fix issue with password changes done via NTLMSSP
[Samba.git] / examples / VFS / audit.c
blobe2feedf83ba1ac284bbd44a2a3d8450fc5be4e44
1 /*
2 * Auditing VFS module for samba. Log selected file operations to syslog
3 * facility.
5 * Copyright (C) Tim Potter, 1999-2000
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
22 #include "config.h"
23 #include <stdio.h>
24 #include <sys/stat.h>
25 #ifdef HAVE_UTIME_H
26 #include <utime.h>
27 #endif
28 #ifdef HAVE_DIRENT_H
29 #include <dirent.h>
30 #endif
31 #include <syslog.h>
32 #ifdef HAVE_FCNTL_H
33 #include <fcntl.h>
34 #endif
35 #include <errno.h>
36 #include <string.h>
37 #include <includes.h>
38 #include <vfs.h>
40 #ifndef SYSLOG_FACILITY
41 #define SYSLOG_FACILITY LOG_USER
42 #endif
44 #ifndef SYSLOG_PRIORITY
45 #define SYSLOG_PRIORITY LOG_NOTICE
46 #endif
48 /* Function prototypes */
50 int audit_connect(struct connection_struct *conn, const char *svc, const char *user);
51 void audit_disconnect(struct connection_struct *conn);
52 DIR *audit_opendir(struct connection_struct *conn, const char *fname);
53 int audit_mkdir(struct connection_struct *conn, const char *path, mode_t mode);
54 int audit_rmdir(struct connection_struct *conn, const char *path);
55 int audit_open(struct connection_struct *conn, const char *fname, int flags, mode_t mode);
56 int audit_close(struct files_struct *fsp, int fd);
57 int audit_rename(struct connection_struct *conn, const char *old, const char *new);
58 int audit_unlink(struct connection_struct *conn, const char *path);
59 int audit_chmod(struct connection_struct *conn, const char *path, mode_t mode);
60 int audit_chmod_acl(struct connection_struct *conn, const char *name, mode_t mode);
61 int audit_fchmod(struct files_struct *fsp, int fd, mode_t mode);
62 int audit_fchmod_acl(struct files_struct *fsp, int fd, mode_t mode);
64 /* VFS operations */
66 extern struct vfs_ops default_vfs_ops; /* For passthrough operation */
68 struct vfs_ops audit_ops = {
70 /* Disk operations */
72 audit_connect,
73 audit_disconnect,
74 NULL, /* disk free */
76 /* Directory operations */
78 audit_opendir,
79 NULL, /* readdir */
80 audit_mkdir,
81 audit_rmdir,
82 NULL, /* closedir */
84 /* File operations */
86 audit_open,
87 audit_close,
88 NULL, /* read */
89 NULL, /* write */
90 NULL, /* lseek */
91 NULL, /* sendfile */
92 audit_rename,
93 NULL, /* fsync */
94 NULL, /* stat */
95 NULL, /* fstat */
96 NULL, /* lstat */
97 audit_unlink,
98 audit_chmod,
99 audit_fchmod,
100 NULL, /* chown */
101 NULL, /* fchown */
102 NULL, /* chdir */
103 NULL, /* getwd */
104 NULL, /* utime */
105 NULL, /* ftruncate */
106 NULL, /* lock */
107 NULL, /* symlink */
108 NULL, /* readlink */
109 NULL, /* link */
110 NULL, /* mknod */
111 NULL, /* realpath */
112 NULL, /* fget_nt_acl */
113 NULL, /* get_nt_acl */
114 NULL, /* fset_nt_acl */
115 NULL, /* set_nt_acl */
117 audit_chmod_acl, /* chmod_acl */
118 audit_fchmod_acl, /* fchmod_acl */
120 NULL, /* sys_acl_get_entry */
121 NULL, /* sys_acl_get_tag_type */
122 NULL, /* sys_acl_get_permset */
123 NULL, /*sys_acl_get_qualifier */
124 NULL, /* sys_acl_get_file */
125 NULL, /* sys_acl_get_fd */
126 NULL, /* sys_acl_clear_perms */
127 NULL, /* sys_acl_add_perm */
128 NULL, /* sys_acl_to_text */
129 NULL, /* sys_acl_init */
130 NULL, /* sys_acl_create_entry */
131 NULL, /* sys_acl_set_tag_type */
132 NULL, /* sys_acl_set_qualifier */
133 NULL, /* sys_acl_set_permset */
134 NULL, /* sys_acl_valid */
135 NULL, /* sys_acl_set_file */
136 NULL, /* sys_acl_set_fd */
137 NULL, /* sys_acl_delete_def_file */
138 NULL, /* sys_acl_get_perm */
139 NULL, /* sys_acl_free_text */
140 NULL, /* sys_acl_free_acl */
141 NULL /* sys_acl_free_qualifier */
144 /* VFS initialisation function. Return initialised vfs_ops structure
145 back to SAMBA. */
147 struct vfs_ops *vfs_init(int *vfs_version, struct vfs_ops *def_vfs_ops)
149 struct vfs_ops tmp_ops;
151 *vfs_version = SMB_VFS_INTERFACE_VERSION;
152 memcpy(&tmp_ops, def_vfs_ops, sizeof(struct vfs_ops));
154 tmp_ops.connect = audit_connect;
155 tmp_ops.disconnect = audit_disconnect;
156 tmp_ops.opendir = audit_opendir;
157 tmp_ops.mkdir = audit_mkdir;
158 tmp_ops.rmdir = audit_rmdir;
159 tmp_ops.open = audit_open;
160 tmp_ops.close = audit_close;
161 tmp_ops.rename = audit_rename;
162 tmp_ops.unlink = audit_unlink;
163 tmp_ops.chmod = audit_chmod;
164 tmp_ops.chmod_acl = audit_chmod_acl;
165 tmp_ops.fchmod = audit_fchmod;
166 tmp_ops.fchmod_acl = audit_fchmod_acl;
168 memcpy(&audit_ops, &tmp_ops, sizeof(struct vfs_ops));
170 openlog("smbd_audit", LOG_PID, SYSLOG_FACILITY);
171 syslog(SYSLOG_PRIORITY, "VFS_INIT: vfs_ops loaded\n");
172 return &audit_ops;
175 /* Implementation of vfs_ops. Pass everything on to the default
176 operation but log event first. */
178 int audit_connect(struct connection_struct *conn, const char *svc, const char *user)
180 syslog(SYSLOG_PRIORITY, "connect to service %s by user %s\n",
181 svc, user);
183 return default_vfs_ops.connect(conn, svc, user);
186 void audit_disconnect(struct connection_struct *conn)
188 syslog(SYSLOG_PRIORITY, "disconnected\n");
189 default_vfs_ops.disconnect(conn);
192 DIR *audit_opendir(struct connection_struct *conn, const char *fname)
194 DIR *result = default_vfs_ops.opendir(conn, fname);
196 syslog(SYSLOG_PRIORITY, "opendir %s %s%s\n",
197 fname,
198 (result == NULL) ? "failed: " : "",
199 (result == NULL) ? strerror(errno) : "");
201 return result;
204 int audit_mkdir(struct connection_struct *conn, const char *path, mode_t mode)
206 int result = default_vfs_ops.mkdir(conn, path, mode);
208 syslog(SYSLOG_PRIORITY, "mkdir %s %s%s\n",
209 path,
210 (result < 0) ? "failed: " : "",
211 (result < 0) ? strerror(errno) : "");
213 return result;
216 int audit_rmdir(struct connection_struct *conn, const char *path)
218 int result = default_vfs_ops.rmdir(conn, path);
220 syslog(SYSLOG_PRIORITY, "rmdir %s %s%s\n",
221 path,
222 (result < 0) ? "failed: " : "",
223 (result < 0) ? strerror(errno) : "");
225 return result;
228 int audit_open(struct connection_struct *conn, const char *fname, int flags, mode_t mode)
230 int result = default_vfs_ops.open(conn, fname, flags, mode);
232 syslog(SYSLOG_PRIORITY, "open %s (fd %d) %s%s%s\n",
233 fname, result,
234 ((flags & O_WRONLY) || (flags & O_RDWR)) ? "for writing " : "",
235 (result < 0) ? "failed: " : "",
236 (result < 0) ? strerror(errno) : "");
238 return result;
241 int audit_close(struct files_struct *fsp, int fd)
243 int result = default_vfs_ops.close(fsp, fd);
245 syslog(SYSLOG_PRIORITY, "close fd %d %s%s\n",
247 (result < 0) ? "failed: " : "",
248 (result < 0) ? strerror(errno) : "");
250 return result;
253 int audit_rename(struct connection_struct *conn, const char *old, const char *new)
255 int result = default_vfs_ops.rename(conn, old, new);
257 syslog(SYSLOG_PRIORITY, "rename %s -> %s %s%s\n",
258 old, new,
259 (result < 0) ? "failed: " : "",
260 (result < 0) ? strerror(errno) : "");
262 return result;
265 int audit_unlink(struct connection_struct *conn, const char *path)
267 int result = default_vfs_ops.unlink(conn, path);
269 syslog(SYSLOG_PRIORITY, "unlink %s %s%s\n",
270 path,
271 (result < 0) ? "failed: " : "",
272 (result < 0) ? strerror(errno) : "");
274 return result;
277 int audit_chmod(struct connection_struct *conn, const char *path, mode_t mode)
279 int result = default_vfs_ops.chmod(conn, path, mode);
281 syslog(SYSLOG_PRIORITY, "chmod %s mode 0x%x %s%s\n",
282 path, mode,
283 (result < 0) ? "failed: " : "",
284 (result < 0) ? strerror(errno) : "");
286 return result;
289 int audit_chmod_acl(struct connection_struct *conn, const char *path, mode_t mode)
291 int result = default_vfs_ops.chmod_acl(conn, path, mode);
293 syslog(SYSLOG_PRIORITY, "chmod_acl %s mode 0x%x %s%s\n",
294 path, mode,
295 (result < 0) ? "failed: " : "",
296 (result < 0) ? strerror(errno) : "");
298 return result;
301 int audit_fchmod(struct files_struct *fsp, int fd, mode_t mode)
303 int result = default_vfs_ops.fchmod(fsp, fd, mode);
305 syslog(SYSLOG_PRIORITY, "fchmod %s mode 0x%x %s%s\n",
306 fsp->fsp_name, mode,
307 (result < 0) ? "failed: " : "",
308 (result < 0) ? strerror(errno) : "");
310 return result;
313 int audit_fchmod_acl(struct files_struct *fsp, int fd, mode_t mode)
315 int result = default_vfs_ops.fchmod_acl(fsp, fd, mode);
317 syslog(SYSLOG_PRIORITY, "fchmod_acl %s mode 0x%x %s%s\n",
318 fsp->fsp_name, mode,
319 (result < 0) ? "failed: " : "",
320 (result < 0) ? strerror(errno) : "");
322 return result;