search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
r6349: Update cifs umount utility
[Samba.git] / source3 / modules / vfs_full_audit.c
blob430ec8278a0b4f7e3ebf00791c5fe9cd42f393d5
1 /*
2 * Auditing VFS module for samba. Log selected file operations to syslog
3 * facility.
4 *
5 * Copyright (C) Tim Potter, 1999-2000
6 * Copyright (C) Alexander Bokovoy, 2002
7 * Copyright (C) John H Terpstra, 2003
8 * Copyright (C) Stefan (metze) Metzmacher, 2003
9 * Copyright (C) Volker Lendecke, 2004
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
15 *
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
20 *
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 */
25
26 /*
27 * This module implements parseable logging for all Samba VFS operations.
28 *
29 * You use it as follows:
30 *
31 * [tmp]
32 * path = /tmp
33 * vfs objects = full_audit
34 * full_audit:prefix = %u|%I
35 * full_audit:success = open opendir
36 * full_audit:failure = all
37 *
38 * This leads to syslog entries of the form:
39 * smbd_audit: nobody|192.168.234.1|opendir|ok|.
40 * smbd_audit: nobody|192.168.234.1|open|fail (File not found)|r|x.txt
41 *
42 * where "nobody" is the connected username and "192.168.234.1" is the
43 * client's IP address.
44 *
45 * Options:
46 *
47 * prefix: A macro expansion template prepended to the syslog entry.
48 *
49 * success: A list of VFS operations for which a successful completion should
50 * be logged. Defaults to no logging at all. The special operation "all" logs
51 * - you guessed it - everything.
52 *
53 * failure: A list of VFS operations for which failure to complete should be
54 * logged. Defaults to logging everything.
55 */
56
57
58 #include "includes.h"
59
60 extern struct current_user current_user;
61
62 static int vfs_full_audit_debug_level = DBGC_VFS;
63
64 #undef DBGC_CLASS
65 #define DBGC_CLASS vfs_full_audit_debug_level
66
67 /* Function prototypes */
68
69 static int smb_full_audit_connect(vfs_handle_struct *handle, connection_struct *conn,
70 const char *svc, const char *user);
71 static void smb_full_audit_disconnect(vfs_handle_struct *handle,
72 connection_struct *conn);
73 static SMB_BIG_UINT smb_full_audit_disk_free(vfs_handle_struct *handle,
74 connection_struct *conn, const char *path,
75 BOOL small_query, SMB_BIG_UINT *bsize,
76 SMB_BIG_UINT *dfree, SMB_BIG_UINT *dsize);
77 static int smb_full_audit_get_quota(struct vfs_handle_struct *handle,
78 struct connection_struct *conn,
79 enum SMB_QUOTA_TYPE qtype, unid_t id,
80 SMB_DISK_QUOTA *qt);
81 static int smb_full_audit_set_quota(struct vfs_handle_struct *handle,
82 struct connection_struct *conn,
83 enum SMB_QUOTA_TYPE qtype, unid_t id,
84 SMB_DISK_QUOTA *qt);
85 static int smb_full_audit_get_shadow_copy_data(struct vfs_handle_struct *handle,
86 struct files_struct *fsp,
87 SHADOW_COPY_DATA *shadow_copy_data, BOOL labels);
88
89 static DIR *smb_full_audit_opendir(vfs_handle_struct *handle, connection_struct *conn,
90 const char *fname);
91 static SMB_STRUCT_DIRENT *smb_full_audit_readdir(vfs_handle_struct *handle,
92 connection_struct *conn, DIR *dirp);
93 static void smb_full_audit_seekdir(vfs_handle_struct *handle, connection_struct *conn,
94 DIR *dirp, long offset);
95 static long smb_full_audit_telldir(vfs_handle_struct *handle, connection_struct *conn,
96 DIR *dirp);
97 static void smb_full_audit_rewinddir(vfs_handle_struct *handle, connection_struct *conn,
98 DIR *dirp);
99 static int smb_full_audit_mkdir(vfs_handle_struct *handle, connection_struct *conn,
100 const char *path, mode_t mode);
101 static int smb_full_audit_rmdir(vfs_handle_struct *handle, connection_struct *conn,
102 const char *path);
103 static int smb_full_audit_closedir(vfs_handle_struct *handle, connection_struct *conn,
104 DIR *dirp);
105 static int smb_full_audit_open(vfs_handle_struct *handle, connection_struct *conn,
106 const char *fname, int flags, mode_t mode);
107 static int smb_full_audit_close(vfs_handle_struct *handle, files_struct *fsp, int fd);
108 static ssize_t smb_full_audit_read(vfs_handle_struct *handle, files_struct *fsp,
109 int fd, void *data, size_t n);
110 static ssize_t smb_full_audit_pread(vfs_handle_struct *handle, files_struct *fsp,
111 int fd, void *data, size_t n, SMB_OFF_T offset);
112 static ssize_t smb_full_audit_write(vfs_handle_struct *handle, files_struct *fsp,
113 int fd, const void *data, size_t n);
114 static ssize_t smb_full_audit_pwrite(vfs_handle_struct *handle, files_struct *fsp,
115 int fd, const void *data, size_t n,
116 SMB_OFF_T offset);
117 static SMB_OFF_T smb_full_audit_lseek(vfs_handle_struct *handle, files_struct *fsp,
118 int filedes, SMB_OFF_T offset, int whence);
119 static ssize_t smb_full_audit_sendfile(vfs_handle_struct *handle, int tofd,
120 files_struct *fsp, int fromfd,
121 const DATA_BLOB *hdr, SMB_OFF_T offset,
122 size_t n);
123 static int smb_full_audit_rename(vfs_handle_struct *handle, connection_struct *conn,
124 const char *old, const char *new);
125 static int smb_full_audit_fsync(vfs_handle_struct *handle, files_struct *fsp, int fd);
126 static int smb_full_audit_stat(vfs_handle_struct *handle, connection_struct *conn,
127 const char *fname, SMB_STRUCT_STAT *sbuf);
128 static int smb_full_audit_fstat(vfs_handle_struct *handle, files_struct *fsp, int fd,
129 SMB_STRUCT_STAT *sbuf);
130 static int smb_full_audit_lstat(vfs_handle_struct *handle, connection_struct *conn,
131 const char *path, SMB_STRUCT_STAT *sbuf);
132 static int smb_full_audit_unlink(vfs_handle_struct *handle, connection_struct *conn,
133 const char *path);
134 static int smb_full_audit_chmod(vfs_handle_struct *handle, connection_struct *conn,
135 const char *path, mode_t mode);
136 static int smb_full_audit_fchmod(vfs_handle_struct *handle, files_struct *fsp, int fd,
137 mode_t mode);
138 static int smb_full_audit_chown(vfs_handle_struct *handle, connection_struct *conn,
139 const char *path, uid_t uid, gid_t gid);
140 static int smb_full_audit_fchown(vfs_handle_struct *handle, files_struct *fsp, int fd,
141 uid_t uid, gid_t gid);
142 static int smb_full_audit_chdir(vfs_handle_struct *handle, connection_struct *conn,
143 const char *path);
144 static char *smb_full_audit_getwd(vfs_handle_struct *handle, connection_struct *conn,
145 char *path);
146 static int smb_full_audit_utime(vfs_handle_struct *handle, connection_struct *conn,
147 const char *path, struct utimbuf *times);
148 static int smb_full_audit_ftruncate(vfs_handle_struct *handle, files_struct *fsp,
149 int fd, SMB_OFF_T len);
150 static BOOL smb_full_audit_lock(vfs_handle_struct *handle, files_struct *fsp, int fd,
151 int op, SMB_OFF_T offset, SMB_OFF_T count, int type);
152 static int smb_full_audit_symlink(vfs_handle_struct *handle, connection_struct *conn,
153 const char *oldpath, const char *newpath);
154 static int smb_full_audit_readlink(vfs_handle_struct *handle, connection_struct *conn,
155 const char *path, char *buf, size_t bufsiz);
156 static int smb_full_audit_link(vfs_handle_struct *handle, connection_struct *conn,
157 const char *oldpath, const char *newpath);
158 static int smb_full_audit_mknod(vfs_handle_struct *handle, connection_struct *conn,
159 const char *pathname, mode_t mode, SMB_DEV_T dev);
160 static char *smb_full_audit_realpath(vfs_handle_struct *handle, connection_struct *conn,
161 const char *path, char *resolved_path);
162 static size_t smb_full_audit_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
163 int fd, uint32 security_info,
164 SEC_DESC **ppdesc);
165 static size_t smb_full_audit_get_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
166 const char *name, uint32 security_info,
167 SEC_DESC **ppdesc);
168 static BOOL smb_full_audit_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
169 int fd, uint32 security_info_sent,
170 SEC_DESC *psd);
171 static BOOL smb_full_audit_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
172 const char *name, uint32 security_info_sent,
173 SEC_DESC *psd);
174 static int smb_full_audit_chmod_acl(vfs_handle_struct *handle, connection_struct *conn,
175 const char *path, mode_t mode);
176 static int smb_full_audit_fchmod_acl(vfs_handle_struct *handle, files_struct *fsp,
177 int fd, mode_t mode);
178 static int smb_full_audit_sys_acl_get_entry(vfs_handle_struct *handle,
179 connection_struct *conn,
180 SMB_ACL_T theacl, int entry_id,
181 SMB_ACL_ENTRY_T *entry_p);
182 static int smb_full_audit_sys_acl_get_tag_type(vfs_handle_struct *handle,
183 connection_struct *conn,
184 SMB_ACL_ENTRY_T entry_d,
185 SMB_ACL_TAG_T *tag_type_p);
186 static int smb_full_audit_sys_acl_get_permset(vfs_handle_struct *handle,
187 connection_struct *conn,
188 SMB_ACL_ENTRY_T entry_d,
189 SMB_ACL_PERMSET_T *permset_p);
190 static void * smb_full_audit_sys_acl_get_qualifier(vfs_handle_struct *handle,
191 connection_struct *conn,
192 SMB_ACL_ENTRY_T entry_d);
193 static SMB_ACL_T smb_full_audit_sys_acl_get_file(vfs_handle_struct *handle,
194 connection_struct *conn,
195 const char *path_p,
196 SMB_ACL_TYPE_T type);
197 static SMB_ACL_T smb_full_audit_sys_acl_get_fd(vfs_handle_struct *handle,
198 files_struct *fsp,
199 int fd);
200 static int smb_full_audit_sys_acl_clear_perms(vfs_handle_struct *handle,
201 connection_struct *conn,
202 SMB_ACL_PERMSET_T permset);
203 static int smb_full_audit_sys_acl_add_perm(vfs_handle_struct *handle,
204 connection_struct *conn,
205 SMB_ACL_PERMSET_T permset,
206 SMB_ACL_PERM_T perm);
207 static char * smb_full_audit_sys_acl_to_text(vfs_handle_struct *handle,
208 connection_struct *conn, SMB_ACL_T theacl,
209 ssize_t *plen);
210 static SMB_ACL_T smb_full_audit_sys_acl_init(vfs_handle_struct *handle,
211 connection_struct *conn,
212 int count);
213 static int smb_full_audit_sys_acl_create_entry(vfs_handle_struct *handle,
214 connection_struct *conn, SMB_ACL_T *pacl,
215 SMB_ACL_ENTRY_T *pentry);
216 static int smb_full_audit_sys_acl_set_tag_type(vfs_handle_struct *handle,
217 connection_struct *conn,
218 SMB_ACL_ENTRY_T entry,
219 SMB_ACL_TAG_T tagtype);
220 static int smb_full_audit_sys_acl_set_qualifier(vfs_handle_struct *handle,
221 connection_struct *conn,
222 SMB_ACL_ENTRY_T entry,
223 void *qual);
224 static int smb_full_audit_sys_acl_set_permset(vfs_handle_struct *handle,
225 connection_struct *conn,
226 SMB_ACL_ENTRY_T entry,
227 SMB_ACL_PERMSET_T permset);
228 static int smb_full_audit_sys_acl_valid(vfs_handle_struct *handle,
229 connection_struct *conn,
230 SMB_ACL_T theacl );
231 static int smb_full_audit_sys_acl_set_file(vfs_handle_struct *handle,
232 connection_struct *conn,
233 const char *name, SMB_ACL_TYPE_T acltype,
234 SMB_ACL_T theacl);
235 static int smb_full_audit_sys_acl_set_fd(vfs_handle_struct *handle, files_struct *fsp,
236 int fd, SMB_ACL_T theacl);
237 static int smb_full_audit_sys_acl_delete_def_file(vfs_handle_struct *handle,
238 connection_struct *conn,
239 const char *path);
240 static int smb_full_audit_sys_acl_get_perm(vfs_handle_struct *handle,
241 connection_struct *conn,
242 SMB_ACL_PERMSET_T permset,
243 SMB_ACL_PERM_T perm);
244 static int smb_full_audit_sys_acl_free_text(vfs_handle_struct *handle,
245 connection_struct *conn,
246 char *text);
247 static int smb_full_audit_sys_acl_free_acl(vfs_handle_struct *handle,
248 connection_struct *conn,
249 SMB_ACL_T posix_acl);
250 static int smb_full_audit_sys_acl_free_qualifier(vfs_handle_struct *handle,
251 connection_struct *conn,
252 void *qualifier,
253 SMB_ACL_TAG_T tagtype);
254 static ssize_t smb_full_audit_getxattr(struct vfs_handle_struct *handle,
255 struct connection_struct *conn, const char *path,
256 const char *name, void *value, size_t size);
257 static ssize_t smb_full_audit_lgetxattr(struct vfs_handle_struct *handle,
258 struct connection_struct *conn,
259 const char *path, const char *name,
260 void *value, size_t size);
261 static ssize_t smb_full_audit_fgetxattr(struct vfs_handle_struct *handle,
262 struct files_struct *fsp, int fd,
263 const char *name, void *value, size_t size);
264 static ssize_t smb_full_audit_listxattr(struct vfs_handle_struct *handle,
265 struct connection_struct *conn,
266 const char *path, char *list, size_t size);
267 static ssize_t smb_full_audit_llistxattr(struct vfs_handle_struct *handle,
268 struct connection_struct *conn,
269 const char *path, char *list, size_t size);
270 static ssize_t smb_full_audit_flistxattr(struct vfs_handle_struct *handle,
271 struct files_struct *fsp, int fd, char *list,
272 size_t size);
273 static int smb_full_audit_removexattr(struct vfs_handle_struct *handle,
274 struct connection_struct *conn, const char *path,
275 const char *name);
276 static int smb_full_audit_lremovexattr(struct vfs_handle_struct *handle,
277 struct connection_struct *conn, const char *path,
278 const char *name);
279 static int smb_full_audit_fremovexattr(struct vfs_handle_struct *handle,
280 struct files_struct *fsp, int fd,
281 const char *name);
282 static int smb_full_audit_setxattr(struct vfs_handle_struct *handle,
283 struct connection_struct *conn, const char *path,
284 const char *name, const void *value, size_t size,
285 int flags);
286 static int smb_full_audit_lsetxattr(struct vfs_handle_struct *handle,
287 struct connection_struct *conn, const char *path,
288 const char *name, const void *value, size_t size,
289 int flags);
290 static int smb_full_audit_fsetxattr(struct vfs_handle_struct *handle,
291 struct files_struct *fsp, int fd, const char *name,
292 const void *value, size_t size, int flags);
293
294 /* VFS operations */
295
296 static vfs_op_tuple audit_op_tuples[] = {
297
298 /* Disk operations */
299
300 {SMB_VFS_OP(smb_full_audit_connect), SMB_VFS_OP_CONNECT,
301 SMB_VFS_LAYER_LOGGER},
302 {SMB_VFS_OP(smb_full_audit_disconnect), SMB_VFS_OP_DISCONNECT,
303 SMB_VFS_LAYER_LOGGER},
304 {SMB_VFS_OP(smb_full_audit_disk_free), SMB_VFS_OP_DISK_FREE,
305 SMB_VFS_LAYER_LOGGER},
306 {SMB_VFS_OP(smb_full_audit_get_quota), SMB_VFS_OP_GET_QUOTA,
307 SMB_VFS_LAYER_LOGGER},
308 {SMB_VFS_OP(smb_full_audit_set_quota), SMB_VFS_OP_SET_QUOTA,
309 SMB_VFS_LAYER_LOGGER},
310 {SMB_VFS_OP(smb_full_audit_get_shadow_copy_data), SMB_VFS_OP_GET_SHADOW_COPY_DATA,
311 SMB_VFS_LAYER_LOGGER},
312
313 /* Directory operations */
314
315 {SMB_VFS_OP(smb_full_audit_opendir), SMB_VFS_OP_OPENDIR,
316 SMB_VFS_LAYER_LOGGER},
317 {SMB_VFS_OP(smb_full_audit_readdir), SMB_VFS_OP_READDIR,
318 SMB_VFS_LAYER_LOGGER},
319 {SMB_VFS_OP(smb_full_audit_seekdir), SMB_VFS_OP_SEEKDIR,
320 SMB_VFS_LAYER_LOGGER},
321 {SMB_VFS_OP(smb_full_audit_telldir), SMB_VFS_OP_TELLDIR,
322 SMB_VFS_LAYER_LOGGER},
323 {SMB_VFS_OP(smb_full_audit_rewinddir), SMB_VFS_OP_REWINDDIR,
324 SMB_VFS_LAYER_LOGGER},
325 {SMB_VFS_OP(smb_full_audit_mkdir), SMB_VFS_OP_MKDIR,
326 SMB_VFS_LAYER_LOGGER},
327 {SMB_VFS_OP(smb_full_audit_rmdir), SMB_VFS_OP_RMDIR,
328 SMB_VFS_LAYER_LOGGER},
329 {SMB_VFS_OP(smb_full_audit_closedir), SMB_VFS_OP_CLOSEDIR,
330 SMB_VFS_LAYER_LOGGER},
331
332 /* File operations */
333
334 {SMB_VFS_OP(smb_full_audit_open), SMB_VFS_OP_OPEN,
335 SMB_VFS_LAYER_LOGGER},
336 {SMB_VFS_OP(smb_full_audit_close), SMB_VFS_OP_CLOSE,
337 SMB_VFS_LAYER_LOGGER},
338 {SMB_VFS_OP(smb_full_audit_read), SMB_VFS_OP_READ,
339 SMB_VFS_LAYER_LOGGER},
340 {SMB_VFS_OP(smb_full_audit_pread), SMB_VFS_OP_PREAD,
341 SMB_VFS_LAYER_LOGGER},
342 {SMB_VFS_OP(smb_full_audit_write), SMB_VFS_OP_WRITE,
343 SMB_VFS_LAYER_LOGGER},
344 {SMB_VFS_OP(smb_full_audit_pwrite), SMB_VFS_OP_PWRITE,
345 SMB_VFS_LAYER_LOGGER},
346 {SMB_VFS_OP(smb_full_audit_lseek), SMB_VFS_OP_LSEEK,
347 SMB_VFS_LAYER_LOGGER},
348 {SMB_VFS_OP(smb_full_audit_sendfile), SMB_VFS_OP_SENDFILE,
349 SMB_VFS_LAYER_LOGGER},
350 {SMB_VFS_OP(smb_full_audit_rename), SMB_VFS_OP_RENAME,
351 SMB_VFS_LAYER_LOGGER},
352 {SMB_VFS_OP(smb_full_audit_fsync), SMB_VFS_OP_FSYNC,
353 SMB_VFS_LAYER_LOGGER},
354 {SMB_VFS_OP(smb_full_audit_stat), SMB_VFS_OP_STAT,
355 SMB_VFS_LAYER_LOGGER},
356 {SMB_VFS_OP(smb_full_audit_fstat), SMB_VFS_OP_FSTAT,
357 SMB_VFS_LAYER_LOGGER},
358 {SMB_VFS_OP(smb_full_audit_lstat), SMB_VFS_OP_LSTAT,
359 SMB_VFS_LAYER_LOGGER},
360 {SMB_VFS_OP(smb_full_audit_unlink), SMB_VFS_OP_UNLINK,
361 SMB_VFS_LAYER_LOGGER},
362 {SMB_VFS_OP(smb_full_audit_chmod), SMB_VFS_OP_CHMOD,
363 SMB_VFS_LAYER_LOGGER},
364 {SMB_VFS_OP(smb_full_audit_fchmod), SMB_VFS_OP_FCHMOD,
365 SMB_VFS_LAYER_LOGGER},
366 {SMB_VFS_OP(smb_full_audit_chown), SMB_VFS_OP_CHOWN,
367 SMB_VFS_LAYER_LOGGER},
368 {SMB_VFS_OP(smb_full_audit_fchown), SMB_VFS_OP_FCHOWN,
369 SMB_VFS_LAYER_LOGGER},
370 {SMB_VFS_OP(smb_full_audit_chdir), SMB_VFS_OP_CHDIR,
371 SMB_VFS_LAYER_LOGGER},
372 {SMB_VFS_OP(smb_full_audit_getwd), SMB_VFS_OP_GETWD,
373 SMB_VFS_LAYER_LOGGER},
374 {SMB_VFS_OP(smb_full_audit_utime), SMB_VFS_OP_UTIME,
375 SMB_VFS_LAYER_LOGGER},
376 {SMB_VFS_OP(smb_full_audit_ftruncate), SMB_VFS_OP_FTRUNCATE,
377 SMB_VFS_LAYER_LOGGER},
378 {SMB_VFS_OP(smb_full_audit_lock), SMB_VFS_OP_LOCK,
379 SMB_VFS_LAYER_LOGGER},
380 {SMB_VFS_OP(smb_full_audit_symlink), SMB_VFS_OP_SYMLINK,
381 SMB_VFS_LAYER_LOGGER},
382 {SMB_VFS_OP(smb_full_audit_readlink), SMB_VFS_OP_READLINK,
383 SMB_VFS_LAYER_LOGGER},
384 {SMB_VFS_OP(smb_full_audit_link), SMB_VFS_OP_LINK,
385 SMB_VFS_LAYER_LOGGER},
386 {SMB_VFS_OP(smb_full_audit_mknod), SMB_VFS_OP_MKNOD,
387 SMB_VFS_LAYER_LOGGER},
388 {SMB_VFS_OP(smb_full_audit_realpath), SMB_VFS_OP_REALPATH,
389 SMB_VFS_LAYER_LOGGER},
390
391 /* NT ACL operations. */
392
393 {SMB_VFS_OP(smb_full_audit_fget_nt_acl), SMB_VFS_OP_FGET_NT_ACL,
394 SMB_VFS_LAYER_LOGGER},
395 {SMB_VFS_OP(smb_full_audit_get_nt_acl), SMB_VFS_OP_GET_NT_ACL,
396 SMB_VFS_LAYER_LOGGER},
397 {SMB_VFS_OP(smb_full_audit_fset_nt_acl), SMB_VFS_OP_FSET_NT_ACL,
398 SMB_VFS_LAYER_LOGGER},
399 {SMB_VFS_OP(smb_full_audit_set_nt_acl), SMB_VFS_OP_SET_NT_ACL,
400 SMB_VFS_LAYER_LOGGER},
401
402 /* POSIX ACL operations. */
403
404 {SMB_VFS_OP(smb_full_audit_chmod_acl), SMB_VFS_OP_CHMOD_ACL,
405 SMB_VFS_LAYER_LOGGER},
406 {SMB_VFS_OP(smb_full_audit_fchmod_acl), SMB_VFS_OP_FCHMOD_ACL,
407 SMB_VFS_LAYER_LOGGER},
408 {SMB_VFS_OP(smb_full_audit_sys_acl_get_entry), SMB_VFS_OP_SYS_ACL_GET_ENTRY,
409 SMB_VFS_LAYER_LOGGER},
410 {SMB_VFS_OP(smb_full_audit_sys_acl_get_tag_type), SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE,
411 SMB_VFS_LAYER_LOGGER},
412 {SMB_VFS_OP(smb_full_audit_sys_acl_get_permset), SMB_VFS_OP_SYS_ACL_GET_PERMSET,
413 SMB_VFS_LAYER_LOGGER},
414 {SMB_VFS_OP(smb_full_audit_sys_acl_get_qualifier), SMB_VFS_OP_SYS_ACL_GET_QUALIFIER,
415 SMB_VFS_LAYER_LOGGER},
416 {SMB_VFS_OP(smb_full_audit_sys_acl_get_file), SMB_VFS_OP_SYS_ACL_GET_FILE,
417 SMB_VFS_LAYER_LOGGER},
418 {SMB_VFS_OP(smb_full_audit_sys_acl_get_fd), SMB_VFS_OP_SYS_ACL_GET_FD,
419 SMB_VFS_LAYER_LOGGER},
420 {SMB_VFS_OP(smb_full_audit_sys_acl_clear_perms), SMB_VFS_OP_SYS_ACL_CLEAR_PERMS,
421 SMB_VFS_LAYER_LOGGER},
422 {SMB_VFS_OP(smb_full_audit_sys_acl_add_perm), SMB_VFS_OP_SYS_ACL_ADD_PERM,
423 SMB_VFS_LAYER_LOGGER},
424 {SMB_VFS_OP(smb_full_audit_sys_acl_to_text), SMB_VFS_OP_SYS_ACL_TO_TEXT,
425 SMB_VFS_LAYER_LOGGER},
426 {SMB_VFS_OP(smb_full_audit_sys_acl_init), SMB_VFS_OP_SYS_ACL_INIT,
427 SMB_VFS_LAYER_LOGGER},
428 {SMB_VFS_OP(smb_full_audit_sys_acl_create_entry), SMB_VFS_OP_SYS_ACL_CREATE_ENTRY,
429 SMB_VFS_LAYER_LOGGER},
430 {SMB_VFS_OP(smb_full_audit_sys_acl_set_tag_type), SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE,
431 SMB_VFS_LAYER_LOGGER},
432 {SMB_VFS_OP(smb_full_audit_sys_acl_set_qualifier), SMB_VFS_OP_SYS_ACL_SET_QUALIFIER,
433 SMB_VFS_LAYER_LOGGER},
434 {SMB_VFS_OP(smb_full_audit_sys_acl_set_permset), SMB_VFS_OP_SYS_ACL_SET_PERMSET,
435 SMB_VFS_LAYER_LOGGER},
436 {SMB_VFS_OP(smb_full_audit_sys_acl_valid), SMB_VFS_OP_SYS_ACL_VALID,
437 SMB_VFS_LAYER_LOGGER},
438 {SMB_VFS_OP(smb_full_audit_sys_acl_set_file), SMB_VFS_OP_SYS_ACL_SET_FILE,
439 SMB_VFS_LAYER_LOGGER},
440 {SMB_VFS_OP(smb_full_audit_sys_acl_set_fd), SMB_VFS_OP_SYS_ACL_SET_FD,
441 SMB_VFS_LAYER_LOGGER},
442 {SMB_VFS_OP(smb_full_audit_sys_acl_delete_def_file), SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE,
443 SMB_VFS_LAYER_LOGGER},
444 {SMB_VFS_OP(smb_full_audit_sys_acl_get_perm), SMB_VFS_OP_SYS_ACL_GET_PERM,
445 SMB_VFS_LAYER_LOGGER},
446 {SMB_VFS_OP(smb_full_audit_sys_acl_free_text), SMB_VFS_OP_SYS_ACL_FREE_TEXT,
447 SMB_VFS_LAYER_LOGGER},
448 {SMB_VFS_OP(smb_full_audit_sys_acl_free_acl), SMB_VFS_OP_SYS_ACL_FREE_ACL,
449 SMB_VFS_LAYER_LOGGER},
450 {SMB_VFS_OP(smb_full_audit_sys_acl_free_qualifier), SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER,
451 SMB_VFS_LAYER_LOGGER},
452
453 /* EA operations. */
454
455 {SMB_VFS_OP(smb_full_audit_getxattr), SMB_VFS_OP_GETXATTR,
456 SMB_VFS_LAYER_LOGGER},
457 {SMB_VFS_OP(smb_full_audit_lgetxattr), SMB_VFS_OP_LGETXATTR,
458 SMB_VFS_LAYER_LOGGER},
459 {SMB_VFS_OP(smb_full_audit_fgetxattr), SMB_VFS_OP_FGETXATTR,
460 SMB_VFS_LAYER_LOGGER},
461 {SMB_VFS_OP(smb_full_audit_listxattr), SMB_VFS_OP_LISTXATTR,
462 SMB_VFS_LAYER_LOGGER},
463 {SMB_VFS_OP(smb_full_audit_llistxattr), SMB_VFS_OP_LLISTXATTR,
464 SMB_VFS_LAYER_LOGGER},
465 {SMB_VFS_OP(smb_full_audit_flistxattr), SMB_VFS_OP_FLISTXATTR,
466 SMB_VFS_LAYER_LOGGER},
467 {SMB_VFS_OP(smb_full_audit_removexattr), SMB_VFS_OP_REMOVEXATTR,
468 SMB_VFS_LAYER_LOGGER},
469 {SMB_VFS_OP(smb_full_audit_lremovexattr), SMB_VFS_OP_LREMOVEXATTR,
470 SMB_VFS_LAYER_LOGGER},
471 {SMB_VFS_OP(smb_full_audit_fremovexattr), SMB_VFS_OP_FREMOVEXATTR,
472 SMB_VFS_LAYER_LOGGER},
473 {SMB_VFS_OP(smb_full_audit_setxattr), SMB_VFS_OP_SETXATTR,
474 SMB_VFS_LAYER_LOGGER},
475 {SMB_VFS_OP(smb_full_audit_lsetxattr), SMB_VFS_OP_LSETXATTR,
476 SMB_VFS_LAYER_LOGGER},
477 {SMB_VFS_OP(smb_full_audit_fsetxattr), SMB_VFS_OP_FSETXATTR,
478 SMB_VFS_LAYER_LOGGER},
479
480 /* Finish VFS operations definition */
481
482 {SMB_VFS_OP(NULL), SMB_VFS_OP_NOOP,
483 SMB_VFS_LAYER_NOOP}
484 };
485
486 /* The following array *must* be in the same order as defined in vfs.h */
487
488 static struct {
489 vfs_op_type type;
490 const char *name;
491 } vfs_op_names[] = {
492 { SMB_VFS_OP_CONNECT, "connect" },
493 { SMB_VFS_OP_DISCONNECT, "disconnect" },
494 { SMB_VFS_OP_DISK_FREE, "disk_free" },
495 { SMB_VFS_OP_GET_QUOTA, "get_quota" },
496 { SMB_VFS_OP_SET_QUOTA, "set_quota" },
497 { SMB_VFS_OP_GET_SHADOW_COPY_DATA, "get_shadow_copy_data" },
498 { SMB_VFS_OP_OPENDIR, "opendir" },
499 { SMB_VFS_OP_READDIR, "readdir" },
500 { SMB_VFS_OP_MKDIR, "mkdir" },
501 { SMB_VFS_OP_RMDIR, "rmdir" },
502 { SMB_VFS_OP_CLOSEDIR, "closedir" },
503 { SMB_VFS_OP_OPEN, "open" },
504 { SMB_VFS_OP_CLOSE, "close" },
505 { SMB_VFS_OP_READ, "read" },
506 { SMB_VFS_OP_PREAD, "pread" },
507 { SMB_VFS_OP_WRITE, "write" },
508 { SMB_VFS_OP_PWRITE, "pwrite" },
509 { SMB_VFS_OP_LSEEK, "lseek" },
510 { SMB_VFS_OP_SENDFILE, "sendfile" },
511 { SMB_VFS_OP_RENAME, "rename" },
512 { SMB_VFS_OP_FSYNC, "fsync" },
513 { SMB_VFS_OP_STAT, "stat" },
514 { SMB_VFS_OP_FSTAT, "fstat" },
515 { SMB_VFS_OP_LSTAT, "lstat" },
516 { SMB_VFS_OP_UNLINK, "unlink" },
517 { SMB_VFS_OP_CHMOD, "chmod" },
518 { SMB_VFS_OP_FCHMOD, "fchmod" },
519 { SMB_VFS_OP_CHOWN, "chown" },
520 { SMB_VFS_OP_FCHOWN, "fchown" },
521 { SMB_VFS_OP_CHDIR, "chdir" },
522 { SMB_VFS_OP_GETWD, "getwd" },
523 { SMB_VFS_OP_UTIME, "utime" },
524 { SMB_VFS_OP_FTRUNCATE, "ftruncate" },
525 { SMB_VFS_OP_LOCK, "lock" },
526 { SMB_VFS_OP_SYMLINK, "symlink" },
527 { SMB_VFS_OP_READLINK, "readlink" },
528 { SMB_VFS_OP_LINK, "link" },
529 { SMB_VFS_OP_MKNOD, "mknod" },
530 { SMB_VFS_OP_REALPATH, "realpath" },
531 { SMB_VFS_OP_FGET_NT_ACL, "fget_nt_acl" },
532 { SMB_VFS_OP_GET_NT_ACL, "get_nt_acl" },
533 { SMB_VFS_OP_FSET_NT_ACL, "fset_nt_acl" },
534 { SMB_VFS_OP_SET_NT_ACL, "set_nt_acl" },
535 { SMB_VFS_OP_CHMOD_ACL, "chmod_acl" },
536 { SMB_VFS_OP_FCHMOD_ACL, "fchmod_acl" },
537 { SMB_VFS_OP_SYS_ACL_GET_ENTRY, "sys_acl_get_entry" },
538 { SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE, "sys_acl_get_tag_type" },
539 { SMB_VFS_OP_SYS_ACL_GET_PERMSET, "sys_acl_get_permset" },
540 { SMB_VFS_OP_SYS_ACL_GET_QUALIFIER, "sys_acl_get_qualifier" },
541 { SMB_VFS_OP_SYS_ACL_GET_FILE, "sys_acl_get_file" },
542 { SMB_VFS_OP_SYS_ACL_GET_FD, "sys_acl_get_fd" },
543 { SMB_VFS_OP_SYS_ACL_CLEAR_PERMS, "sys_acl_clear_perms" },
544 { SMB_VFS_OP_SYS_ACL_ADD_PERM, "sys_acl_add_perm" },
545 { SMB_VFS_OP_SYS_ACL_TO_TEXT, "sys_acl_to_text" },
546 { SMB_VFS_OP_SYS_ACL_INIT, "sys_acl_init" },
547 { SMB_VFS_OP_SYS_ACL_CREATE_ENTRY, "sys_acl_create_entry" },
548 { SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE, "sys_acl_set_tag_type" },
549 { SMB_VFS_OP_SYS_ACL_SET_QUALIFIER, "sys_acl_set_qualifier" },
550 { SMB_VFS_OP_SYS_ACL_SET_PERMSET, "sys_acl_set_permset" },
551 { SMB_VFS_OP_SYS_ACL_VALID, "sys_acl_valid" },
552 { SMB_VFS_OP_SYS_ACL_SET_FILE, "sys_acl_set_file" },
553 { SMB_VFS_OP_SYS_ACL_SET_FD, "sys_acl_set_fd" },
554 { SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE, "sys_acl_delete_def_file" },
555 { SMB_VFS_OP_SYS_ACL_GET_PERM, "sys_acl_get_perm" },
556 { SMB_VFS_OP_SYS_ACL_FREE_TEXT, "sys_acl_free_text" },
557 { SMB_VFS_OP_SYS_ACL_FREE_ACL, "sys_acl_free_acl" },
558 { SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER, "sys_acl_free_qualifier" },
559 { SMB_VFS_OP_GETXATTR, "getxattr" },
560 { SMB_VFS_OP_LGETXATTR, "lgetxattr" },
561 { SMB_VFS_OP_FGETXATTR, "fgetxattr" },
562 { SMB_VFS_OP_LISTXATTR, "listxattr" },
563 { SMB_VFS_OP_LLISTXATTR, "llistxattr" },
564 { SMB_VFS_OP_FLISTXATTR, "flistxattr" },
565 { SMB_VFS_OP_REMOVEXATTR, "removexattr" },
566 { SMB_VFS_OP_LREMOVEXATTR, "lremovexattr" },
567 { SMB_VFS_OP_FREMOVEXATTR, "fremovexattr" },
568 { SMB_VFS_OP_SETXATTR, "setxattr" },
569 { SMB_VFS_OP_LSETXATTR, "lsetxattr" },
570 { SMB_VFS_OP_FSETXATTR, "fsetxattr" },
571 { SMB_VFS_OP_LAST, NULL }
572 };
573
574 static int audit_syslog_facility(vfs_handle_struct *handle)
575 {
576 /* fix me: let this be configurable by:
577 * lp_param_enum(SNUM(handle->conn),
578 * (handle->param?handle->param:"full_audit"),
579 * "syslog facility",
580 * audit_enum_facility,LOG_USER);
581 */
582 return LOG_USER;
583 }
584
585 static int audit_syslog_priority(vfs_handle_struct *handle)
586 {
587 /* fix me: let this be configurable by:
588 * lp_param_enum(SNUM(handle->conn),
589 * (handle->param?handle->param:"full_audit"),
590 * "syslog priority",
591 * audit_enum_priority,LOG_NOTICE);
592 */
593 return LOG_NOTICE;
594 }
595
596 static char *audit_prefix(connection_struct *conn)
597 {
598 static pstring prefix;
599
600 pstrcpy(prefix, lp_parm_const_string(SNUM(conn), "full_audit",
601 "prefix", "%u|%I"));
602 standard_sub_snum(SNUM(conn), prefix, sizeof(prefix)-1);
603 return prefix;
604 }
605
606 static struct bitmap *success_ops = NULL;
607
608 static BOOL log_success(vfs_op_type op)
609 {
610 if (success_ops == NULL)
611 return True;
612
613 return bitmap_query(success_ops, op);
614 }
615
616 static struct bitmap *failure_ops = NULL;
617
618 static BOOL log_failure(vfs_op_type op)
619 {
620 if (failure_ops == NULL)
621 return True;
622
623 return bitmap_query(failure_ops, op);
624 }
625
626 static void init_bitmap(struct bitmap **bm, const char **ops)
627 {
628 BOOL log_all = False;
629
630 if (*bm != NULL)
631 return;
632
633 *bm = bitmap_allocate(SMB_VFS_OP_LAST);
634
635 if (*bm == NULL) {
636 DEBUG(0, ("Could not alloc bitmap -- "
637 "defaulting to logging everything\n"));
638 return;
639 }
640
641 while (*ops != NULL) {
642 int i;
643 BOOL found = False;
644
645 if (strequal(*ops, "all")) {
646 log_all = True;
647 break;
648 }
649
650 for (i=0; i<SMB_VFS_OP_LAST; i++) {
651 if (strequal(*ops, vfs_op_names[i].name)) {
652 bitmap_set(*bm, i);
653 found = True;
654 }
655 }
656 if (!found) {
657 DEBUG(0, ("Could not find opname %s, logging all\n",
658 *ops));
659 log_all = True;
660 break;
661 }
662 ops += 1;
663 }
664
665 if (log_all) {
666 /* The query functions default to True */
667 bitmap_free(*bm);
668 *bm = NULL;
669 }
670 }
671
672 static const char *audit_opname(vfs_op_type op)
673 {
674 if (op >= SMB_VFS_OP_LAST)
675 return "INVALID VFS OP";
676 return vfs_op_names[op].name;
677 }
678
679 static void do_log(vfs_op_type op, BOOL success, vfs_handle_struct *handle,
680 const char *format, ...)
681 {
682 fstring err_msg;
683 pstring op_msg;
684 va_list ap;
685
686 if (success && (!log_success(op)))
687 return;
688
689 if (!success && (!log_failure(op)))
690 return;
691
692 if (success)
693 fstrcpy(err_msg, "ok");
694 else
695 fstr_sprintf(err_msg, "fail (%s)", strerror(errno));
696
697 va_start(ap, format);
698 vsnprintf(op_msg, sizeof(op_msg), format, ap);
699 va_end(ap);
700
701 syslog(audit_syslog_priority(handle), "%s|%s|%s|%s\n",
702 audit_prefix(handle->conn), audit_opname(op), err_msg, op_msg);
703
704 return;
705 }
706
707 /* Implementation of vfs_ops. Pass everything on to the default
708 operation but log event first. */
709
710 static int smb_full_audit_connect(vfs_handle_struct *handle, connection_struct *conn,
711 const char *svc, const char *user)
712 {
713 int result;
714 const char *none[] = { NULL };
715 const char *all [] = { "all" };
716
717 openlog("smbd_audit", 0, audit_syslog_facility(handle));
718
719 init_bitmap(&success_ops,
720 lp_parm_string_list(SNUM(conn), "full_audit", "success",
721 none));
722 init_bitmap(&failure_ops,
723 lp_parm_string_list(SNUM(conn), "full_audit", "failure",
724 all));
725
726 result = SMB_VFS_NEXT_CONNECT(handle, conn, svc, user);
727
728 do_log(SMB_VFS_OP_CONNECT, True, handle,
729 "%s", svc);
730
731 return result;
732 }
733
734 static void smb_full_audit_disconnect(vfs_handle_struct *handle,
735 connection_struct *conn)
736 {
737 SMB_VFS_NEXT_DISCONNECT(handle, conn);
738
739 do_log(SMB_VFS_OP_DISCONNECT, True, handle,
740 "%s", lp_servicename(SNUM(conn)));
741
742 bitmap_free(success_ops);
743 success_ops = NULL;
744
745 bitmap_free(failure_ops);
746 failure_ops = NULL;
747
748 return;
749 }
750
751 static SMB_BIG_UINT smb_full_audit_disk_free(vfs_handle_struct *handle,
752 connection_struct *conn, const char *path,
753 BOOL small_query, SMB_BIG_UINT *bsize,
754 SMB_BIG_UINT *dfree, SMB_BIG_UINT *dsize)
755 {
756 SMB_BIG_UINT result;
757
758 result = SMB_VFS_NEXT_DISK_FREE(handle, conn, path, small_query, bsize,
759 dfree, dsize);
760
761 /* Don't have a reasonable notion of failure here */
762
763 do_log(SMB_VFS_OP_DISK_FREE, True, handle, "%s", path);
764
765 return result;
766 }
767
768 static int smb_full_audit_get_quota(struct vfs_handle_struct *handle,
769 struct connection_struct *conn,
770 enum SMB_QUOTA_TYPE qtype, unid_t id,
771 SMB_DISK_QUOTA *qt)
772 {
773 int result;
774
775 result = SMB_VFS_NEXT_GET_QUOTA(handle, conn, qtype, id, qt);
776
777 do_log(SMB_VFS_OP_GET_QUOTA, (result >= 0), handle, "");
778
779 return result;
780 }
781
782
783 static int smb_full_audit_set_quota(struct vfs_handle_struct *handle,
784 struct connection_struct *conn,
785 enum SMB_QUOTA_TYPE qtype, unid_t id,
786 SMB_DISK_QUOTA *qt)
787 {
788 int result;
789
790 result = SMB_VFS_NEXT_SET_QUOTA(handle, conn, qtype, id, qt);
791
792 do_log(SMB_VFS_OP_SET_QUOTA, (result >= 0), handle, "");
793
794 return result;
795 }
796
797 static int smb_full_audit_get_shadow_copy_data(struct vfs_handle_struct *handle,
798 struct files_struct *fsp,
799 SHADOW_COPY_DATA *shadow_copy_data, BOOL labels)
800 {
801 int result;
802
803 result = SMB_VFS_NEXT_GET_SHADOW_COPY_DATA(handle, fsp, shadow_copy_data, labels);
804
805 do_log(SMB_VFS_OP_GET_SHADOW_COPY_DATA, (result >= 0), handle, "");
806
807 return result;
808 }
809
810 static DIR *smb_full_audit_opendir(vfs_handle_struct *handle, connection_struct *conn,
811 const char *fname)
812 {
813 DIR *result;
814
815 result = SMB_VFS_NEXT_OPENDIR(handle, conn, fname);
816
817 do_log(SMB_VFS_OP_OPENDIR, (result != NULL), handle, "%s", fname);
818
819 return result;
820 }
821
822 static SMB_STRUCT_DIRENT *smb_full_audit_readdir(vfs_handle_struct *handle,
823 connection_struct *conn, DIR *dirp)
824 {
825 SMB_STRUCT_DIRENT *result;
826
827 result = SMB_VFS_NEXT_READDIR(handle, conn, dirp);
828
829 /* This operation has no reasonable error condition
830 * (End of dir is also failure), so always succeed.
831 */
832 do_log(SMB_VFS_OP_READDIR, True, handle, "");
833
834 return result;
835 }
836
837 static void smb_full_audit_seekdir(vfs_handle_struct *handle, connection_struct *conn,
838 DIR *dirp, long offset)
839 {
840 SMB_VFS_NEXT_SEEKDIR(handle, conn, dirp, offset);
841
842 do_log(SMB_VFS_OP_SEEKDIR, True, handle, "");
843 return;
844 }
845
846 static long smb_full_audit_telldir(vfs_handle_struct *handle, connection_struct *conn,
847 DIR *dirp)
848 {
849 long result;
850
851 result = SMB_VFS_NEXT_TELLDIR(handle, conn, dirp);
852
853 do_log(SMB_VFS_OP_OPENDIR, True, handle, "");
854
855 return result;
856 }
857
858 static void smb_full_audit_rewinddir(vfs_handle_struct *handle, connection_struct *conn,
859 DIR *dirp)
860 {
861 SMB_VFS_NEXT_REWINDDIR(handle, conn, dirp);
862
863 do_log(SMB_VFS_OP_REWINDDIR, True, handle, "");
864 return;
865 }
866
867 static int smb_full_audit_mkdir(vfs_handle_struct *handle, connection_struct *conn,
868 const char *path, mode_t mode)
869 {
870 int result;
871
872 result = SMB_VFS_NEXT_MKDIR(handle, conn, path, mode);
873
874 do_log(SMB_VFS_OP_MKDIR, (result >= 0), handle, "%s", path);
875
876 return result;
877 }
878
879 static int smb_full_audit_rmdir(vfs_handle_struct *handle, connection_struct *conn,
880 const char *path)
881 {
882 int result;
883
884 result = SMB_VFS_NEXT_RMDIR(handle, conn, path);
885
886 do_log(SMB_VFS_OP_RMDIR, (result >= 0), handle, "%s", path);
887
888 return result;
889 }
890
891 static int smb_full_audit_closedir(vfs_handle_struct *handle, connection_struct *conn,
892 DIR *dirp)
893 {
894 int result;
895
896 result = SMB_VFS_NEXT_CLOSEDIR(handle, conn, dirp);
897
898 do_log(SMB_VFS_OP_CLOSEDIR, (result >= 0), handle, "");
899
900 return result;
901 }
902
903 static int smb_full_audit_open(vfs_handle_struct *handle, connection_struct *conn,
904 const char *fname, int flags, mode_t mode)
905 {
906 int result;
907
908 result = SMB_VFS_NEXT_OPEN(handle, conn, fname, flags, mode);
909
910 do_log(SMB_VFS_OP_OPEN, (result >= 0), handle, "%s|%s",
911 ((flags & O_WRONLY) || (flags & O_RDWR))?"w":"r",
912 fname);
913
914 return result;
915 }
916
917 static int smb_full_audit_close(vfs_handle_struct *handle, files_struct *fsp, int fd)
918 {
919 int result;
920
921 result = SMB_VFS_NEXT_CLOSE(handle, fsp, fd);
922
923 do_log(SMB_VFS_OP_CLOSE, (result >= 0), handle, "%s", fsp->fsp_name);
924
925 return result;
926 }
927
928 static ssize_t smb_full_audit_read(vfs_handle_struct *handle, files_struct *fsp,
929 int fd, void *data, size_t n)
930 {
931 ssize_t result;
932
933 result = SMB_VFS_NEXT_READ(handle, fsp, fd, data, n);
934
935 do_log(SMB_VFS_OP_READ, (result >= 0), handle, "%s", fsp->fsp_name);
936
937 return result;
938 }
939
940 static ssize_t smb_full_audit_pread(vfs_handle_struct *handle, files_struct *fsp,
941 int fd, void *data, size_t n, SMB_OFF_T offset)
942 {
943 ssize_t result;
944
945 result = SMB_VFS_NEXT_PREAD(handle, fsp, fd, data, n, offset);
946
947 do_log(SMB_VFS_OP_PREAD, (result >= 0), handle, "%s", fsp->fsp_name);
948
949 return result;
950 }
951
952 static ssize_t smb_full_audit_write(vfs_handle_struct *handle, files_struct *fsp,
953 int fd, const void *data, size_t n)
954 {
955 ssize_t result;
956
957 result = SMB_VFS_NEXT_WRITE(handle, fsp, fd, data, n);
958
959 do_log(SMB_VFS_OP_WRITE, (result >= 0), handle, "%s", fsp->fsp_name);
960
961 return result;
962 }
963
964 static ssize_t smb_full_audit_pwrite(vfs_handle_struct *handle, files_struct *fsp,
965 int fd, const void *data, size_t n,
966 SMB_OFF_T offset)
967 {
968 ssize_t result;
969
970 result = SMB_VFS_NEXT_PWRITE(handle, fsp, fd, data, n, offset);
971
972 do_log(SMB_VFS_OP_PWRITE, (result >= 0), handle, "%s", fsp->fsp_name);
973
974 return result;
975 }
976
977 static SMB_OFF_T smb_full_audit_lseek(vfs_handle_struct *handle, files_struct *fsp,
978 int filedes, SMB_OFF_T offset, int whence)
979 {
980 ssize_t result;
981
982 result = SMB_VFS_NEXT_LSEEK(handle, fsp, filedes, offset, whence);
983
984 do_log(SMB_VFS_OP_LSEEK, (result != (ssize_t)-1), handle,
985 "%s", fsp->fsp_name);
986
987 return result;
988 }
989
990 static ssize_t smb_full_audit_sendfile(vfs_handle_struct *handle, int tofd,
991 files_struct *fsp, int fromfd,
992 const DATA_BLOB *hdr, SMB_OFF_T offset,
993 size_t n)
994 {
995 ssize_t result;
996
997 result = SMB_VFS_NEXT_SENDFILE(handle, tofd, fsp, fromfd, hdr,
998 offset, n);
999
1000 do_log(SMB_VFS_OP_SENDFILE, (result >= 0), handle,
1001 "%s", fsp->fsp_name);
1002
1003 return result;
1004 }
1005
1006 static int smb_full_audit_rename(vfs_handle_struct *handle, connection_struct *conn,
1007 const char *old, const char *new)
1008 {
1009 int result;
1010
1011 result = SMB_VFS_NEXT_RENAME(handle, conn, old, new);
1012
1013 do_log(SMB_VFS_OP_RENAME, (result >= 0), handle, "%s|%s", old, new);
1014
1015 return result;
1016 }
1017
1018 static int smb_full_audit_fsync(vfs_handle_struct *handle, files_struct *fsp, int fd)
1019 {
1020 int result;
1021
1022 result = SMB_VFS_NEXT_FSYNC(handle, fsp, fd);
1023
1024 do_log(SMB_VFS_OP_FSYNC, (result >= 0), handle, "%s", fsp->fsp_name);
1025
1026 return result;
1027 }
1028
1029 static int smb_full_audit_stat(vfs_handle_struct *handle, connection_struct *conn,
1030 const char *fname, SMB_STRUCT_STAT *sbuf)
1031 {
1032 int result;
1033
1034 result = SMB_VFS_NEXT_STAT(handle, conn, fname, sbuf);
1035
1036 do_log(SMB_VFS_OP_STAT, (result >= 0), handle, "%s", fname);
1037
1038 return result;
1039 }
1040
1041 static int smb_full_audit_fstat(vfs_handle_struct *handle, files_struct *fsp, int fd,
1042 SMB_STRUCT_STAT *sbuf)
1043 {
1044 int result;
1045
1046 result = SMB_VFS_NEXT_FSTAT(handle, fsp, fd, sbuf);
1047
1048 do_log(SMB_VFS_OP_FSTAT, (result >= 0), handle, "%s", fsp->fsp_name);
1049
1050 return result;
1051 }
1052
1053 static int smb_full_audit_lstat(vfs_handle_struct *handle, connection_struct *conn,
1054 const char *path, SMB_STRUCT_STAT *sbuf)
1055 {
1056 int result;
1057
1058 result = SMB_VFS_NEXT_LSTAT(handle, conn, path, sbuf);
1059
1060 do_log(SMB_VFS_OP_LSTAT, (result >= 0), handle, "%s", path);
1061
1062 return result;
1063 }
1064
1065 static int smb_full_audit_unlink(vfs_handle_struct *handle, connection_struct *conn,
1066 const char *path)
1067 {
1068 int result;
1069
1070 result = SMB_VFS_NEXT_UNLINK(handle, conn, path);
1071
1072 do_log(SMB_VFS_OP_UNLINK, (result >= 0), handle, "%s", path);
1073
1074 return result;
1075 }
1076
1077 static int smb_full_audit_chmod(vfs_handle_struct *handle, connection_struct *conn,
1078 const char *path, mode_t mode)
1079 {
1080 int result;
1081
1082 result = SMB_VFS_NEXT_CHMOD(handle, conn, path, mode);
1083
1084 do_log(SMB_VFS_OP_CHMOD, (result >= 0), handle, "%s|%o", path, mode);
1085
1086 return result;
1087 }
1088
1089 static int smb_full_audit_fchmod(vfs_handle_struct *handle, files_struct *fsp, int fd,
1090 mode_t mode)
1091 {
1092 int result;
1093
1094 result = SMB_VFS_NEXT_FCHMOD(handle, fsp, fd, mode);
1095
1096 do_log(SMB_VFS_OP_FCHMOD, (result >= 0), handle,
1097 "%s|%o", fsp->fsp_name, mode);
1098
1099 return result;
1100 }
1101
1102 static int smb_full_audit_chown(vfs_handle_struct *handle, connection_struct *conn,
1103 const char *path, uid_t uid, gid_t gid)
1104 {
1105 int result;
1106
1107 result = SMB_VFS_NEXT_CHOWN(handle, conn, path, uid, gid);
1108
1109 do_log(SMB_VFS_OP_CHOWN, (result >= 0), handle, "%s|%ld|%ld",
1110 path, (long int)uid, (long int)gid);
1111
1112 return result;
1113 }
1114
1115 static int smb_full_audit_fchown(vfs_handle_struct *handle, files_struct *fsp, int fd,
1116 uid_t uid, gid_t gid)
1117 {
1118 int result;
1119
1120 result = SMB_VFS_NEXT_FCHOWN(handle, fsp, fd, uid, gid);
1121
1122 do_log(SMB_VFS_OP_FCHOWN, (result >= 0), handle, "%s|%ld|%ld",
1123 fsp->fsp_name, (long int)uid, (long int)gid);
1124
1125 return result;
1126 }
1127
1128 static int smb_full_audit_chdir(vfs_handle_struct *handle, connection_struct *conn,
1129 const char *path)
1130 {
1131 int result;
1132
1133 result = SMB_VFS_NEXT_CHDIR(handle, conn, path);
1134
1135 do_log(SMB_VFS_OP_CHDIR, (result >= 0), handle, "chdir|%s", path);
1136
1137 return result;
1138 }
1139
1140 static char *smb_full_audit_getwd(vfs_handle_struct *handle, connection_struct *conn,
1141 char *path)
1142 {
1143 char *result;
1144
1145 result = SMB_VFS_NEXT_GETWD(handle, conn, path);
1146
1147 do_log(SMB_VFS_OP_GETWD, (result != NULL), handle, "%s", path);
1148
1149 return result;
1150 }
1151
1152 static int smb_full_audit_utime(vfs_handle_struct *handle, connection_struct *conn,
1153 const char *path, struct utimbuf *times)
1154 {
1155 int result;
1156
1157 result = SMB_VFS_NEXT_UTIME(handle, conn, path, times);
1158
1159 do_log(SMB_VFS_OP_UTIME, (result >= 0), handle, "%s", path);
1160
1161 return result;
1162 }
1163
1164 static int smb_full_audit_ftruncate(vfs_handle_struct *handle, files_struct *fsp,
1165 int fd, SMB_OFF_T len)
1166 {
1167 int result;
1168
1169 result = SMB_VFS_NEXT_FTRUNCATE(handle, fsp, fd, len);
1170
1171 do_log(SMB_VFS_OP_FTRUNCATE, (result >= 0), handle,
1172 "%s", fsp->fsp_name);
1173
1174 return result;
1175 }
1176
1177 static BOOL smb_full_audit_lock(vfs_handle_struct *handle, files_struct *fsp, int fd,
1178 int op, SMB_OFF_T offset, SMB_OFF_T count, int type)
1179 {
1180 BOOL result;
1181
1182 result = SMB_VFS_NEXT_LOCK(handle, fsp, fd, op, offset, count, type);
1183
1184 do_log(SMB_VFS_OP_LOCK, (result >= 0), handle, "%s", fsp->fsp_name);
1185
1186 return result;
1187 }
1188
1189 static int smb_full_audit_symlink(vfs_handle_struct *handle, connection_struct *conn,
1190 const char *oldpath, const char *newpath)
1191 {
1192 int result;
1193
1194 result = SMB_VFS_NEXT_SYMLINK(handle, conn, oldpath, newpath);
1195
1196 do_log(SMB_VFS_OP_SYMLINK, (result >= 0), handle,
1197 "%s|%s", oldpath, newpath);
1198
1199 return result;
1200 }
1201
1202 static int smb_full_audit_readlink(vfs_handle_struct *handle, connection_struct *conn,
1203 const char *path, char *buf, size_t bufsiz)
1204 {
1205 int result;
1206
1207 result = SMB_VFS_NEXT_READLINK(handle, conn, path, buf, bufsiz);
1208
1209 do_log(SMB_VFS_OP_READLINK, (result >= 0), handle, "%s", path);
1210
1211 return result;
1212 }
1213
1214 static int smb_full_audit_link(vfs_handle_struct *handle, connection_struct *conn,
1215 const char *oldpath, const char *newpath)
1216 {
1217 int result;
1218
1219 result = SMB_VFS_NEXT_LINK(handle, conn, oldpath, newpath);
1220
1221 do_log(SMB_VFS_OP_LINK, (result >= 0), handle,
1222 "%s|%s", oldpath, newpath);
1223
1224 return result;
1225 }
1226
1227 static int smb_full_audit_mknod(vfs_handle_struct *handle, connection_struct *conn,
1228 const char *pathname, mode_t mode, SMB_DEV_T dev)
1229 {
1230 int result;
1231
1232 result = SMB_VFS_NEXT_MKNOD(handle, conn, pathname, mode, dev);
1233
1234 do_log(SMB_VFS_OP_MKNOD, (result >= 0), handle, "%s", pathname);
1235
1236 return result;
1237 }
1238
1239 static char *smb_full_audit_realpath(vfs_handle_struct *handle, connection_struct *conn,
1240 const char *path, char *resolved_path)
1241 {
1242 char *result;
1243
1244 result = SMB_VFS_NEXT_REALPATH(handle, conn, path, resolved_path);
1245
1246 do_log(SMB_VFS_OP_REALPATH, (result != NULL), handle, "%s", path);
1247
1248 return result;
1249 }
1250
1251 static size_t smb_full_audit_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
1252 int fd, uint32 security_info,
1253 SEC_DESC **ppdesc)
1254 {
1255 size_t result;
1256
1257 result = SMB_VFS_NEXT_FGET_NT_ACL(handle, fsp, fd, security_info,
1258 ppdesc);
1259
1260 do_log(SMB_VFS_OP_FGET_NT_ACL, (result > 0), handle,
1261 "%s", fsp->fsp_name);
1262
1263 return result;
1264 }
1265
1266 static size_t smb_full_audit_get_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
1267 const char *name, uint32 security_info,
1268 SEC_DESC **ppdesc)
1269 {
1270 size_t result;
1271
1272 result = SMB_VFS_NEXT_GET_NT_ACL(handle, fsp, name, security_info,
1273 ppdesc);
1274
1275 do_log(SMB_VFS_OP_GET_NT_ACL, (result > 0), handle,
1276 "%s", fsp->fsp_name);
1277
1278 return result;
1279 }
1280
1281 static BOOL smb_full_audit_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
1282 int fd, uint32 security_info_sent,
1283 SEC_DESC *psd)
1284 {
1285 BOOL result;
1286
1287 result = SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, fd, security_info_sent,
1288 psd);
1289
1290 do_log(SMB_VFS_OP_FSET_NT_ACL, result, handle, "%s", fsp->fsp_name);
1291
1292 return result;
1293 }
1294
1295 static BOOL smb_full_audit_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
1296 const char *name, uint32 security_info_sent,
1297 SEC_DESC *psd)
1298 {
1299 BOOL result;
1300
1301 result = SMB_VFS_NEXT_SET_NT_ACL(handle, fsp, name, security_info_sent,
1302 psd);
1303
1304 do_log(SMB_VFS_OP_SET_NT_ACL, result, handle, "%s", fsp->fsp_name);
1305
1306 return result;
1307 }
1308
1309 static int smb_full_audit_chmod_acl(vfs_handle_struct *handle, connection_struct *conn,
1310 const char *path, mode_t mode)
1311 {
1312 int result;
1313
1314 result = SMB_VFS_NEXT_CHMOD_ACL(handle, conn, path, mode);
1315
1316 do_log(SMB_VFS_OP_CHMOD_ACL, (result >= 0), handle,
1317 "%s|%o", path, mode);
1318
1319 return result;
1320 }
1321
1322 static int smb_full_audit_fchmod_acl(vfs_handle_struct *handle, files_struct *fsp,
1323 int fd, mode_t mode)
1324 {
1325 int result;
1326
1327 result = SMB_VFS_NEXT_FCHMOD_ACL(handle, fsp, fd, mode);
1328
1329 do_log(SMB_VFS_OP_FCHMOD_ACL, (result >= 0), handle,
1330 "%s|%o", fsp->fsp_name, mode);
1331
1332 return result;
1333 }
1334
1335 static int smb_full_audit_sys_acl_get_entry(vfs_handle_struct *handle,
1336 connection_struct *conn,
1337 SMB_ACL_T theacl, int entry_id,
1338 SMB_ACL_ENTRY_T *entry_p)
1339 {
1340 int result;
1341
1342 result = SMB_VFS_NEXT_SYS_ACL_GET_ENTRY(handle, conn, theacl, entry_id,
1343 entry_p);
1344
1345 do_log(SMB_VFS_OP_SYS_ACL_GET_ENTRY, (result >= 0), handle,
1346 "");
1347
1348 return result;
1349 }
1350
1351 static int smb_full_audit_sys_acl_get_tag_type(vfs_handle_struct *handle,
1352 connection_struct *conn,
1353 SMB_ACL_ENTRY_T entry_d,
1354 SMB_ACL_TAG_T *tag_type_p)
1355 {
1356 int result;
1357
1358 result = SMB_VFS_NEXT_SYS_ACL_GET_TAG_TYPE(handle, conn, entry_d,
1359 tag_type_p);
1360
1361 do_log(SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE, (result >= 0), handle,
1362 "");
1363
1364 return result;
1365 }
1366
1367 static int smb_full_audit_sys_acl_get_permset(vfs_handle_struct *handle,
1368 connection_struct *conn,
1369 SMB_ACL_ENTRY_T entry_d,
1370 SMB_ACL_PERMSET_T *permset_p)
1371 {
1372 int result;
1373
1374 result = SMB_VFS_NEXT_SYS_ACL_GET_PERMSET(handle, conn, entry_d,
1375 permset_p);
1376
1377 do_log(SMB_VFS_OP_SYS_ACL_GET_PERMSET, (result >= 0), handle,
1378 "");
1379
1380 return result;
1381 }
1382
1383 static void * smb_full_audit_sys_acl_get_qualifier(vfs_handle_struct *handle,
1384 connection_struct *conn,
1385 SMB_ACL_ENTRY_T entry_d)
1386 {
1387 void *result;
1388
1389 result = SMB_VFS_NEXT_SYS_ACL_GET_QUALIFIER(handle, conn, entry_d);
1390
1391 do_log(SMB_VFS_OP_SYS_ACL_GET_QUALIFIER, (result != NULL), handle,
1392 "");
1393
1394 return result;
1395 }
1396
1397 static SMB_ACL_T smb_full_audit_sys_acl_get_file(vfs_handle_struct *handle,
1398 connection_struct *conn,
1399 const char *path_p,
1400 SMB_ACL_TYPE_T type)
1401 {
1402 SMB_ACL_T result;
1403
1404 result = SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, conn, path_p, type);
1405
1406 do_log(SMB_VFS_OP_SYS_ACL_GET_FILE, (result != NULL), handle,
1407 "%s", path_p);
1408
1409 return result;
1410 }
1411
1412 static SMB_ACL_T smb_full_audit_sys_acl_get_fd(vfs_handle_struct *handle,
1413 files_struct *fsp, int fd)
1414 {
1415 SMB_ACL_T result;
1416
1417 result = SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp, fd);
1418
1419 do_log(SMB_VFS_OP_SYS_ACL_GET_FD, (result != NULL), handle,
1420 "%s", fsp->fsp_name);
1421
1422 return result;
1423 }
1424
1425 static int smb_full_audit_sys_acl_clear_perms(vfs_handle_struct *handle,
1426 connection_struct *conn,
1427 SMB_ACL_PERMSET_T permset)
1428 {
1429 int result;
1430
1431 result = SMB_VFS_NEXT_SYS_ACL_CLEAR_PERMS(handle, conn, permset);
1432
1433 do_log(SMB_VFS_OP_SYS_ACL_CLEAR_PERMS, (result >= 0), handle,
1434 "");
1435
1436 return result;
1437 }
1438
1439 static int smb_full_audit_sys_acl_add_perm(vfs_handle_struct *handle,
1440 connection_struct *conn,
1441 SMB_ACL_PERMSET_T permset,
1442 SMB_ACL_PERM_T perm)
1443 {
1444 int result;
1445
1446 result = SMB_VFS_NEXT_SYS_ACL_ADD_PERM(handle, conn, permset, perm);
1447
1448 do_log(SMB_VFS_OP_SYS_ACL_ADD_PERM, (result >= 0), handle,
1449 "");
1450
1451 return result;
1452 }
1453
1454 static char * smb_full_audit_sys_acl_to_text(vfs_handle_struct *handle,
1455 connection_struct *conn, SMB_ACL_T theacl,
1456 ssize_t *plen)
1457 {
1458 char * result;
1459
1460 result = SMB_VFS_NEXT_SYS_ACL_TO_TEXT(handle, conn, theacl, plen);
1461
1462 do_log(SMB_VFS_OP_SYS_ACL_TO_TEXT, (result != NULL), handle,
1463 "");
1464
1465 return result;
1466 }
1467
1468 static SMB_ACL_T smb_full_audit_sys_acl_init(vfs_handle_struct *handle,
1469 connection_struct *conn,
1470 int count)
1471 {
1472 SMB_ACL_T result;
1473
1474 result = SMB_VFS_NEXT_SYS_ACL_INIT(handle, conn, count);
1475
1476 do_log(SMB_VFS_OP_SYS_ACL_INIT, (result != NULL), handle,
1477 "");
1478
1479 return result;
1480 }
1481
1482 static int smb_full_audit_sys_acl_create_entry(vfs_handle_struct *handle,
1483 connection_struct *conn, SMB_ACL_T *pacl,
1484 SMB_ACL_ENTRY_T *pentry)
1485 {
1486 int result;
1487
1488 result = SMB_VFS_NEXT_SYS_ACL_CREATE_ENTRY(handle, conn, pacl, pentry);
1489
1490 do_log(SMB_VFS_OP_SYS_ACL_CREATE_ENTRY, (result >= 0), handle,
1491 "");
1492
1493 return result;
1494 }
1495
1496 static int smb_full_audit_sys_acl_set_tag_type(vfs_handle_struct *handle,
1497 connection_struct *conn,
1498 SMB_ACL_ENTRY_T entry,
1499 SMB_ACL_TAG_T tagtype)
1500 {
1501 int result;
1502
1503 result = SMB_VFS_NEXT_SYS_ACL_SET_TAG_TYPE(handle, conn, entry,
1504 tagtype);
1505
1506 do_log(SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE, (result >= 0), handle,
1507 "");
1508
1509 return result;
1510 }
1511
1512 static int smb_full_audit_sys_acl_set_qualifier(vfs_handle_struct *handle,
1513 connection_struct *conn,
1514 SMB_ACL_ENTRY_T entry,
1515 void *qual)
1516 {
1517 int result;
1518
1519 result = SMB_VFS_NEXT_SYS_ACL_SET_QUALIFIER(handle, conn, entry, qual);
1520
1521 do_log(SMB_VFS_OP_SYS_ACL_SET_QUALIFIER, (result >= 0), handle,
1522 "");
1523
1524 return result;
1525 }
1526
1527 static int smb_full_audit_sys_acl_set_permset(vfs_handle_struct *handle,
1528 connection_struct *conn,
1529 SMB_ACL_ENTRY_T entry,
1530 SMB_ACL_PERMSET_T permset)
1531 {
1532 int result;
1533
1534 result = SMB_VFS_NEXT_SYS_ACL_SET_PERMSET(handle, conn, entry, permset);
1535
1536 do_log(SMB_VFS_OP_SYS_ACL_SET_PERMSET, (result >= 0), handle,
1537 "");
1538
1539 return result;
1540 }
1541
1542 static int smb_full_audit_sys_acl_valid(vfs_handle_struct *handle,
1543 connection_struct *conn,
1544 SMB_ACL_T theacl )
1545 {
1546 int result;
1547
1548 result = SMB_VFS_NEXT_SYS_ACL_VALID(handle, conn, theacl);
1549
1550 do_log(SMB_VFS_OP_SYS_ACL_VALID, (result >= 0), handle,
1551 "");
1552
1553 return result;
1554 }
1555
1556 static int smb_full_audit_sys_acl_set_file(vfs_handle_struct *handle,
1557 connection_struct *conn,
1558 const char *name, SMB_ACL_TYPE_T acltype,
1559 SMB_ACL_T theacl)
1560 {
1561 int result;
1562
1563 result = SMB_VFS_NEXT_SYS_ACL_SET_FILE(handle, conn, name, acltype,
1564 theacl);
1565
1566 do_log(SMB_VFS_OP_SYS_ACL_SET_FILE, (result >= 0), handle,
1567 "%s", name);
1568
1569 return result;
1570 }
1571
1572 static int smb_full_audit_sys_acl_set_fd(vfs_handle_struct *handle, files_struct *fsp,
1573 int fd, SMB_ACL_T theacl)
1574 {
1575 int result;
1576
1577 result = SMB_VFS_NEXT_SYS_ACL_SET_FD(handle, fsp, fd, theacl);
1578
1579 do_log(SMB_VFS_OP_SYS_ACL_SET_FD, (result >= 0), handle,
1580 "%s", fsp->fsp_name);
1581
1582 return result;
1583 }
1584
1585 static int smb_full_audit_sys_acl_delete_def_file(vfs_handle_struct *handle,
1586 connection_struct *conn,
1587 const char *path)
1588 {
1589 int result;
1590
1591 result = SMB_VFS_NEXT_SYS_ACL_DELETE_DEF_FILE(handle, conn, path);
1592
1593 do_log(SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE, (result >= 0), handle,
1594 "%s", path);
1595
1596 return result;
1597 }
1598
1599 static int smb_full_audit_sys_acl_get_perm(vfs_handle_struct *handle,
1600 connection_struct *conn,
1601 SMB_ACL_PERMSET_T permset,
1602 SMB_ACL_PERM_T perm)
1603 {
1604 int result;
1605
1606 result = SMB_VFS_NEXT_SYS_ACL_GET_PERM(handle, conn, permset, perm);
1607
1608 do_log(SMB_VFS_OP_SYS_ACL_GET_PERM, (result >= 0), handle,
1609 "");
1610
1611 return result;
1612 }
1613
1614 static int smb_full_audit_sys_acl_free_text(vfs_handle_struct *handle,
1615 connection_struct *conn,
1616 char *text)
1617 {
1618 int result;
1619
1620 result = SMB_VFS_NEXT_SYS_ACL_FREE_TEXT(handle, conn, text);
1621
1622 do_log(SMB_VFS_OP_SYS_ACL_FREE_TEXT, (result >= 0), handle,
1623 "");
1624
1625 return result;
1626 }
1627
1628 static int smb_full_audit_sys_acl_free_acl(vfs_handle_struct *handle,
1629 connection_struct *conn,
1630 SMB_ACL_T posix_acl)
1631 {
1632 int result;
1633
1634 result = SMB_VFS_NEXT_SYS_ACL_FREE_ACL(handle, conn, posix_acl);
1635
1636 do_log(SMB_VFS_OP_SYS_ACL_FREE_ACL, (result >= 0), handle,
1637 "");
1638
1639 return result;
1640 }
1641
1642 static int smb_full_audit_sys_acl_free_qualifier(vfs_handle_struct *handle,
1643 connection_struct *conn,
1644 void *qualifier,
1645 SMB_ACL_TAG_T tagtype)
1646 {
1647 int result;
1648
1649 result = SMB_VFS_NEXT_SYS_ACL_FREE_QUALIFIER(handle, conn, qualifier,
1650 tagtype);
1651
1652 do_log(SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER, (result >= 0), handle,
1653 "");
1654
1655 return result;
1656 }
1657
1658 static ssize_t smb_full_audit_getxattr(struct vfs_handle_struct *handle,
1659 struct connection_struct *conn, const char *path,
1660 const char *name, void *value, size_t size)
1661 {
1662 ssize_t result;
1663
1664 result = SMB_VFS_NEXT_GETXATTR(handle, conn, path, name, value, size);
1665
1666 do_log(SMB_VFS_OP_GETXATTR, (result >= 0), handle,
1667 "%s|%s", path, name);
1668
1669 return result;
1670 }
1671
1672 static ssize_t smb_full_audit_lgetxattr(struct vfs_handle_struct *handle,
1673 struct connection_struct *conn,
1674 const char *path, const char *name,
1675 void *value, size_t size)
1676 {
1677 ssize_t result;
1678
1679 result = SMB_VFS_NEXT_LGETXATTR(handle, conn, path, name, value, size);
1680
1681 do_log(SMB_VFS_OP_LGETXATTR, (result >= 0), handle,
1682 "%s|%s", path, name);
1683
1684 return result;
1685 }
1686
1687 static ssize_t smb_full_audit_fgetxattr(struct vfs_handle_struct *handle,
1688 struct files_struct *fsp, int fd,
1689 const char *name, void *value, size_t size)
1690 {
1691 ssize_t result;
1692
1693 result = SMB_VFS_NEXT_FGETXATTR(handle, fsp, fd, name, value, size);
1694
1695 do_log(SMB_VFS_OP_FGETXATTR, (result >= 0), handle,
1696 "%s|%s", fsp->fsp_name, name);
1697
1698 return result;
1699 }
1700
1701 static ssize_t smb_full_audit_listxattr(struct vfs_handle_struct *handle,
1702 struct connection_struct *conn,
1703 const char *path, char *list, size_t size)
1704 {
1705 ssize_t result;
1706
1707 result = SMB_VFS_NEXT_LISTXATTR(handle, conn, path, list, size);
1708
1709 do_log(SMB_VFS_OP_LISTXATTR, (result >= 0), handle, "%s", path);
1710
1711 return result;
1712 }
1713
1714 static ssize_t smb_full_audit_llistxattr(struct vfs_handle_struct *handle,
1715 struct connection_struct *conn,
1716 const char *path, char *list, size_t size)
1717 {
1718 ssize_t result;
1719
1720 result = SMB_VFS_NEXT_LLISTXATTR(handle, conn, path, list, size);
1721
1722 do_log(SMB_VFS_OP_LLISTXATTR, (result >= 0), handle, "%s", path);
1723
1724 return result;
1725 }
1726
1727 static ssize_t smb_full_audit_flistxattr(struct vfs_handle_struct *handle,
1728 struct files_struct *fsp, int fd, char *list,
1729 size_t size)
1730 {
1731 ssize_t result;
1732
1733 result = SMB_VFS_NEXT_FLISTXATTR(handle, fsp, fd, list, size);
1734
1735 do_log(SMB_VFS_OP_FLISTXATTR, (result >= 0), handle,
1736 "%s", fsp->fsp_name);
1737
1738 return result;
1739 }
1740
1741 static int smb_full_audit_removexattr(struct vfs_handle_struct *handle,
1742 struct connection_struct *conn, const char *path,
1743 const char *name)
1744 {
1745 int result;
1746
1747 result = SMB_VFS_NEXT_REMOVEXATTR(handle, conn, path, name);
1748
1749 do_log(SMB_VFS_OP_REMOVEXATTR, (result >= 0), handle,
1750 "%s|%s", path, name);
1751
1752 return result;
1753 }
1754
1755 static int smb_full_audit_lremovexattr(struct vfs_handle_struct *handle,
1756 struct connection_struct *conn, const char *path,
1757 const char *name)
1758 {
1759 int result;
1760
1761 result = SMB_VFS_NEXT_LREMOVEXATTR(handle, conn, path, name);
1762
1763 do_log(SMB_VFS_OP_LREMOVEXATTR, (result >= 0), handle,
1764 "%s|%s", path, name);
1765
1766 return result;
1767 }
1768
1769 static int smb_full_audit_fremovexattr(struct vfs_handle_struct *handle,
1770 struct files_struct *fsp, int fd,
1771 const char *name)
1772 {
1773 int result;
1774
1775 result = SMB_VFS_NEXT_FREMOVEXATTR(handle, fsp, fd, name);
1776
1777 do_log(SMB_VFS_OP_FREMOVEXATTR, (result >= 0), handle,
1778 "%s|%s", fsp->fsp_name, name);
1779
1780 return result;
1781 }
1782
1783 static int smb_full_audit_setxattr(struct vfs_handle_struct *handle,
1784 struct connection_struct *conn, const char *path,
1785 const char *name, const void *value, size_t size,
1786 int flags)
1787 {
1788 int result;
1789
1790 result = SMB_VFS_NEXT_SETXATTR(handle, conn, path, name, value, size,
1791 flags);
1792
1793 do_log(SMB_VFS_OP_SETXATTR, (result >= 0), handle,
1794 "%s|%s", path, name);
1795
1796 return result;
1797 }
1798
1799 static int smb_full_audit_lsetxattr(struct vfs_handle_struct *handle,
1800 struct connection_struct *conn, const char *path,
1801 const char *name, const void *value, size_t size,
1802 int flags)
1803 {
1804 int result;
1805
1806 result = SMB_VFS_NEXT_LSETXATTR(handle, conn, path, name, value, size,
1807 flags);
1808
1809 do_log(SMB_VFS_OP_LSETXATTR, (result >= 0), handle,
1810 "%s|%s", path, name);
1811
1812 return result;
1813 }
1814
1815 static int smb_full_audit_fsetxattr(struct vfs_handle_struct *handle,
1816 struct files_struct *fsp, int fd, const char *name,
1817 const void *value, size_t size, int flags)
1818 {
1819 int result;
1820
1821 result = SMB_VFS_NEXT_FSETXATTR(handle, fsp, fd, name, value, size,
1822 flags);
1823
1824 do_log(SMB_VFS_OP_FSETXATTR, (result >= 0), handle,
1825 "%s|%s", fsp->fsp_name, name);
1826
1827 return result;
1828 }
1829
1830 NTSTATUS vfs_full_audit_init(void)
1831 {
1832 NTSTATUS ret = smb_register_vfs(SMB_VFS_INTERFACE_VERSION,
1833 "full_audit", audit_op_tuples);
1834
1835 if (!NT_STATUS_IS_OK(ret))
1836 return ret;
1837
1838 vfs_full_audit_debug_level = debug_add_class("full_audit");
1839 if (vfs_full_audit_debug_level == -1) {
1840 vfs_full_audit_debug_level = DBGC_VFS;
1841 DEBUG(0, ("vfs_full_audit: Couldn't register custom debugging "
1842 "class!\n"));
1843 } else {
1844 DEBUG(10, ("vfs_full_audit: Debug class number of "
1845 "'full_audit': %d\n", vfs_full_audit_debug_level));
1846 }
1847
1848 return ret;
1849 }
1850
Samba GIT mirror