 static int smb_full_audit_sys_acl_get_entry(vfs_handle_struct *handle,
1630 SMB_ACL_T theacl, int entry_id,
1631 SMB_ACL_ENTRY_T *entry_p)
1635 result = SMB_VFS_NEXT_SYS_ACL_GET_ENTRY(handle, theacl, entry_id,
1638 do_log(SMB_VFS_OP_SYS_ACL_GET_ENTRY, (result >= 0), handle,
1644 static int smb_full_audit_sys_acl_get_tag_type(vfs_handle_struct *handle,
1646 SMB_ACL_ENTRY_T entry_d,
1647 SMB_ACL_TAG_T *tag_type_p)
1651 result = SMB_VFS_NEXT_SYS_ACL_GET_TAG_TYPE(handle, entry_d,
1654 do_log(SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE, (result >= 0), handle,
1660 static int smb_full_audit_sys_acl_get_permset(vfs_handle_struct *handle,
1662 SMB_ACL_ENTRY_T entry_d,
1663 SMB_ACL_PERMSET_T *permset_p)
1667 result = SMB_VFS_NEXT_SYS_ACL_GET_PERMSET(handle, entry_d,
1670 do_log(SMB_VFS_OP_SYS_ACL_GET_PERMSET, (result >= 0), handle,
1676 static void * smb_full_audit_sys_acl_get_qualifier(vfs_handle_struct *handle,
1678 SMB_ACL_ENTRY_T entry_d)
1682 result = SMB_VFS_NEXT_SYS_ACL_GET_QUALIFIER(handle, entry_d);
1684 do_log(SMB_VFS_OP_SYS_ACL_GET_QUALIFIER, (result != NULL), handle,
1690 static SMB_ACL_T smb_full_audit_sys_acl_get_file(vfs_handle_struct *handle,
1692 SMB_ACL_TYPE_T type)
1696 result = SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p, type);
1698 do_log(SMB_VFS_OP_SYS_ACL_GET_FILE, (result != NULL), handle,
1704 static SMB_ACL_T smb_full_audit_sys_acl_get_fd(vfs_handle_struct *handle,
1709 result = SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp);
1711 do_log(SMB_VFS_OP_SYS_ACL_GET_FD, (result != NULL), handle,
1712 "%s", fsp_str_do_log(fsp));
1717 static int smb_full_audit_sys_acl_clear_perms(vfs_handle_struct *handle,
1719 SMB_ACL_PERMSET_T permset)
1723 result = SMB_VFS_NEXT_SYS_ACL_CLEAR_PERMS(handle, permset);
1725 do_log(SMB_VFS_OP_SYS_ACL_CLEAR_PERMS, (result >= 0), handle,
1731 static int smb_full_audit_sys_acl_add_perm(vfs_handle_struct *handle,
1733 SMB_ACL_PERMSET_T permset,
1734 SMB_ACL_PERM_T perm)
1738 result = SMB_VFS_NEXT_SYS_ACL_ADD_PERM(handle, permset, perm);
1740 do_log(SMB_VFS_OP_SYS_ACL_ADD_PERM, (result >= 0), handle,
1746 static char * smb_full_audit_sys_acl_to_text(vfs_handle_struct *handle,
1752 result = SMB_VFS_NEXT_SYS_ACL_TO_TEXT(handle, theacl, plen);
1754 do_log(SMB_VFS_OP_SYS_ACL_TO_TEXT, (result != NULL), handle,
1760 static SMB_ACL_T smb_full_audit_sys_acl_init(vfs_handle_struct *handle,
1766 result = SMB_VFS_NEXT_SYS_ACL_INIT(handle, count);
1768 do_log(SMB_VFS_OP_SYS_ACL_INIT, (result != NULL), handle,
1774 static int smb_full_audit_sys_acl_create_entry(vfs_handle_struct *handle,
1776 SMB_ACL_ENTRY_T *pentry)
1780 result = SMB_VFS_NEXT_SYS_ACL_CREATE_ENTRY(handle, pacl, pentry);
1782 do_log(SMB_VFS_OP_SYS_ACL_CREATE_ENTRY, (result >= 0), handle,
1788 static int smb_full_audit_sys_acl_set_tag_type(vfs_handle_struct *handle,
1790 SMB_ACL_ENTRY_T entry,
1791 SMB_ACL_TAG_T tagtype)
1795 result = SMB_VFS_NEXT_SYS_ACL_SET_TAG_TYPE(handle, entry,
1798 do_log(SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE, (result >= 0), handle,
1804 static int smb_full_audit_sys_acl_set_qualifier(vfs_handle_struct *handle,
1806 SMB_ACL_ENTRY_T entry,
1811 result = SMB_VFS_NEXT_SYS_ACL_SET_QUALIFIER(handle, entry, qual);
1813 do_log(SMB_VFS_OP_SYS_ACL_SET_QUALIFIER, (result >= 0), handle,
1819 static int smb_full_audit_sys_acl_set_permset(vfs_handle_struct *handle,
1821 SMB_ACL_ENTRY_T entry,
1822 SMB_ACL_PERMSET_T permset)
1826 result = SMB_VFS_NEXT_SYS_ACL_SET_PERMSET(handle, entry, permset);
1828 do_log(SMB_VFS_OP_SYS_ACL_SET_PERMSET, (result >= 0), handle,
1834 static int smb_full_audit_sys_acl_valid(vfs_handle_struct *handle,
1840 result = SMB_VFS_NEXT_SYS_ACL_VALID(handle, theacl);
1842 do_log(SMB_VFS_OP_SYS_ACL_VALID, (result >= 0), handle,
1848 static int smb_full_audit_sys_acl_set_file(vfs_handle_struct *handle,
1850 const char *name, SMB_ACL_TYPE_T acltype,
1855 result = SMB_VFS_NEXT_SYS_ACL_SET_FILE(handle, name, acltype,
1858 do_log(SMB_VFS_OP_SYS_ACL_SET_FILE, (result >= 0), handle,
1864 static int smb_full_audit_sys_acl_set_fd(vfs_handle_struct *handle, files_struct *fsp,
1869 result = SMB_VFS_NEXT_SYS_ACL_SET_FD(handle, fsp, theacl);
1871 do_log(SMB_VFS_OP_SYS_ACL_SET_FD, (result >= 0), handle,
1872 "%s", fsp_str_do_log(fsp));
1877 static int smb_full_audit_sys_acl_delete_def_file(vfs_handle_struct *handle,
1883 result = SMB_VFS_NEXT_SYS_ACL_DELETE_DEF_FILE(handle, path);
1885 do_log(SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE, (result >= 0), handle,
1891 static int smb_full_audit_sys_acl_get_perm(vfs_handle_struct *handle,
1893 SMB_ACL_PERMSET_T permset,
1894 SMB_ACL_PERM_T perm)
1898 result = SMB_VFS_NEXT_SYS_ACL_GET_PERM(handle, permset, perm);
1900 do_log(SMB_VFS_OP_SYS_ACL_GET_PERM, (result >= 0), handle,
1906 static int smb_full_audit_sys_acl_free_text(vfs_handle_struct *handle,
1912 result = SMB_VFS_NEXT_SYS_ACL_FREE_TEXT(handle, text);
1914 do_log(SMB_VFS_OP_SYS_ACL_FREE_TEXT, (result >= 0), handle,
1920 static int smb_full_audit_sys_acl_free_acl(vfs_handle_struct *handle,
1922 SMB_ACL_T posix_acl)
1926 result = SMB_VFS_NEXT_SYS_ACL_FREE_ACL(handle, posix_acl);
1928 do_log(SMB_VFS_OP_SYS_ACL_FREE_ACL, (result >= 0), handle,
1934 static int smb_full_audit_sys_acl_free_qualifier(vfs_handle_struct *handle,
1936 SMB_ACL_TAG_T tagtype)
1940 result = SMB_VFS_NEXT_SYS_ACL_FREE_QUALIFIER(handle, qualifier,
1943 do_log(SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER, (result >= 0), handle,
1949 static ssize_t smb_full_audit_getxattr(struct vfs_handle_struct *handle,
1951 const char *name, void *value, size_t size)
1955 result = SMB_VFS_NEXT_GETXATTR(handle, path, name, value, size);
1957 do_log(SMB_VFS_OP_GETXATTR, (result >= 0), handle,
1958 "%s|%s", path, name);
1963 static ssize_t smb_full_audit_lgetxattr(struct vfs_handle_struct *handle,
1964 const char *path, const char *name,
1965 void *value, size_t size)
1969 result = SMB_VFS_NEXT_LGETXATTR(handle, path, name, value, size);
1971 do_log(SMB_VFS_OP_LGETXATTR, (result >= 0), handle,
1972 "%s|%s", path, name);
1977 static ssize_t smb_full_audit_fgetxattr(struct vfs_handle_struct *handle,
1978 struct files_struct *fsp,
1979 const char *name, void *value, size_t size)
1983 result = SMB_VFS_NEXT_FGETXATTR(handle, fsp, name, value, size);
1985 do_log(SMB_VFS_OP_FGETXATTR, (result >= 0), handle,
1986 "%s|%s", fsp_str_do_log(fsp), name);
1991 static ssize_t smb_full_audit_listxattr(struct vfs_handle_struct *handle,
1992 const char *path, char *list, size_t size)
1996 result = SMB_VFS_NEXT_LISTXATTR(handle, path, list, size);
1998 do_log(SMB_VFS_OP_LISTXATTR, (result >= 0), handle, "%s", path);
2003 static ssize_t smb_full_audit_llistxattr(struct vfs_handle_struct *handle,
2004 const char *path, char *list, size_t size)
2008 result = SMB_VFS_NEXT_LLISTXATTR(handle, path, list, size);
2010 do_log(SMB_VFS_OP_LLISTXATTR, (result >= 0), handle, "%s", path);
2015 static ssize_t smb_full_audit_flistxattr(struct vfs_handle_struct *handle,
2016 struct files_struct *fsp, char *list,
2021 result = SMB_VFS_NEXT_FLISTXATTR(handle, fsp, list, size);
2023 do_log(SMB_VFS_OP_FLISTXATTR, (result >= 0), handle,
2024 "%s", fsp_str_do_log(fsp));
2029 static int smb_full_audit_removexattr(struct vfs_handle_struct *handle,
2035 result = SMB_VFS_NEXT_REMOVEXATTR(handle, path, name);
2037 do_log(SMB_VFS_OP_REMOVEXATTR, (result >= 0), handle,
2038 "%s|%s", path, name);
2043 static int smb_full_audit_lremovexattr(struct vfs_handle_struct *handle,
2049 result = SMB_VFS_NEXT_LREMOVEXATTR(handle, path, name);
2051 do_log(SMB_VFS_OP_LREMOVEXATTR, (result >= 0), handle,
2052 "%s|%s", path, name);
2057 static int smb_full_audit_fremovexattr(struct vfs_handle_struct *handle,
2058 struct files_struct *fsp,
2063 result = SMB_VFS_NEXT_FREMOVEXATTR(handle, fsp, name);
2065 do_log(SMB_VFS_OP_FREMOVEXATTR, (result >= 0), handle,
2066 "%s|%s", fsp_str_do_log(fsp), name);
2071 static int smb_full_audit_setxattr(struct vfs_handle_struct *handle,
2073 const char *name, const void *value, size_t size,
2078 result = SMB_VFS_NEXT_SETXATTR(handle, path, name, value, size,
2081 do_log(SMB_VFS_OP_SETXATTR, (result >= 0), handle,
2082 "%s|%s", path, name);
2087 static int smb_full_audit_lsetxattr(struct vfs_handle_struct *handle,
2089 const char *name, const void *value, size_t size,
2094 result = SMB_VFS_NEXT_LSETXATTR(handle, path, name, value, size,
2097 do_log(SMB_VFS_OP_LSETXATTR, (result >= 0), handle,
2098 "%s|%s", path, name);
2103 static int smb_full_audit_fsetxattr(struct vfs_handle_struct *handle,
2104 struct files_struct *fsp, const char *name,
2105 const void *value, size_t size, int flags)
2109 result = SMB_VFS_NEXT_FSETXATTR(handle, fsp, name, value, size, flags);
2111 do_log(SMB_VFS_OP_FSETXATTR, (result >= 0), handle,
2112 "%s|%s", fsp_str_do_log(fsp), name);
2117 static int smb_full_audit_aio_read(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb)
2121 result = SMB_VFS_NEXT_AIO_READ(handle, fsp, aiocb);
2122 do_log(SMB_VFS_OP_AIO_READ, (result >= 0), handle,
2123 "%s", fsp_str_do_log(fsp));
2128 static int smb_full_audit_aio_write(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb)
2132 result = SMB_VFS_NEXT_AIO_WRITE(handle, fsp, aiocb);
2133 do_log(SMB_VFS_OP_AIO_WRITE, (result >= 0), handle,
2134 "%s", fsp_str_do_log(fsp));
2139 static ssize_t smb_full_audit_aio_return(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb)
2143 result = SMB_VFS_NEXT_AIO_RETURN(handle, fsp, aiocb);
2144 do_log(SMB_VFS_OP_AIO_RETURN, (result >= 0), handle,
2145 "%s", fsp_str_do_log(fsp));
2150 static int smb_full_audit_aio_cancel(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb)
2154 result = SMB_VFS_NEXT_AIO_CANCEL(handle, fsp, aiocb);
2155 do_log(SMB_VFS_OP_AIO_CANCEL, (result >= 0), handle,
2156 "%s", fsp_str_do_log(fsp));
2161 static int smb_full_audit_aio_error(struct vfs_handle_struct *handle, struct files_struct *fsp, SMB_STRUCT_AIOCB *aiocb)
2165 result = SMB_VFS_NEXT_AIO_ERROR(handle, fsp, aiocb);
2166 do_log(SMB_VFS_OP_AIO_ERROR, (result >= 0), handle,
2167 "%s", fsp_str_do_log(fsp));
2172 static int smb_full_audit_aio_fsync(struct vfs_handle_struct *handle, struct files_struct *fsp, int op, SMB_STRUCT_AIOCB *aiocb)
2176 result = SMB_VFS_NEXT_AIO_FSYNC(handle, fsp, op, aiocb);
2177 do_log(SMB_VFS_OP_AIO_FSYNC, (result >= 0), handle,
2178 "%s", fsp_str_do_log(fsp));
2183 static int smb_full_audit_aio_suspend(struct vfs_handle_struct *handle, struct files_struct *fsp, const SMB_STRUCT_AIOCB * const aiocb[], int n, const struct timespec *ts)
2187 result = SMB_VFS_NEXT_AIO_SUSPEND(handle, fsp, aiocb, n, ts);
2188 do_log(SMB_VFS_OP_AIO_SUSPEND, (result >= 0), handle,
2189 "%s", fsp_str_do_log(fsp));
2194 static bool smb_full_audit_aio_force(struct vfs_handle_struct *handle,
2195 struct files_struct *fsp)
2199 result = SMB_VFS_NEXT_AIO_FORCE(handle, fsp);
2200 do_log(SMB_VFS_OP_AIO_FORCE, result, handle,
2201 "%s", fsp_str_do_log(fsp));
2206 static bool smb_full_audit_is_offline(struct vfs_handle_struct *handle,
2207 const struct smb_filename *fname,
2208 SMB_STRUCT_STAT *sbuf)
2212 result = SMB_VFS_NEXT_IS_OFFLINE(handle, fname, sbuf);
2213 do_log(SMB_VFS_OP_IS_OFFLINE, result, handle, "%s",
2214 smb_fname_str_do_log(fname));
2218 static int smb_full_audit_set_offline(struct vfs_handle_struct *handle,
2219 const struct smb_filename *fname)
2223 result = SMB_VFS_NEXT_SET_OFFLINE(handle, fname);
2224 do_log(SMB_VFS_OP_SET_OFFLINE, result >= 0, handle, "%s",
2225 smb_fname_str_do_log(fname));
2229 static struct vfs_fn_pointers vfs_full_audit_fns = {
2231 /* Disk operations */
2233 .connect_fn = smb_full_audit_connect,
2234 .disconnect = smb_full_audit_disconnect,
2235 .disk_free = smb_full_audit_disk_free,
2236 .get_quota = smb_full_audit_get_quota,
2237 .set_quota = smb_full_audit_set_quota,
2238 .get_shadow_copy_data = smb_full_audit_get_shadow_copy_data,
2239 .statvfs = smb_full_audit_statvfs,
2240 .fs_capabilities = smb_full_audit_fs_capabilities,
2241 .opendir = smb_full_audit_opendir,
2242 .fdopendir = smb_full_audit_fdopendir,
2243 .readdir = smb_full_audit_readdir,
2244 .seekdir = smb_full_audit_seekdir,
2245 .telldir = smb_full_audit_telldir,
2246 .rewind_dir = smb_full_audit_rewinddir,
2247 .mkdir = smb_full_audit_mkdir,
2248 .rmdir = smb_full_audit_rmdir,
2249 .closedir = smb_full_audit_closedir,
2250 .init_search_op = smb_full_audit_init_search_op,
2251 .open = smb_full_audit_open,
2252 .create_file = smb_full_audit_create_file,
2253 .close_fn = smb_full_audit_close,
2254 .vfs_read = smb_full_audit_read,
2255 .pread = smb_full_audit_pread,
2256 .write = smb_full_audit_write,
2257 .pwrite = smb_full_audit_pwrite,
2258 .lseek = smb_full_audit_lseek,
2259 .sendfile = smb_full_audit_sendfile,
2260 .recvfile = smb_full_audit_recvfile,
2261 .rename = smb_full_audit_rename,
2262 .fsync = smb_full_audit_fsync,
2263 .stat = smb_full_audit_stat,
2264 .fstat = smb_full_audit_fstat,
2265 .lstat = smb_full_audit_lstat,
2266 .get_alloc_size = smb_full_audit_get_alloc_size,
2267 .unlink = smb_full_audit_unlink,
2268 .chmod = smb_full_audit_chmod,
2269 .fchmod = smb_full_audit_fchmod,
2270 .chown = smb_full_audit_chown,
2271 .fchown = smb_full_audit_fchown,
2272 .lchown = smb_full_audit_lchown,
2273 .chdir = smb_full_audit_chdir,
2274 .getwd = smb_full_audit_getwd,
2275 .ntimes = smb_full_audit_ntimes,
2276 .ftruncate = smb_full_audit_ftruncate,
2277 .fallocate = smb_full_audit_fallocate,
2278 .lock = smb_full_audit_lock,
2279 .kernel_flock = smb_full_audit_kernel_flock,
2280 .linux_setlease = smb_full_audit_linux_setlease,
2281 .getlock = smb_full_audit_getlock,
2282 .symlink = smb_full_audit_symlink,
2283 .vfs_readlink = smb_full_audit_readlink,
2284 .link = smb_full_audit_link,
2285 .mknod = smb_full_audit_mknod,
2286 .realpath = smb_full_audit_realpath,
2287 .notify_watch = smb_full_audit_notify_watch,
2288 .chflags = smb_full_audit_chflags,
2289 .file_id_create = smb_full_audit_file_id_create,
2290 .streaminfo = smb_full_audit_streaminfo,
2291 .get_real_filename = smb_full_audit_get_real_filename,
2292 .connectpath = smb_full_audit_connectpath,
2293 .brl_lock_windows = smb_full_audit_brl_lock_windows,
2294 .brl_unlock_windows = smb_full_audit_brl_unlock_windows,
2295 .brl_cancel_windows = smb_full_audit_brl_cancel_windows,
2296 .strict_lock = smb_full_audit_strict_lock,
2297 .strict_unlock = smb_full_audit_strict_unlock,
2298 .translate_name = smb_full_audit_translate_name,
2299 .fget_nt_acl = smb_full_audit_fget_nt_acl,
2300 .get_nt_acl = smb_full_audit_get_nt_acl,
2301 .fset_nt_acl = smb_full_audit_fset_nt_acl,
2302 .chmod_acl = smb_full_audit_chmod_acl,
2303 .fchmod_acl = smb_full_audit_fchmod_acl,
2304 .sys_acl_get_entry = smb_full_audit_sys_acl_get_entry,
2305 .sys_acl_get_tag_type = smb_full_audit_sys_acl_get_tag_type,
2306 .sys_acl_get_permset = smb_full_audit_sys_acl_get_permset,
2307 .sys_acl_get_qualifier = smb_full_audit_sys_acl_get_qualifier,
2308 .sys_acl_get_file = smb_full_audit_sys_acl_get_file,
2309 .sys_acl_get_fd = smb_full_audit_sys_acl_get_fd,
2310 .sys_acl_clear_perms = smb_full_audit_sys_acl_clear_perms,
2311 .sys_acl_add_perm = smb_full_audit_sys_acl_add_perm,
2312 .sys_acl_to_text = smb_full_audit_sys_acl_to_text,
2313 .sys_acl_init = smb_full_audit_sys_acl_init,
2314 .sys_acl_create_entry = smb_full_audit_sys_acl_create_entry,
2315 .sys_acl_set_tag_type = smb_full_audit_sys_acl_set_tag_type,
2316 .sys_acl_set_qualifier = smb_full_audit_sys_acl_set_qualifier,
2317 .sys_acl_set_permset = smb_full_audit_sys_acl_set_permset,
2318 .sys_acl_valid = smb_full_audit_sys_acl_valid,
2319 .sys_acl_set_file = smb_full_audit_sys_acl_set_file,
2320 .sys_acl_set_fd = smb_full_audit_sys_acl_set_fd,
2321 .sys_acl_delete_def_file = smb_full_audit_sys_acl_delete_def_file,
2322 .sys_acl_get_perm = smb_full_audit_sys_acl_get_perm,
2323 .sys_acl_free_text = smb_full_audit_sys_acl_free_text,
2324 .sys_acl_free_acl = smb_full_audit_sys_acl_free_acl,
2325 .sys_acl_free_qualifier = smb_full_audit_sys_acl_free_qualifier,
2326 .getxattr = smb_full_audit_getxattr,
2327 .lgetxattr = smb_full_audit_lgetxattr,
2328 .fgetxattr = smb_full_audit_fgetxattr,
2329 .listxattr = smb_full_audit_listxattr,
2330 .llistxattr = smb_full_audit_llistxattr,
2331 .flistxattr = smb_full_audit_flistxattr,
2332 .removexattr = smb_full_audit_removexattr,
2333 .lremovexattr = smb_full_audit_lremovexattr,
2334 .fremovexattr = smb_full_audit_fremovexattr,
2335 .setxattr = smb_full_audit_setxattr,
2336 .lsetxattr = smb_full_audit_lsetxattr,
2337 .fsetxattr = smb_full_audit_fsetxattr,
2338 .aio_read = smb_full_audit_aio_read,
2339 .aio_write = smb_full_audit_aio_write,
2340 .aio_return_fn = smb_full_audit_aio_return,
2341 .aio_cancel = smb_full_audit_aio_cancel,
2342 .aio_error_fn = smb_full_audit_aio_error,
2343 .aio_fsync = smb_full_audit_aio_fsync,
2344 .aio_suspend = smb_full_audit_aio_suspend,
2345 .aio_force = smb_full_audit_aio_force,
2346 .is_offline = smb_full_audit_is_offline,
2347 .set_offline = smb_full_audit_set_offline,
2350 NTSTATUS vfs_full_audit_init(void)
2352 NTSTATUS ret = smb_register_vfs(SMB_VFS_INTERFACE_VERSION,
2353 "full_audit", &vfs_full_audit_fns);
2355 if (!NT_STATUS_IS_OK(ret))
2358 vfs_full_audit_debug_level = debug_add_class("full_audit");
2359 if (vfs_full_audit_debug_level == -1) {
2360 vfs_full_audit_debug_level = DBGC_VFS;
2361 DEBUG(0, ("vfs_full_audit: Couldn't register custom debugging "
2364 DEBUG(10, ("vfs_full_audit: Debug class number of "
2365 "'full_audit': %d\n", vfs_full_audit_debug_level));
git.samba.org / samba.git / blob