-/*
+/*
* Auditing VFS module for samba. Log selected file operations to syslog
* facility.
*
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
- *
+ *
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
- *
+ *
* You should have received a copy of the GNU General Public License
* along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
* smbd_audit: nobody|192.168.234.1|create_file|ok|0x3|file|open|/tmp/file.txt
*
* where "nobody" is the connected username and "192.168.234.1" is the
- * client's IP address.
+ * client's IP address.
*
* Options:
*
SMB_VFS_OP_FDOPENDIR,
SMB_VFS_OP_READDIR,
- SMB_VFS_OP_SEEKDIR,
- SMB_VFS_OP_TELLDIR,
SMB_VFS_OP_REWINDDIR,
SMB_VFS_OP_MKDIRAT,
SMB_VFS_OP_CLOSEDIR,
SMB_VFS_OP_SENDFILE,
SMB_VFS_OP_RECVFILE,
SMB_VFS_OP_RENAMEAT,
- SMB_VFS_OP_FSYNC,
SMB_VFS_OP_FSYNC_SEND,
SMB_VFS_OP_FSYNC_RECV,
SMB_VFS_OP_STAT,
SMB_VFS_OP_FS_FILE_ID,
SMB_VFS_OP_FSTREAMINFO,
SMB_VFS_OP_GET_REAL_FILENAME,
+ SMB_VFS_OP_GET_REAL_FILENAME_AT,
SMB_VFS_OP_CONNECTPATH,
SMB_VFS_OP_BRL_LOCK_WINDOWS,
SMB_VFS_OP_BRL_UNLOCK_WINDOWS,
{ SMB_VFS_OP_READ_DFS_PATHAT, "read_dfs_pathat" },
{ SMB_VFS_OP_FDOPENDIR, "fdopendir" },
{ SMB_VFS_OP_READDIR, "readdir" },
- { SMB_VFS_OP_SEEKDIR, "seekdir" },
- { SMB_VFS_OP_TELLDIR, "telldir" },
{ SMB_VFS_OP_REWINDDIR, "rewinddir" },
{ SMB_VFS_OP_MKDIRAT, "mkdirat" },
{ SMB_VFS_OP_CLOSEDIR, "closedir" },
{ SMB_VFS_OP_SENDFILE, "sendfile" },
{ SMB_VFS_OP_RECVFILE, "recvfile" },
{ SMB_VFS_OP_RENAMEAT, "renameat" },
- { SMB_VFS_OP_FSYNC, "fsync" },
{ SMB_VFS_OP_FSYNC_SEND, "fsync_send" },
{ SMB_VFS_OP_FSYNC_RECV, "fsync_recv" },
{ SMB_VFS_OP_STAT, "stat" },
{ SMB_VFS_OP_FS_FILE_ID, "fs_file_id" },
{ SMB_VFS_OP_FSTREAMINFO, "fstreaminfo" },
{ SMB_VFS_OP_GET_REAL_FILENAME, "get_real_filename" },
+ { SMB_VFS_OP_GET_REAL_FILENAME_AT, "get_real_filename_at" },
{ SMB_VFS_OP_CONNECTPATH, "connectpath" },
{ SMB_VFS_OP_BRL_LOCK_WINDOWS, "brl_lock_windows" },
{ SMB_VFS_OP_BRL_UNLOCK_WINDOWS, "brl_unlock_windows" },
struct bitmap *bm;
if (ops == NULL) {
+ DBG_ERR("init_bitmap, ops list is empty (logic error)\n");
return NULL;
}
bm = bitmap_talloc(mem_ctx, SMB_VFS_OP_LAST);
if (bm == NULL) {
- DEBUG(0, ("Could not alloc bitmap -- "
- "defaulting to logging everything\n"));
+ DBG_ERR("Could not alloc bitmap\n");
return NULL;
}
}
}
if (i == SMB_VFS_OP_LAST) {
- DEBUG(0, ("Could not find opname %s, logging all\n",
- *ops));
+ DBG_ERR("Could not find opname %s\n", *ops);
TALLOC_FREE(bm);
return NULL;
}
pd->success_ops = init_bitmap(
pd, lp_parm_string_list(SNUM(handle->conn), "full_audit",
"success", none));
+ if (pd->success_ops == NULL) {
+ DBG_ERR("Invalid success operations list. Failing connect\n");
+ SMB_VFS_NEXT_DISCONNECT(handle);
+ return -1;
+ }
pd->failure_ops = init_bitmap(
pd, lp_parm_string_list(SNUM(handle->conn), "full_audit",
"failure", none));
+ if (pd->failure_ops == NULL) {
+ DBG_ERR("Invalid failure operations list. Failing connect\n");
+ SMB_VFS_NEXT_DISCONNECT(handle);
+ return -1;
+ }
/* Store the private data. */
SMB_VFS_HANDLE_SET_DATA(handle, pd, NULL,
static struct dirent *smb_full_audit_readdir(vfs_handle_struct *handle,
struct files_struct *dirfsp,
- DIR *dirp,
- SMB_STRUCT_STAT *sbuf)
+ DIR *dirp)
{
struct dirent *result;
- result = SMB_VFS_NEXT_READDIR(handle, dirfsp, dirp, sbuf);
+ result = SMB_VFS_NEXT_READDIR(handle, dirfsp, dirp);
/* This operation has no reasonable error condition
* (End of dir is also failure), so always succeed.
return result;
}
-static void smb_full_audit_seekdir(vfs_handle_struct *handle,
- DIR *dirp, long offset)
-{
- SMB_VFS_NEXT_SEEKDIR(handle, dirp, offset);
-
- do_log(SMB_VFS_OP_SEEKDIR, True, handle, "");
-}
-
-static long smb_full_audit_telldir(vfs_handle_struct *handle,
- DIR *dirp)
-{
- long result;
-
- result = SMB_VFS_NEXT_TELLDIR(handle, dirp);
-
- do_log(SMB_VFS_OP_TELLDIR, True, handle, "");
-
- return result;
-}
-
static void smb_full_audit_rewinddir(vfs_handle_struct *handle,
DIR *dirp)
{
int result;
result = SMB_VFS_NEXT_CLOSEDIR(handle, dirp);
-
+
do_log(SMB_VFS_OP_CLOSEDIR, (result >= 0), handle, "");
return result;
const struct files_struct *dirfsp,
const struct smb_filename *smb_fname,
struct files_struct *fsp,
- int flags,
- mode_t mode)
+ const struct vfs_open_how *how)
{
int result;
- result = SMB_VFS_NEXT_OPENAT(handle, dirfsp, smb_fname, fsp, flags, mode);
+ result = SMB_VFS_NEXT_OPENAT(handle, dirfsp, smb_fname, fsp, how);
do_log(SMB_VFS_OP_OPENAT, (result >= 0), handle, "%s|%s",
- ((flags & O_WRONLY) || (flags & O_RDWR))?"w":"r",
+ ((how->flags & O_WRONLY) || (how->flags & O_RDWR))?"w":"r",
fsp_str_do_log(fsp));
return result;
static NTSTATUS smb_full_audit_create_file(vfs_handle_struct *handle,
struct smb_request *req,
+ struct files_struct *dirfsp,
struct smb_filename *smb_fname,
uint32_t access_mask,
uint32_t share_access,
result = SMB_VFS_NEXT_CREATE_FILE(
handle, /* handle */
req, /* req */
+ dirfsp, /* dirfsp */
smb_fname, /* fname */
access_mask, /* access_mask */
share_access, /* share_access */
static int smb_full_audit_close(vfs_handle_struct *handle, files_struct *fsp)
{
int result;
-
+
result = SMB_VFS_NEXT_CLOSE(handle, fsp);
do_log(SMB_VFS_OP_CLOSE, (result >= 0), handle, "%s",
struct smb_filename *smb_fname)
{
int result;
-
+
result = SMB_VFS_NEXT_STAT(handle, smb_fname);
do_log(SMB_VFS_OP_STAT, (result >= 0), handle, "%s",
smb_fname_str_do_log(handle->conn, smb_fname));
- return result;
+ return result;
}
static int smb_full_audit_fstat(vfs_handle_struct *handle, files_struct *fsp,
SMB_STRUCT_STAT *sbuf)
{
int result;
-
+
result = SMB_VFS_NEXT_FSTAT(handle, fsp, sbuf);
do_log(SMB_VFS_OP_FSTAT, (result >= 0), handle, "%s",
struct smb_filename *smb_fname)
{
int result;
-
+
result = SMB_VFS_NEXT_LSTAT(handle, smb_fname);
do_log(SMB_VFS_OP_LSTAT, (result >= 0), handle, "%s",
smb_fname_str_do_log(handle->conn, smb_fname));
- return result;
+ return result;
}
static int smb_full_audit_fstatat(
mode_t mode)
{
int result;
-
+
result = SMB_VFS_NEXT_FCHMOD(handle, fsp, mode);
do_log(SMB_VFS_OP_FCHMOD, (result >= 0), handle,
struct smb_filename *result;
result = SMB_VFS_NEXT_GETWD(handle, ctx);
-
+
do_log(SMB_VFS_OP_GETWD, (result != NULL), handle, "%s",
result == NULL? "" : result->base_name);
return result;
}
-static int smb_full_audit_get_real_filename(struct vfs_handle_struct *handle,
- const struct smb_filename *path,
- const char *name,
- TALLOC_CTX *mem_ctx,
- char **found_name)
+static NTSTATUS smb_full_audit_get_real_filename_at(
+ struct vfs_handle_struct *handle,
+ struct files_struct *dirfsp,
+ const char *name,
+ TALLOC_CTX *mem_ctx,
+ char **found_name)
{
- int result;
+ NTSTATUS result;
- result = SMB_VFS_NEXT_GET_REAL_FILENAME(handle, path, name, mem_ctx,
- found_name);
+ result = SMB_VFS_NEXT_GET_REAL_FILENAME_AT(
+ handle, dirfsp, name, mem_ctx, found_name);
- do_log(SMB_VFS_OP_GET_REAL_FILENAME, (result == 0), handle,
+ do_log(SMB_VFS_OP_GET_REAL_FILENAME_AT,
+ NT_STATUS_IS_OK(result),
+ handle,
"%s/%s->%s",
- path->base_name, name, (result == 0) ? *found_name : "");
+ fsp_str_dbg(dirfsp),
+ name,
+ NT_STATUS_IS_OK(result) ? *found_name : "");
return result;
}
-static const char *smb_full_audit_connectpath(vfs_handle_struct *handle,
- const struct smb_filename *smb_fname)
+static const char *smb_full_audit_connectpath(
+ vfs_handle_struct *handle,
+ const struct files_struct *dirfsp,
+ const struct smb_filename *smb_fname)
{
const char *result;
- result = SMB_VFS_NEXT_CONNECTPATH(handle, smb_fname);
+ result = SMB_VFS_NEXT_CONNECTPATH(handle, dirfsp, smb_fname);
do_log(SMB_VFS_OP_CONNECTPATH,
result != NULL,
.read_dfs_pathat_fn = smb_full_audit_read_dfs_pathat,
.fdopendir_fn = smb_full_audit_fdopendir,
.readdir_fn = smb_full_audit_readdir,
- .seekdir_fn = smb_full_audit_seekdir,
- .telldir_fn = smb_full_audit_telldir,
.rewind_dir_fn = smb_full_audit_rewinddir,
.mkdirat_fn = smb_full_audit_mkdirat,
.closedir_fn = smb_full_audit_closedir,
.snap_create_fn = smb_full_audit_snap_create,
.snap_delete_fn = smb_full_audit_snap_delete,
.fstreaminfo_fn = smb_full_audit_fstreaminfo,
- .get_real_filename_fn = smb_full_audit_get_real_filename,
+ .get_real_filename_at_fn = smb_full_audit_get_real_filename_at,
.connectpath_fn = smb_full_audit_connectpath,
.brl_lock_windows_fn = smb_full_audit_brl_lock_windows,
.brl_unlock_windows_fn = smb_full_audit_brl_unlock_windows,
DEBUG(10, ("vfs_full_audit: Debug class number of "
"'full_audit': %d\n", vfs_full_audit_debug_level));
}
-
+
return ret;
}
git.samba.org / samba.git / blobdiff