2 * Auditing VFS module for samba. Log selected file operations to syslog
5 * Copyright (C) Tim Potter, 1999-2000
6 * Copyright (C) Alexander Bokovoy, 2002
7 * Copyright (C) John H Terpstra, 2003
8 * Copyright (C) Stefan (metze) Metzmacher, 2003
9 * Copyright (C) Volker Lendecke, 2004
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 3 of the License, or
14 * (at your option) any later version.
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, see <http://www.gnu.org/licenses/>.
26 * This module implements parseable logging for all Samba VFS operations.
28 * You use it as follows:
32 * vfs objects = full_audit
33 * full_audit:prefix = %u|%I
34 * full_audit:success = open opendir
35 * full_audit:failure = all
37 * vfs op can be "all" which means log all operations.
38 * vfs op can be "none" which means no logging.
40 * This leads to syslog entries of the form:
41 * smbd_audit: nobody|192.168.234.1|opendir|ok|.
42 * smbd_audit: nobody|192.168.234.1|open|fail (File not found)|r|x.txt
44 * where "nobody" is the connected username and "192.168.234.1" is the
45 * client's IP address.
49 * prefix: A macro expansion template prepended to the syslog entry.
51 * success: A list of VFS operations for which a successful completion should
52 * be logged. Defaults to no logging at all. The special operation "all" logs
53 * - you guessed it - everything.
55 * failure: A list of VFS operations for which failure to complete should be
56 * logged. Defaults to logging everything.
62 static int vfs_full_audit_debug_level
= DBGC_VFS
;
64 struct vfs_full_audit_private_data
{
65 struct bitmap
*success_ops
;
66 struct bitmap
*failure_ops
;
70 #define DBGC_CLASS vfs_full_audit_debug_level
72 typedef enum _vfs_op_type
{
77 SMB_VFS_OP_CONNECT
= 0,
78 SMB_VFS_OP_DISCONNECT
,
82 SMB_VFS_OP_GET_SHADOW_COPY_DATA
,
84 SMB_VFS_OP_FS_CAPABILITIES
,
86 /* Directory operations */
96 SMB_VFS_OP_INIT_SEARCH_OP
,
101 SMB_VFS_OP_CREATE_FILE
,
115 SMB_VFS_OP_GET_ALLOC_SIZE
,
125 SMB_VFS_OP_FTRUNCATE
,
127 SMB_VFS_OP_KERNEL_FLOCK
,
128 SMB_VFS_OP_LINUX_SETLEASE
,
135 SMB_VFS_OP_NOTIFY_WATCH
,
137 SMB_VFS_OP_FILE_ID_CREATE
,
138 SMB_VFS_OP_STREAMINFO
,
139 SMB_VFS_OP_GET_REAL_FILENAME
,
140 SMB_VFS_OP_CONNECTPATH
,
141 SMB_VFS_OP_BRL_LOCK_WINDOWS
,
142 SMB_VFS_OP_BRL_UNLOCK_WINDOWS
,
143 SMB_VFS_OP_BRL_CANCEL_WINDOWS
,
144 SMB_VFS_OP_STRICT_LOCK
,
145 SMB_VFS_OP_STRICT_UNLOCK
,
146 SMB_VFS_OP_TRANSLATE_NAME
,
148 /* NT ACL operations. */
150 SMB_VFS_OP_FGET_NT_ACL
,
151 SMB_VFS_OP_GET_NT_ACL
,
152 SMB_VFS_OP_FSET_NT_ACL
,
154 /* POSIX ACL operations. */
156 SMB_VFS_OP_CHMOD_ACL
,
157 SMB_VFS_OP_FCHMOD_ACL
,
159 SMB_VFS_OP_SYS_ACL_GET_ENTRY
,
160 SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE
,
161 SMB_VFS_OP_SYS_ACL_GET_PERMSET
,
162 SMB_VFS_OP_SYS_ACL_GET_QUALIFIER
,
163 SMB_VFS_OP_SYS_ACL_GET_FILE
,
164 SMB_VFS_OP_SYS_ACL_GET_FD
,
165 SMB_VFS_OP_SYS_ACL_CLEAR_PERMS
,
166 SMB_VFS_OP_SYS_ACL_ADD_PERM
,
167 SMB_VFS_OP_SYS_ACL_TO_TEXT
,
168 SMB_VFS_OP_SYS_ACL_INIT
,
169 SMB_VFS_OP_SYS_ACL_CREATE_ENTRY
,
170 SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE
,
171 SMB_VFS_OP_SYS_ACL_SET_QUALIFIER
,
172 SMB_VFS_OP_SYS_ACL_SET_PERMSET
,
173 SMB_VFS_OP_SYS_ACL_VALID
,
174 SMB_VFS_OP_SYS_ACL_SET_FILE
,
175 SMB_VFS_OP_SYS_ACL_SET_FD
,
176 SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE
,
177 SMB_VFS_OP_SYS_ACL_GET_PERM
,
178 SMB_VFS_OP_SYS_ACL_FREE_TEXT
,
179 SMB_VFS_OP_SYS_ACL_FREE_ACL
,
180 SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER
,
184 SMB_VFS_OP_LGETXATTR
,
185 SMB_VFS_OP_FGETXATTR
,
186 SMB_VFS_OP_LISTXATTR
,
187 SMB_VFS_OP_LLISTXATTR
,
188 SMB_VFS_OP_FLISTXATTR
,
189 SMB_VFS_OP_REMOVEXATTR
,
190 SMB_VFS_OP_LREMOVEXATTR
,
191 SMB_VFS_OP_FREMOVEXATTR
,
193 SMB_VFS_OP_LSETXATTR
,
194 SMB_VFS_OP_FSETXATTR
,
198 SMB_VFS_OP_AIO_WRITE
,
199 SMB_VFS_OP_AIO_RETURN
,
200 SMB_VFS_OP_AIO_CANCEL
,
201 SMB_VFS_OP_AIO_ERROR
,
202 SMB_VFS_OP_AIO_FSYNC
,
203 SMB_VFS_OP_AIO_SUSPEND
,
204 SMB_VFS_OP_AIO_FORCE
,
206 /* offline operations */
207 SMB_VFS_OP_IS_OFFLINE
,
208 SMB_VFS_OP_SET_OFFLINE
,
210 /* This should always be last enum value */
215 /* The following array *must* be in the same order as defined in vfs.h */
221 { SMB_VFS_OP_CONNECT
, "connect" },
222 { SMB_VFS_OP_DISCONNECT
, "disconnect" },
223 { SMB_VFS_OP_DISK_FREE
, "disk_free" },
224 { SMB_VFS_OP_GET_QUOTA
, "get_quota" },
225 { SMB_VFS_OP_SET_QUOTA
, "set_quota" },
226 { SMB_VFS_OP_GET_SHADOW_COPY_DATA
, "get_shadow_copy_data" },
227 { SMB_VFS_OP_STATVFS
, "statvfs" },
228 { SMB_VFS_OP_FS_CAPABILITIES
, "fs_capabilities" },
229 { SMB_VFS_OP_OPENDIR
, "opendir" },
230 { SMB_VFS_OP_READDIR
, "readdir" },
231 { SMB_VFS_OP_SEEKDIR
, "seekdir" },
232 { SMB_VFS_OP_TELLDIR
, "telldir" },
233 { SMB_VFS_OP_REWINDDIR
, "rewinddir" },
234 { SMB_VFS_OP_MKDIR
, "mkdir" },
235 { SMB_VFS_OP_RMDIR
, "rmdir" },
236 { SMB_VFS_OP_CLOSEDIR
, "closedir" },
237 { SMB_VFS_OP_INIT_SEARCH_OP
, "init_search_op" },
238 { SMB_VFS_OP_OPEN
, "open" },
239 { SMB_VFS_OP_CREATE_FILE
, "create_file" },
240 { SMB_VFS_OP_CLOSE
, "close" },
241 { SMB_VFS_OP_READ
, "read" },
242 { SMB_VFS_OP_PREAD
, "pread" },
243 { SMB_VFS_OP_WRITE
, "write" },
244 { SMB_VFS_OP_PWRITE
, "pwrite" },
245 { SMB_VFS_OP_LSEEK
, "lseek" },
246 { SMB_VFS_OP_SENDFILE
, "sendfile" },
247 { SMB_VFS_OP_RECVFILE
, "recvfile" },
248 { SMB_VFS_OP_RENAME
, "rename" },
249 { SMB_VFS_OP_FSYNC
, "fsync" },
250 { SMB_VFS_OP_STAT
, "stat" },
251 { SMB_VFS_OP_FSTAT
, "fstat" },
252 { SMB_VFS_OP_LSTAT
, "lstat" },
253 { SMB_VFS_OP_GET_ALLOC_SIZE
, "get_alloc_size" },
254 { SMB_VFS_OP_UNLINK
, "unlink" },
255 { SMB_VFS_OP_CHMOD
, "chmod" },
256 { SMB_VFS_OP_FCHMOD
, "fchmod" },
257 { SMB_VFS_OP_CHOWN
, "chown" },
258 { SMB_VFS_OP_FCHOWN
, "fchown" },
259 { SMB_VFS_OP_LCHOWN
, "lchown" },
260 { SMB_VFS_OP_CHDIR
, "chdir" },
261 { SMB_VFS_OP_GETWD
, "getwd" },
262 { SMB_VFS_OP_NTIMES
, "ntimes" },
263 { SMB_VFS_OP_FTRUNCATE
, "ftruncate" },
264 { SMB_VFS_OP_LOCK
, "lock" },
265 { SMB_VFS_OP_KERNEL_FLOCK
, "kernel_flock" },
266 { SMB_VFS_OP_LINUX_SETLEASE
, "linux_setlease" },
267 { SMB_VFS_OP_GETLOCK
, "getlock" },
268 { SMB_VFS_OP_SYMLINK
, "symlink" },
269 { SMB_VFS_OP_READLINK
, "readlink" },
270 { SMB_VFS_OP_LINK
, "link" },
271 { SMB_VFS_OP_MKNOD
, "mknod" },
272 { SMB_VFS_OP_REALPATH
, "realpath" },
273 { SMB_VFS_OP_NOTIFY_WATCH
, "notify_watch" },
274 { SMB_VFS_OP_CHFLAGS
, "chflags" },
275 { SMB_VFS_OP_FILE_ID_CREATE
, "file_id_create" },
276 { SMB_VFS_OP_STREAMINFO
, "streaminfo" },
277 { SMB_VFS_OP_GET_REAL_FILENAME
, "get_real_filename" },
278 { SMB_VFS_OP_CONNECTPATH
, "connectpath" },
279 { SMB_VFS_OP_BRL_LOCK_WINDOWS
, "brl_lock_windows" },
280 { SMB_VFS_OP_BRL_UNLOCK_WINDOWS
, "brl_unlock_windows" },
281 { SMB_VFS_OP_BRL_CANCEL_WINDOWS
, "brl_cancel_windows" },
282 { SMB_VFS_OP_STRICT_LOCK
, "strict_lock" },
283 { SMB_VFS_OP_STRICT_UNLOCK
, "strict_unlock" },
284 { SMB_VFS_OP_TRANSLATE_NAME
, "translate_name" },
285 { SMB_VFS_OP_FGET_NT_ACL
, "fget_nt_acl" },
286 { SMB_VFS_OP_GET_NT_ACL
, "get_nt_acl" },
287 { SMB_VFS_OP_FSET_NT_ACL
, "fset_nt_acl" },
288 { SMB_VFS_OP_CHMOD_ACL
, "chmod_acl" },
289 { SMB_VFS_OP_FCHMOD_ACL
, "fchmod_acl" },
290 { SMB_VFS_OP_SYS_ACL_GET_ENTRY
, "sys_acl_get_entry" },
291 { SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE
, "sys_acl_get_tag_type" },
292 { SMB_VFS_OP_SYS_ACL_GET_PERMSET
, "sys_acl_get_permset" },
293 { SMB_VFS_OP_SYS_ACL_GET_QUALIFIER
, "sys_acl_get_qualifier" },
294 { SMB_VFS_OP_SYS_ACL_GET_FILE
, "sys_acl_get_file" },
295 { SMB_VFS_OP_SYS_ACL_GET_FD
, "sys_acl_get_fd" },
296 { SMB_VFS_OP_SYS_ACL_CLEAR_PERMS
, "sys_acl_clear_perms" },
297 { SMB_VFS_OP_SYS_ACL_ADD_PERM
, "sys_acl_add_perm" },
298 { SMB_VFS_OP_SYS_ACL_TO_TEXT
, "sys_acl_to_text" },
299 { SMB_VFS_OP_SYS_ACL_INIT
, "sys_acl_init" },
300 { SMB_VFS_OP_SYS_ACL_CREATE_ENTRY
, "sys_acl_create_entry" },
301 { SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE
, "sys_acl_set_tag_type" },
302 { SMB_VFS_OP_SYS_ACL_SET_QUALIFIER
, "sys_acl_set_qualifier" },
303 { SMB_VFS_OP_SYS_ACL_SET_PERMSET
, "sys_acl_set_permset" },
304 { SMB_VFS_OP_SYS_ACL_VALID
, "sys_acl_valid" },
305 { SMB_VFS_OP_SYS_ACL_SET_FILE
, "sys_acl_set_file" },
306 { SMB_VFS_OP_SYS_ACL_SET_FD
, "sys_acl_set_fd" },
307 { SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE
, "sys_acl_delete_def_file" },
308 { SMB_VFS_OP_SYS_ACL_GET_PERM
, "sys_acl_get_perm" },
309 { SMB_VFS_OP_SYS_ACL_FREE_TEXT
, "sys_acl_free_text" },
310 { SMB_VFS_OP_SYS_ACL_FREE_ACL
, "sys_acl_free_acl" },
311 { SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER
, "sys_acl_free_qualifier" },
312 { SMB_VFS_OP_GETXATTR
, "getxattr" },
313 { SMB_VFS_OP_LGETXATTR
, "lgetxattr" },
314 { SMB_VFS_OP_FGETXATTR
, "fgetxattr" },
315 { SMB_VFS_OP_LISTXATTR
, "listxattr" },
316 { SMB_VFS_OP_LLISTXATTR
, "llistxattr" },
317 { SMB_VFS_OP_FLISTXATTR
, "flistxattr" },
318 { SMB_VFS_OP_REMOVEXATTR
, "removexattr" },
319 { SMB_VFS_OP_LREMOVEXATTR
, "lremovexattr" },
320 { SMB_VFS_OP_FREMOVEXATTR
, "fremovexattr" },
321 { SMB_VFS_OP_SETXATTR
, "setxattr" },
322 { SMB_VFS_OP_LSETXATTR
, "lsetxattr" },
323 { SMB_VFS_OP_FSETXATTR
, "fsetxattr" },
324 { SMB_VFS_OP_AIO_READ
, "aio_read" },
325 { SMB_VFS_OP_AIO_WRITE
, "aio_write" },
326 { SMB_VFS_OP_AIO_RETURN
,"aio_return" },
327 { SMB_VFS_OP_AIO_CANCEL
,"aio_cancel" },
328 { SMB_VFS_OP_AIO_ERROR
, "aio_error" },
329 { SMB_VFS_OP_AIO_FSYNC
, "aio_fsync" },
330 { SMB_VFS_OP_AIO_SUSPEND
,"aio_suspend" },
331 { SMB_VFS_OP_AIO_FORCE
, "aio_force" },
332 { SMB_VFS_OP_IS_OFFLINE
, "aio_is_offline" },
333 { SMB_VFS_OP_SET_OFFLINE
, "aio_set_offline" },
334 { SMB_VFS_OP_LAST
, NULL
}
337 static int audit_syslog_facility(vfs_handle_struct
*handle
)
339 static const struct enum_list enum_log_facilities
[] = {
340 { LOG_USER
, "USER" },
341 { LOG_LOCAL0
, "LOCAL0" },
342 { LOG_LOCAL1
, "LOCAL1" },
343 { LOG_LOCAL2
, "LOCAL2" },
344 { LOG_LOCAL3
, "LOCAL3" },
345 { LOG_LOCAL4
, "LOCAL4" },
346 { LOG_LOCAL5
, "LOCAL5" },
347 { LOG_LOCAL6
, "LOCAL6" },
348 { LOG_LOCAL7
, "LOCAL7" }
353 facility
= lp_parm_enum(SNUM(handle
->conn
), "full_audit", "facility", enum_log_facilities
, LOG_USER
);
358 static int audit_syslog_priority(vfs_handle_struct
*handle
)
360 static const struct enum_list enum_log_priorities
[] = {
361 { LOG_EMERG
, "EMERG" },
362 { LOG_ALERT
, "ALERT" },
363 { LOG_CRIT
, "CRIT" },
365 { LOG_WARNING
, "WARNING" },
366 { LOG_NOTICE
, "NOTICE" },
367 { LOG_INFO
, "INFO" },
368 { LOG_DEBUG
, "DEBUG" }
373 priority
= lp_parm_enum(SNUM(handle
->conn
), "full_audit", "priority",
374 enum_log_priorities
, LOG_NOTICE
);
375 if (priority
== -1) {
376 priority
= LOG_WARNING
;
382 static char *audit_prefix(TALLOC_CTX
*ctx
, connection_struct
*conn
)
387 prefix
= talloc_strdup(ctx
,
388 lp_parm_const_string(SNUM(conn
), "full_audit",
393 result
= talloc_sub_advanced(ctx
,
394 lp_servicename(SNUM(conn
)),
395 conn
->server_info
->unix_name
,
397 conn
->server_info
->utok
.gid
,
398 conn
->server_info
->sanitized_username
,
399 pdb_get_domain(conn
->server_info
->sam_account
),
405 static bool log_success(vfs_handle_struct
*handle
, vfs_op_type op
)
407 struct vfs_full_audit_private_data
*pd
= NULL
;
409 SMB_VFS_HANDLE_GET_DATA(handle
, pd
,
410 struct vfs_full_audit_private_data
,
413 if (pd
->success_ops
== NULL
) {
417 return bitmap_query(pd
->success_ops
, op
);
420 static bool log_failure(vfs_handle_struct
*handle
, vfs_op_type op
)
422 struct vfs_full_audit_private_data
*pd
= NULL
;
424 SMB_VFS_HANDLE_GET_DATA(handle
, pd
,
425 struct vfs_full_audit_private_data
,
428 if (pd
->failure_ops
== NULL
)
431 return bitmap_query(pd
->failure_ops
, op
);
434 static void init_bitmap(struct bitmap
**bm
, const char **ops
)
436 bool log_all
= False
;
441 *bm
= bitmap_allocate(SMB_VFS_OP_LAST
);
444 DEBUG(0, ("Could not alloc bitmap -- "
445 "defaulting to logging everything\n"));
449 while (*ops
!= NULL
) {
453 if (strequal(*ops
, "all")) {
458 if (strequal(*ops
, "none")) {
462 for (i
=0; i
<SMB_VFS_OP_LAST
; i
++) {
463 if (vfs_op_names
[i
].name
== NULL
) {
464 smb_panic("vfs_full_audit.c: name table not "
465 "in sync with vfs.h\n");
468 if (strequal(*ops
, vfs_op_names
[i
].name
)) {
474 DEBUG(0, ("Could not find opname %s, logging all\n",
483 /* The query functions default to True */
489 static const char *audit_opname(vfs_op_type op
)
491 if (op
>= SMB_VFS_OP_LAST
)
492 return "INVALID VFS OP";
493 return vfs_op_names
[op
].name
;
496 static TALLOC_CTX
*tmp_do_log_ctx
;
498 * Get us a temporary talloc context usable just for DEBUG arguments
500 static TALLOC_CTX
*do_log_ctx(void)
502 if (tmp_do_log_ctx
== NULL
) {
503 tmp_do_log_ctx
= talloc_named_const(NULL
, 0, "do_log_ctx");
505 return tmp_do_log_ctx
;
508 static void do_log(vfs_op_type op
, bool success
, vfs_handle_struct
*handle
,
509 const char *format
, ...)
512 char *audit_pre
= NULL
;
517 if (success
&& (!log_success(handle
, op
)))
520 if (!success
&& (!log_failure(handle
, op
)))
524 fstrcpy(err_msg
, "ok");
526 fstr_sprintf(err_msg
, "fail (%s)", strerror(errno
));
528 va_start(ap
, format
);
529 op_msg
= talloc_vasprintf(talloc_tos(), format
, ap
);
537 * Specify the facility to interoperate with other syslog callers
538 * (smbd for example).
540 priority
= audit_syslog_priority(handle
) |
541 audit_syslog_facility(handle
);
543 audit_pre
= audit_prefix(talloc_tos(), handle
->conn
);
544 syslog(priority
, "%s|%s|%s|%s\n",
545 audit_pre
? audit_pre
: "",
546 audit_opname(op
), err_msg
, op_msg
);
549 TALLOC_FREE(audit_pre
);
551 TALLOC_FREE(tmp_do_log_ctx
);
557 * Return a string using the do_log_ctx()
559 static const char *smb_fname_str_do_log(const struct smb_filename
*smb_fname
)
564 if (smb_fname
== NULL
) {
567 status
= get_full_smb_filename(do_log_ctx(), smb_fname
, &fname
);
568 if (!NT_STATUS_IS_OK(status
)) {
575 * Return an fsp debug string using the do_log_ctx()
577 static const char *fsp_str_do_log(const struct files_struct
*fsp
)
579 return smb_fname_str_do_log(fsp
->fsp_name
);
582 /* Free function for the private data. */
584 static void free_private_data(void **p_data
)
586 struct vfs_full_audit_private_data
*pd
= *(struct vfs_full_audit_private_data
**)p_data
;
588 if (pd
->success_ops
) {
589 bitmap_free(pd
->success_ops
);
591 if (pd
->failure_ops
) {
592 bitmap_free(pd
->failure_ops
);
598 /* Implementation of vfs_ops. Pass everything on to the default
599 operation but log event first. */
601 static int smb_full_audit_connect(vfs_handle_struct
*handle
,
602 const char *svc
, const char *user
)
605 struct vfs_full_audit_private_data
*pd
= NULL
;
606 const char *none
[] = { NULL
};
607 const char *all
[] = { "all" };
609 result
= SMB_VFS_NEXT_CONNECT(handle
, svc
, user
);
614 pd
= SMB_MALLOC_P(struct vfs_full_audit_private_data
);
616 SMB_VFS_NEXT_DISCONNECT(handle
);
622 openlog("smbd_audit", 0, audit_syslog_facility(handle
));
625 init_bitmap(&pd
->success_ops
,
626 lp_parm_string_list(SNUM(handle
->conn
), "full_audit", "success",
628 init_bitmap(&pd
->failure_ops
,
629 lp_parm_string_list(SNUM(handle
->conn
), "full_audit", "failure",
632 /* Store the private data. */
633 SMB_VFS_HANDLE_SET_DATA(handle
, pd
, free_private_data
,
634 struct vfs_full_audit_private_data
, return -1);
636 do_log(SMB_VFS_OP_CONNECT
, True
, handle
,
642 static void smb_full_audit_disconnect(vfs_handle_struct
*handle
)
644 SMB_VFS_NEXT_DISCONNECT(handle
);
646 do_log(SMB_VFS_OP_DISCONNECT
, True
, handle
,
647 "%s", lp_servicename(SNUM(handle
->conn
)));
649 /* The bitmaps will be disconnected when the private
655 static uint64_t smb_full_audit_disk_free(vfs_handle_struct
*handle
,
657 bool small_query
, uint64_t *bsize
,
658 uint64_t *dfree
, uint64_t *dsize
)
662 result
= SMB_VFS_NEXT_DISK_FREE(handle
, path
, small_query
, bsize
,
665 /* Don't have a reasonable notion of failure here */
667 do_log(SMB_VFS_OP_DISK_FREE
, True
, handle
, "%s", path
);
672 static int smb_full_audit_get_quota(struct vfs_handle_struct
*handle
,
673 enum SMB_QUOTA_TYPE qtype
, unid_t id
,
678 result
= SMB_VFS_NEXT_GET_QUOTA(handle
, qtype
, id
, qt
);
680 do_log(SMB_VFS_OP_GET_QUOTA
, (result
>= 0), handle
, "");
686 static int smb_full_audit_set_quota(struct vfs_handle_struct
*handle
,
687 enum SMB_QUOTA_TYPE qtype
, unid_t id
,
692 result
= SMB_VFS_NEXT_SET_QUOTA(handle
, qtype
, id
, qt
);
694 do_log(SMB_VFS_OP_SET_QUOTA
, (result
>= 0), handle
, "");
699 static int smb_full_audit_get_shadow_copy_data(struct vfs_handle_struct
*handle
,
700 struct files_struct
*fsp
,
701 SHADOW_COPY_DATA
*shadow_copy_data
, bool labels
)
705 result
= SMB_VFS_NEXT_GET_SHADOW_COPY_DATA(handle
, fsp
, shadow_copy_data
, labels
);
707 do_log(SMB_VFS_OP_GET_SHADOW_COPY_DATA
, (result
>= 0), handle
, "");
712 static int smb_full_audit_statvfs(struct vfs_handle_struct
*handle
,
714 struct vfs_statvfs_struct
*statbuf
)
718 result
= SMB_VFS_NEXT_STATVFS(handle
, path
, statbuf
);
720 do_log(SMB_VFS_OP_STATVFS
, (result
>= 0), handle
, "");
725 static uint32_t smb_full_audit_fs_capabilities(struct vfs_handle_struct
*handle
, enum timestamp_set_resolution
*p_ts_res
)
729 result
= SMB_VFS_NEXT_FS_CAPABILITIES(handle
, p_ts_res
);
731 do_log(SMB_VFS_OP_FS_CAPABILITIES
, true, handle
, "");
736 static SMB_STRUCT_DIR
*smb_full_audit_opendir(vfs_handle_struct
*handle
,
737 const char *fname
, const char *mask
, uint32 attr
)
739 SMB_STRUCT_DIR
*result
;
741 result
= SMB_VFS_NEXT_OPENDIR(handle
, fname
, mask
, attr
);
743 do_log(SMB_VFS_OP_OPENDIR
, (result
!= NULL
), handle
, "%s", fname
);
748 static SMB_STRUCT_DIRENT
*smb_full_audit_readdir(vfs_handle_struct
*handle
,
749 SMB_STRUCT_DIR
*dirp
, SMB_STRUCT_STAT
*sbuf
)
751 SMB_STRUCT_DIRENT
*result
;
753 result
= SMB_VFS_NEXT_READDIR(handle
, dirp
, sbuf
);
755 /* This operation has no reasonable error condition
756 * (End of dir is also failure), so always succeed.
758 do_log(SMB_VFS_OP_READDIR
, True
, handle
, "");
763 static void smb_full_audit_seekdir(vfs_handle_struct
*handle
,
764 SMB_STRUCT_DIR
*dirp
, long offset
)
766 SMB_VFS_NEXT_SEEKDIR(handle
, dirp
, offset
);
768 do_log(SMB_VFS_OP_SEEKDIR
, True
, handle
, "");
772 static long smb_full_audit_telldir(vfs_handle_struct
*handle
,
773 SMB_STRUCT_DIR
*dirp
)
777 result
= SMB_VFS_NEXT_TELLDIR(handle
, dirp
);
779 do_log(SMB_VFS_OP_TELLDIR
, True
, handle
, "");
784 static void smb_full_audit_rewinddir(vfs_handle_struct
*handle
,
785 SMB_STRUCT_DIR
*dirp
)
787 SMB_VFS_NEXT_REWINDDIR(handle
, dirp
);
789 do_log(SMB_VFS_OP_REWINDDIR
, True
, handle
, "");
793 static int smb_full_audit_mkdir(vfs_handle_struct
*handle
,
794 const char *path
, mode_t mode
)
798 result
= SMB_VFS_NEXT_MKDIR(handle
, path
, mode
);
800 do_log(SMB_VFS_OP_MKDIR
, (result
>= 0), handle
, "%s", path
);
805 static int smb_full_audit_rmdir(vfs_handle_struct
*handle
,
810 result
= SMB_VFS_NEXT_RMDIR(handle
, path
);
812 do_log(SMB_VFS_OP_RMDIR
, (result
>= 0), handle
, "%s", path
);
817 static int smb_full_audit_closedir(vfs_handle_struct
*handle
,
818 SMB_STRUCT_DIR
*dirp
)
822 result
= SMB_VFS_NEXT_CLOSEDIR(handle
, dirp
);
824 do_log(SMB_VFS_OP_CLOSEDIR
, (result
>= 0), handle
, "");
829 static void smb_full_audit_init_search_op(vfs_handle_struct
*handle
,
830 SMB_STRUCT_DIR
*dirp
)
832 SMB_VFS_NEXT_INIT_SEARCH_OP(handle
, dirp
);
834 do_log(SMB_VFS_OP_INIT_SEARCH_OP
, True
, handle
, "");
838 static int smb_full_audit_open(vfs_handle_struct
*handle
,
839 struct smb_filename
*smb_fname
,
840 files_struct
*fsp
, int flags
, mode_t mode
)
844 result
= SMB_VFS_NEXT_OPEN(handle
, smb_fname
, fsp
, flags
, mode
);
846 do_log(SMB_VFS_OP_OPEN
, (result
>= 0), handle
, "%s|%s",
847 ((flags
& O_WRONLY
) || (flags
& O_RDWR
))?"w":"r",
848 smb_fname_str_do_log(smb_fname
));
853 static NTSTATUS
smb_full_audit_create_file(vfs_handle_struct
*handle
,
854 struct smb_request
*req
,
855 uint16_t root_dir_fid
,
856 struct smb_filename
*smb_fname
,
857 uint32_t access_mask
,
858 uint32_t share_access
,
859 uint32_t create_disposition
,
860 uint32_t create_options
,
861 uint32_t file_attributes
,
862 uint32_t oplock_request
,
863 uint64_t allocation_size
,
864 struct security_descriptor
*sd
,
865 struct ea_list
*ea_list
,
866 files_struct
**result_fsp
,
870 const char* str_create_disposition
;
872 switch (create_disposition
) {
874 str_create_disposition
= "supersede";
876 case FILE_OVERWRITE_IF
:
877 str_create_disposition
= "overwrite_if";
880 str_create_disposition
= "open";
883 str_create_disposition
= "overwrite";
886 str_create_disposition
= "create";
889 str_create_disposition
= "open_if";
892 str_create_disposition
= "unknown";
895 result
= SMB_VFS_NEXT_CREATE_FILE(
898 root_dir_fid
, /* root_dir_fid */
899 smb_fname
, /* fname */
900 access_mask
, /* access_mask */
901 share_access
, /* share_access */
902 create_disposition
, /* create_disposition*/
903 create_options
, /* create_options */
904 file_attributes
, /* file_attributes */
905 oplock_request
, /* oplock_request */
906 allocation_size
, /* allocation_size */
908 ea_list
, /* ea_list */
909 result_fsp
, /* result */
912 do_log(SMB_VFS_OP_CREATE_FILE
, (NT_STATUS_IS_OK(result
)), handle
,
913 "0x%x|%s|%s|%s", access_mask
,
914 create_options
& FILE_DIRECTORY_FILE
? "dir" : "file",
915 str_create_disposition
, smb_fname_str_do_log(smb_fname
));
920 static int smb_full_audit_close(vfs_handle_struct
*handle
, files_struct
*fsp
)
924 result
= SMB_VFS_NEXT_CLOSE(handle
, fsp
);
926 do_log(SMB_VFS_OP_CLOSE
, (result
>= 0), handle
, "%s",
927 fsp_str_do_log(fsp
));
932 static ssize_t
smb_full_audit_read(vfs_handle_struct
*handle
, files_struct
*fsp
,
933 void *data
, size_t n
)
937 result
= SMB_VFS_NEXT_READ(handle
, fsp
, data
, n
);
939 do_log(SMB_VFS_OP_READ
, (result
>= 0), handle
, "%s",
940 fsp_str_do_log(fsp
));
945 static ssize_t
smb_full_audit_pread(vfs_handle_struct
*handle
, files_struct
*fsp
,
946 void *data
, size_t n
, SMB_OFF_T offset
)
950 result
= SMB_VFS_NEXT_PREAD(handle
, fsp
, data
, n
, offset
);
952 do_log(SMB_VFS_OP_PREAD
, (result
>= 0), handle
, "%s",
953 fsp_str_do_log(fsp
));
958 static ssize_t
smb_full_audit_write(vfs_handle_struct
*handle
, files_struct
*fsp
,
959 const void *data
, size_t n
)
963 result
= SMB_VFS_NEXT_WRITE(handle
, fsp
, data
, n
);
965 do_log(SMB_VFS_OP_WRITE
, (result
>= 0), handle
, "%s",
966 fsp_str_do_log(fsp
));
971 static ssize_t
smb_full_audit_pwrite(vfs_handle_struct
*handle
, files_struct
*fsp
,
972 const void *data
, size_t n
,
977 result
= SMB_VFS_NEXT_PWRITE(handle
, fsp
, data
, n
, offset
);
979 do_log(SMB_VFS_OP_PWRITE
, (result
>= 0), handle
, "%s",
980 fsp_str_do_log(fsp
));
985 static SMB_OFF_T
smb_full_audit_lseek(vfs_handle_struct
*handle
, files_struct
*fsp
,
986 SMB_OFF_T offset
, int whence
)
990 result
= SMB_VFS_NEXT_LSEEK(handle
, fsp
, offset
, whence
);
992 do_log(SMB_VFS_OP_LSEEK
, (result
!= (ssize_t
)-1), handle
,
993 "%s", fsp_str_do_log(fsp
));
998 static ssize_t
smb_full_audit_sendfile(vfs_handle_struct
*handle
, int tofd
,
999 files_struct
*fromfsp
,
1000 const DATA_BLOB
*hdr
, SMB_OFF_T offset
,
1005 result
= SMB_VFS_NEXT_SENDFILE(handle
, tofd
, fromfsp
, hdr
, offset
, n
);
1007 do_log(SMB_VFS_OP_SENDFILE
, (result
>= 0), handle
,
1008 "%s", fsp_str_do_log(fromfsp
));
1013 static ssize_t
smb_full_audit_recvfile(vfs_handle_struct
*handle
, int fromfd
,
1014 files_struct
*tofsp
,
1020 result
= SMB_VFS_NEXT_RECVFILE(handle
, fromfd
, tofsp
, offset
, n
);
1022 do_log(SMB_VFS_OP_RECVFILE
, (result
>= 0), handle
,
1023 "%s", fsp_str_do_log(tofsp
));
1028 static int smb_full_audit_rename(vfs_handle_struct
*handle
,
1029 const struct smb_filename
*smb_fname_src
,
1030 const struct smb_filename
*smb_fname_dst
)
1034 result
= SMB_VFS_NEXT_RENAME(handle
, smb_fname_src
, smb_fname_dst
);
1036 do_log(SMB_VFS_OP_RENAME
, (result
>= 0), handle
, "%s|%s",
1037 smb_fname_str_do_log(smb_fname_src
),
1038 smb_fname_str_do_log(smb_fname_dst
));
1043 static int smb_full_audit_fsync(vfs_handle_struct
*handle
, files_struct
*fsp
)
1047 result
= SMB_VFS_NEXT_FSYNC(handle
, fsp
);
1049 do_log(SMB_VFS_OP_FSYNC
, (result
>= 0), handle
, "%s",
1050 fsp_str_do_log(fsp
));
1055 static int smb_full_audit_stat(vfs_handle_struct
*handle
,
1056 struct smb_filename
*smb_fname
)
1060 result
= SMB_VFS_NEXT_STAT(handle
, smb_fname
);
1062 do_log(SMB_VFS_OP_STAT
, (result
>= 0), handle
, "%s",
1063 smb_fname_str_do_log(smb_fname
));
1068 static int smb_full_audit_fstat(vfs_handle_struct
*handle
, files_struct
*fsp
,
1069 SMB_STRUCT_STAT
*sbuf
)
1073 result
= SMB_VFS_NEXT_FSTAT(handle
, fsp
, sbuf
);
1075 do_log(SMB_VFS_OP_FSTAT
, (result
>= 0), handle
, "%s",
1076 fsp_str_do_log(fsp
));
1081 static int smb_full_audit_lstat(vfs_handle_struct
*handle
,
1082 struct smb_filename
*smb_fname
)
1086 result
= SMB_VFS_NEXT_LSTAT(handle
, smb_fname
);
1088 do_log(SMB_VFS_OP_LSTAT
, (result
>= 0), handle
, "%s",
1089 smb_fname_str_do_log(smb_fname
));
1094 static uint64_t smb_full_audit_get_alloc_size(vfs_handle_struct
*handle
,
1095 files_struct
*fsp
, const SMB_STRUCT_STAT
*sbuf
)
1099 result
= SMB_VFS_NEXT_GET_ALLOC_SIZE(handle
, fsp
, sbuf
);
1101 do_log(SMB_VFS_OP_GET_ALLOC_SIZE
, (result
>= 0), handle
, "%d", result
);
1106 static int smb_full_audit_unlink(vfs_handle_struct
*handle
,
1107 const struct smb_filename
*smb_fname
)
1111 result
= SMB_VFS_NEXT_UNLINK(handle
, smb_fname
);
1113 do_log(SMB_VFS_OP_UNLINK
, (result
>= 0), handle
, "%s",
1114 smb_fname_str_do_log(smb_fname
));
1119 static int smb_full_audit_chmod(vfs_handle_struct
*handle
,
1120 const char *path
, mode_t mode
)
1124 result
= SMB_VFS_NEXT_CHMOD(handle
, path
, mode
);
1126 do_log(SMB_VFS_OP_CHMOD
, (result
>= 0), handle
, "%s|%o", path
, mode
);
1131 static int smb_full_audit_fchmod(vfs_handle_struct
*handle
, files_struct
*fsp
,
1136 result
= SMB_VFS_NEXT_FCHMOD(handle
, fsp
, mode
);
1138 do_log(SMB_VFS_OP_FCHMOD
, (result
>= 0), handle
,
1139 "%s|%o", fsp_str_do_log(fsp
), mode
);
1144 static int smb_full_audit_chown(vfs_handle_struct
*handle
,
1145 const char *path
, uid_t uid
, gid_t gid
)
1149 result
= SMB_VFS_NEXT_CHOWN(handle
, path
, uid
, gid
);
1151 do_log(SMB_VFS_OP_CHOWN
, (result
>= 0), handle
, "%s|%ld|%ld",
1152 path
, (long int)uid
, (long int)gid
);
1157 static int smb_full_audit_fchown(vfs_handle_struct
*handle
, files_struct
*fsp
,
1158 uid_t uid
, gid_t gid
)
1162 result
= SMB_VFS_NEXT_FCHOWN(handle
, fsp
, uid
, gid
);
1164 do_log(SMB_VFS_OP_FCHOWN
, (result
>= 0), handle
, "%s|%ld|%ld",
1165 fsp_str_do_log(fsp
), (long int)uid
, (long int)gid
);
1170 static int smb_full_audit_lchown(vfs_handle_struct
*handle
,
1171 const char *path
, uid_t uid
, gid_t gid
)
1175 result
= SMB_VFS_NEXT_LCHOWN(handle
, path
, uid
, gid
);
1177 do_log(SMB_VFS_OP_LCHOWN
, (result
>= 0), handle
, "%s|%ld|%ld",
1178 path
, (long int)uid
, (long int)gid
);
1183 static int smb_full_audit_chdir(vfs_handle_struct
*handle
,
1188 result
= SMB_VFS_NEXT_CHDIR(handle
, path
);
1190 do_log(SMB_VFS_OP_CHDIR
, (result
>= 0), handle
, "chdir|%s", path
);
1195 static char *smb_full_audit_getwd(vfs_handle_struct
*handle
,
1200 result
= SMB_VFS_NEXT_GETWD(handle
, path
);
1202 do_log(SMB_VFS_OP_GETWD
, (result
!= NULL
), handle
, "%s", path
);
1207 static int smb_full_audit_ntimes(vfs_handle_struct
*handle
,
1208 const struct smb_filename
*smb_fname
,
1209 struct smb_file_time
*ft
)
1213 result
= SMB_VFS_NEXT_NTIMES(handle
, smb_fname
, ft
);
1215 do_log(SMB_VFS_OP_NTIMES
, (result
>= 0), handle
, "%s",
1216 smb_fname_str_do_log(smb_fname
));
1221 static int smb_full_audit_ftruncate(vfs_handle_struct
*handle
, files_struct
*fsp
,
1226 result
= SMB_VFS_NEXT_FTRUNCATE(handle
, fsp
, len
);
1228 do_log(SMB_VFS_OP_FTRUNCATE
, (result
>= 0), handle
,
1229 "%s", fsp_str_do_log(fsp
));
1234 static bool smb_full_audit_lock(vfs_handle_struct
*handle
, files_struct
*fsp
,
1235 int op
, SMB_OFF_T offset
, SMB_OFF_T count
, int type
)
1239 result
= SMB_VFS_NEXT_LOCK(handle
, fsp
, op
, offset
, count
, type
);
1241 do_log(SMB_VFS_OP_LOCK
, result
, handle
, "%s", fsp_str_do_log(fsp
));
1246 static int smb_full_audit_kernel_flock(struct vfs_handle_struct
*handle
,
1247 struct files_struct
*fsp
,
1248 uint32 share_mode
, uint32 access_mask
)
1252 result
= SMB_VFS_NEXT_KERNEL_FLOCK(handle
, fsp
, share_mode
, access_mask
);
1254 do_log(SMB_VFS_OP_KERNEL_FLOCK
, (result
>= 0), handle
, "%s",
1255 fsp_str_do_log(fsp
));
1260 static int smb_full_audit_linux_setlease(vfs_handle_struct
*handle
, files_struct
*fsp
,
1265 result
= SMB_VFS_NEXT_LINUX_SETLEASE(handle
, fsp
, leasetype
);
1267 do_log(SMB_VFS_OP_LINUX_SETLEASE
, (result
>= 0), handle
, "%s",
1268 fsp_str_do_log(fsp
));
1273 static bool smb_full_audit_getlock(vfs_handle_struct
*handle
, files_struct
*fsp
,
1274 SMB_OFF_T
*poffset
, SMB_OFF_T
*pcount
, int *ptype
, pid_t
*ppid
)
1278 result
= SMB_VFS_NEXT_GETLOCK(handle
, fsp
, poffset
, pcount
, ptype
, ppid
);
1280 do_log(SMB_VFS_OP_GETLOCK
, result
, handle
, "%s", fsp_str_do_log(fsp
));
1285 static int smb_full_audit_symlink(vfs_handle_struct
*handle
,
1286 const char *oldpath
, const char *newpath
)
1290 result
= SMB_VFS_NEXT_SYMLINK(handle
, oldpath
, newpath
);
1292 do_log(SMB_VFS_OP_SYMLINK
, (result
>= 0), handle
,
1293 "%s|%s", oldpath
, newpath
);
1298 static int smb_full_audit_readlink(vfs_handle_struct
*handle
,
1299 const char *path
, char *buf
, size_t bufsiz
)
1303 result
= SMB_VFS_NEXT_READLINK(handle
, path
, buf
, bufsiz
);
1305 do_log(SMB_VFS_OP_READLINK
, (result
>= 0), handle
, "%s", path
);
1310 static int smb_full_audit_link(vfs_handle_struct
*handle
,
1311 const char *oldpath
, const char *newpath
)
1315 result
= SMB_VFS_NEXT_LINK(handle
, oldpath
, newpath
);
1317 do_log(SMB_VFS_OP_LINK
, (result
>= 0), handle
,
1318 "%s|%s", oldpath
, newpath
);
1323 static int smb_full_audit_mknod(vfs_handle_struct
*handle
,
1324 const char *pathname
, mode_t mode
, SMB_DEV_T dev
)
1328 result
= SMB_VFS_NEXT_MKNOD(handle
, pathname
, mode
, dev
);
1330 do_log(SMB_VFS_OP_MKNOD
, (result
>= 0), handle
, "%s", pathname
);
1335 static char *smb_full_audit_realpath(vfs_handle_struct
*handle
,
1336 const char *path
, char *resolved_path
)
1340 result
= SMB_VFS_NEXT_REALPATH(handle
, path
, resolved_path
);
1342 do_log(SMB_VFS_OP_REALPATH
, (result
!= NULL
), handle
, "%s", path
);
1347 static NTSTATUS
smb_full_audit_notify_watch(struct vfs_handle_struct
*handle
,
1348 struct sys_notify_context
*ctx
,
1349 struct notify_entry
*e
,
1350 void (*callback
)(struct sys_notify_context
*ctx
,
1352 struct notify_event
*ev
),
1353 void *private_data
, void *handle_p
)
1357 result
= SMB_VFS_NEXT_NOTIFY_WATCH(handle
, ctx
, e
, callback
, private_data
, handle_p
);
1359 do_log(SMB_VFS_OP_NOTIFY_WATCH
, NT_STATUS_IS_OK(result
), handle
, "");
1364 static int smb_full_audit_chflags(vfs_handle_struct
*handle
,
1365 const char *path
, unsigned int flags
)
1369 result
= SMB_VFS_NEXT_CHFLAGS(handle
, path
, flags
);
1371 do_log(SMB_VFS_OP_CHFLAGS
, (result
!= 0), handle
, "%s", path
);
1376 static struct file_id
smb_full_audit_file_id_create(struct vfs_handle_struct
*handle
,
1377 const SMB_STRUCT_STAT
*sbuf
)
1379 struct file_id id_zero
;
1380 struct file_id result
;
1382 ZERO_STRUCT(id_zero
);
1384 result
= SMB_VFS_NEXT_FILE_ID_CREATE(handle
, sbuf
);
1386 do_log(SMB_VFS_OP_FILE_ID_CREATE
,
1387 !file_id_equal(&id_zero
, &result
),
1388 handle
, "%s", file_id_string_tos(&result
));
1393 static NTSTATUS
smb_full_audit_streaminfo(vfs_handle_struct
*handle
,
1394 struct files_struct
*fsp
,
1396 TALLOC_CTX
*mem_ctx
,
1397 unsigned int *pnum_streams
,
1398 struct stream_struct
**pstreams
)
1402 result
= SMB_VFS_NEXT_STREAMINFO(handle
, fsp
, fname
, mem_ctx
,
1403 pnum_streams
, pstreams
);
1405 do_log(SMB_VFS_OP_STREAMINFO
, NT_STATUS_IS_OK(result
), handle
,
1411 static int smb_full_audit_get_real_filename(struct vfs_handle_struct
*handle
,
1414 TALLOC_CTX
*mem_ctx
,
1419 result
= SMB_VFS_NEXT_GET_REAL_FILENAME(handle
, path
, name
, mem_ctx
,
1422 do_log(SMB_VFS_OP_GET_REAL_FILENAME
, (result
== 0), handle
,
1423 "%s/%s->%s", path
, name
, (result
== 0) ? "" : *found_name
);
1428 static const char *smb_full_audit_connectpath(vfs_handle_struct
*handle
,
1433 result
= SMB_VFS_NEXT_CONNECTPATH(handle
, fname
);
1435 do_log(SMB_VFS_OP_CONNECTPATH
, result
!= NULL
, handle
,
1441 static NTSTATUS
smb_full_audit_brl_lock_windows(struct vfs_handle_struct
*handle
,
1442 struct byte_range_lock
*br_lck
,
1443 struct lock_struct
*plock
,
1445 struct blocking_lock_record
*blr
)
1449 result
= SMB_VFS_NEXT_BRL_LOCK_WINDOWS(handle
, br_lck
, plock
,
1450 blocking_lock
, blr
);
1452 do_log(SMB_VFS_OP_BRL_LOCK_WINDOWS
, NT_STATUS_IS_OK(result
), handle
,
1453 "%s:%llu-%llu. type=%d. blocking=%d", fsp_str_do_log(br_lck
->fsp
),
1454 plock
->start
, plock
->size
, plock
->lock_type
, blocking_lock
);
1459 static bool smb_full_audit_brl_unlock_windows(struct vfs_handle_struct
*handle
,
1460 struct messaging_context
*msg_ctx
,
1461 struct byte_range_lock
*br_lck
,
1462 const struct lock_struct
*plock
)
1466 result
= SMB_VFS_NEXT_BRL_UNLOCK_WINDOWS(handle
, msg_ctx
, br_lck
,
1469 do_log(SMB_VFS_OP_BRL_UNLOCK_WINDOWS
, (result
== 0), handle
,
1470 "%s:%llu-%llu:%d", fsp_str_do_log(br_lck
->fsp
), plock
->start
,
1471 plock
->size
, plock
->lock_type
);
1476 static bool smb_full_audit_brl_cancel_windows(struct vfs_handle_struct
*handle
,
1477 struct byte_range_lock
*br_lck
,
1478 struct lock_struct
*plock
,
1479 struct blocking_lock_record
*blr
)
1483 result
= SMB_VFS_NEXT_BRL_CANCEL_WINDOWS(handle
, br_lck
, plock
, blr
);
1485 do_log(SMB_VFS_OP_BRL_CANCEL_WINDOWS
, (result
== 0), handle
,
1486 "%s:%llu-%llu:%d", fsp_str_do_log(br_lck
->fsp
), plock
->start
,
1492 static bool smb_full_audit_strict_lock(struct vfs_handle_struct
*handle
,
1493 struct files_struct
*fsp
,
1494 struct lock_struct
*plock
)
1498 result
= SMB_VFS_NEXT_STRICT_LOCK(handle
, fsp
, plock
);
1500 do_log(SMB_VFS_OP_STRICT_LOCK
, result
, handle
,
1501 "%s:%llu-%llu:%d", fsp_str_do_log(fsp
), plock
->start
,
1507 static void smb_full_audit_strict_unlock(struct vfs_handle_struct
*handle
,
1508 struct files_struct
*fsp
,
1509 struct lock_struct
*plock
)
1511 SMB_VFS_NEXT_STRICT_UNLOCK(handle
, fsp
, plock
);
1513 do_log(SMB_VFS_OP_STRICT_UNLOCK
, true, handle
,
1514 "%s:%llu-%llu:%d", fsp_str_do_log(fsp
), plock
->start
,
1520 static NTSTATUS
smb_full_audit_translate_name(struct vfs_handle_struct
*handle
,
1522 enum vfs_translate_direction direction
,
1523 TALLOC_CTX
*mem_ctx
,
1528 result
= SMB_VFS_NEXT_TRANSLATE_NAME(handle
, name
, direction
, mem_ctx
,
1531 do_log(SMB_VFS_OP_TRANSLATE_NAME
, NT_STATUS_IS_OK(result
), handle
, "");
1536 static NTSTATUS
smb_full_audit_fget_nt_acl(vfs_handle_struct
*handle
, files_struct
*fsp
,
1537 uint32 security_info
,
1542 result
= SMB_VFS_NEXT_FGET_NT_ACL(handle
, fsp
, security_info
, ppdesc
);
1544 do_log(SMB_VFS_OP_FGET_NT_ACL
, NT_STATUS_IS_OK(result
), handle
,
1545 "%s", fsp_str_do_log(fsp
));
1550 static NTSTATUS
smb_full_audit_get_nt_acl(vfs_handle_struct
*handle
,
1552 uint32 security_info
,
1557 result
= SMB_VFS_NEXT_GET_NT_ACL(handle
, name
, security_info
, ppdesc
);
1559 do_log(SMB_VFS_OP_GET_NT_ACL
, NT_STATUS_IS_OK(result
), handle
,
1565 static NTSTATUS
smb_full_audit_fset_nt_acl(vfs_handle_struct
*handle
, files_struct
*fsp
,
1566 uint32 security_info_sent
,
1567 const SEC_DESC
*psd
)
1571 result
= SMB_VFS_NEXT_FSET_NT_ACL(handle
, fsp
, security_info_sent
, psd
);
1573 do_log(SMB_VFS_OP_FSET_NT_ACL
, NT_STATUS_IS_OK(result
), handle
, "%s",
1574 fsp_str_do_log(fsp
));
1579 static int smb_full_audit_chmod_acl(vfs_handle_struct
*handle
,
1580 const char *path
, mode_t mode
)
1584 result
= SMB_VFS_NEXT_CHMOD_ACL(handle
, path
, mode
);
1586 do_log(SMB_VFS_OP_CHMOD_ACL
, (result
>= 0), handle
,
1587 "%s|%o", path
, mode
);
1592 static int smb_full_audit_fchmod_acl(vfs_handle_struct
*handle
, files_struct
*fsp
,
1597 result
= SMB_VFS_NEXT_FCHMOD_ACL(handle
, fsp
, mode
);
1599 do_log(SMB_VFS_OP_FCHMOD_ACL
, (result
>= 0), handle
,
1600 "%s|%o", fsp_str_do_log(fsp
), mode
);
1605 static int smb_full_audit_sys_acl_get_entry(vfs_handle_struct
*handle
,
1607 SMB_ACL_T theacl
, int entry_id
,
1608 SMB_ACL_ENTRY_T
*entry_p
)
1612 result
= SMB_VFS_NEXT_SYS_ACL_GET_ENTRY(handle
, theacl
, entry_id
,
1615 do_log(SMB_VFS_OP_SYS_ACL_GET_ENTRY
, (result
>= 0), handle
,
1621 static int smb_full_audit_sys_acl_get_tag_type(vfs_handle_struct
*handle
,
1623 SMB_ACL_ENTRY_T entry_d
,
1624 SMB_ACL_TAG_T
*tag_type_p
)
1628 result
= SMB_VFS_NEXT_SYS_ACL_GET_TAG_TYPE(handle
, entry_d
,
1631 do_log(SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE
, (result
>= 0), handle
,
1637 static int smb_full_audit_sys_acl_get_permset(vfs_handle_struct
*handle
,
1639 SMB_ACL_ENTRY_T entry_d
,
1640 SMB_ACL_PERMSET_T
*permset_p
)
1644 result
= SMB_VFS_NEXT_SYS_ACL_GET_PERMSET(handle
, entry_d
,
1647 do_log(SMB_VFS_OP_SYS_ACL_GET_PERMSET
, (result
>= 0), handle
,
1653 static void * smb_full_audit_sys_acl_get_qualifier(vfs_handle_struct
*handle
,
1655 SMB_ACL_ENTRY_T entry_d
)
1659 result
= SMB_VFS_NEXT_SYS_ACL_GET_QUALIFIER(handle
, entry_d
);
1661 do_log(SMB_VFS_OP_SYS_ACL_GET_QUALIFIER
, (result
!= NULL
), handle
,
1667 static SMB_ACL_T
smb_full_audit_sys_acl_get_file(vfs_handle_struct
*handle
,
1669 SMB_ACL_TYPE_T type
)
1673 result
= SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle
, path_p
, type
);
1675 do_log(SMB_VFS_OP_SYS_ACL_GET_FILE
, (result
!= NULL
), handle
,
1681 static SMB_ACL_T
smb_full_audit_sys_acl_get_fd(vfs_handle_struct
*handle
,
1686 result
= SMB_VFS_NEXT_SYS_ACL_GET_FD(handle
, fsp
);
1688 do_log(SMB_VFS_OP_SYS_ACL_GET_FD
, (result
!= NULL
), handle
,
1689 "%s", fsp_str_do_log(fsp
));
1694 static int smb_full_audit_sys_acl_clear_perms(vfs_handle_struct
*handle
,
1696 SMB_ACL_PERMSET_T permset
)
1700 result
= SMB_VFS_NEXT_SYS_ACL_CLEAR_PERMS(handle
, permset
);
1702 do_log(SMB_VFS_OP_SYS_ACL_CLEAR_PERMS
, (result
>= 0), handle
,
1708 static int smb_full_audit_sys_acl_add_perm(vfs_handle_struct
*handle
,
1710 SMB_ACL_PERMSET_T permset
,
1711 SMB_ACL_PERM_T perm
)
1715 result
= SMB_VFS_NEXT_SYS_ACL_ADD_PERM(handle
, permset
, perm
);
1717 do_log(SMB_VFS_OP_SYS_ACL_ADD_PERM
, (result
>= 0), handle
,
1723 static char * smb_full_audit_sys_acl_to_text(vfs_handle_struct
*handle
,
1729 result
= SMB_VFS_NEXT_SYS_ACL_TO_TEXT(handle
, theacl
, plen
);
1731 do_log(SMB_VFS_OP_SYS_ACL_TO_TEXT
, (result
!= NULL
), handle
,
1737 static SMB_ACL_T
smb_full_audit_sys_acl_init(vfs_handle_struct
*handle
,
1743 result
= SMB_VFS_NEXT_SYS_ACL_INIT(handle
, count
);
1745 do_log(SMB_VFS_OP_SYS_ACL_INIT
, (result
!= NULL
), handle
,
1751 static int smb_full_audit_sys_acl_create_entry(vfs_handle_struct
*handle
,
1753 SMB_ACL_ENTRY_T
*pentry
)
1757 result
= SMB_VFS_NEXT_SYS_ACL_CREATE_ENTRY(handle
, pacl
, pentry
);
1759 do_log(SMB_VFS_OP_SYS_ACL_CREATE_ENTRY
, (result
>= 0), handle
,
1765 static int smb_full_audit_sys_acl_set_tag_type(vfs_handle_struct
*handle
,
1767 SMB_ACL_ENTRY_T entry
,
1768 SMB_ACL_TAG_T tagtype
)
1772 result
= SMB_VFS_NEXT_SYS_ACL_SET_TAG_TYPE(handle
, entry
,
1775 do_log(SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE
, (result
>= 0), handle
,
1781 static int smb_full_audit_sys_acl_set_qualifier(vfs_handle_struct
*handle
,
1783 SMB_ACL_ENTRY_T entry
,
1788 result
= SMB_VFS_NEXT_SYS_ACL_SET_QUALIFIER(handle
, entry
, qual
);
1790 do_log(SMB_VFS_OP_SYS_ACL_SET_QUALIFIER
, (result
>= 0), handle
,
1796 static int smb_full_audit_sys_acl_set_permset(vfs_handle_struct
*handle
,
1798 SMB_ACL_ENTRY_T entry
,
1799 SMB_ACL_PERMSET_T permset
)
1803 result
= SMB_VFS_NEXT_SYS_ACL_SET_PERMSET(handle
, entry
, permset
);
1805 do_log(SMB_VFS_OP_SYS_ACL_SET_PERMSET
, (result
>= 0), handle
,
1811 static int smb_full_audit_sys_acl_valid(vfs_handle_struct
*handle
,
1817 result
= SMB_VFS_NEXT_SYS_ACL_VALID(handle
, theacl
);
1819 do_log(SMB_VFS_OP_SYS_ACL_VALID
, (result
>= 0), handle
,
1825 static int smb_full_audit_sys_acl_set_file(vfs_handle_struct
*handle
,
1827 const char *name
, SMB_ACL_TYPE_T acltype
,
1832 result
= SMB_VFS_NEXT_SYS_ACL_SET_FILE(handle
, name
, acltype
,
1835 do_log(SMB_VFS_OP_SYS_ACL_SET_FILE
, (result
>= 0), handle
,
1841 static int smb_full_audit_sys_acl_set_fd(vfs_handle_struct
*handle
, files_struct
*fsp
,
1846 result
= SMB_VFS_NEXT_SYS_ACL_SET_FD(handle
, fsp
, theacl
);
1848 do_log(SMB_VFS_OP_SYS_ACL_SET_FD
, (result
>= 0), handle
,
1849 "%s", fsp_str_do_log(fsp
));
1854 static int smb_full_audit_sys_acl_delete_def_file(vfs_handle_struct
*handle
,
1860 result
= SMB_VFS_NEXT_SYS_ACL_DELETE_DEF_FILE(handle
, path
);
1862 do_log(SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE
, (result
>= 0), handle
,
1868 static int smb_full_audit_sys_acl_get_perm(vfs_handle_struct
*handle
,
1870 SMB_ACL_PERMSET_T permset
,
1871 SMB_ACL_PERM_T perm
)
1875 result
= SMB_VFS_NEXT_SYS_ACL_GET_PERM(handle
, permset
, perm
);
1877 do_log(SMB_VFS_OP_SYS_ACL_GET_PERM
, (result
>= 0), handle
,
1883 static int smb_full_audit_sys_acl_free_text(vfs_handle_struct
*handle
,
1889 result
= SMB_VFS_NEXT_SYS_ACL_FREE_TEXT(handle
, text
);
1891 do_log(SMB_VFS_OP_SYS_ACL_FREE_TEXT
, (result
>= 0), handle
,
1897 static int smb_full_audit_sys_acl_free_acl(vfs_handle_struct
*handle
,
1899 SMB_ACL_T posix_acl
)
1903 result
= SMB_VFS_NEXT_SYS_ACL_FREE_ACL(handle
, posix_acl
);
1905 do_log(SMB_VFS_OP_SYS_ACL_FREE_ACL
, (result
>= 0), handle
,
1911 static int smb_full_audit_sys_acl_free_qualifier(vfs_handle_struct
*handle
,
1913 SMB_ACL_TAG_T tagtype
)
1917 result
= SMB_VFS_NEXT_SYS_ACL_FREE_QUALIFIER(handle
, qualifier
,
1920 do_log(SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER
, (result
>= 0), handle
,
1926 static ssize_t
smb_full_audit_getxattr(struct vfs_handle_struct
*handle
,
1928 const char *name
, void *value
, size_t size
)
1932 result
= SMB_VFS_NEXT_GETXATTR(handle
, path
, name
, value
, size
);
1934 do_log(SMB_VFS_OP_GETXATTR
, (result
>= 0), handle
,
1935 "%s|%s", path
, name
);
1940 static ssize_t
smb_full_audit_lgetxattr(struct vfs_handle_struct
*handle
,
1941 const char *path
, const char *name
,
1942 void *value
, size_t size
)
1946 result
= SMB_VFS_NEXT_LGETXATTR(handle
, path
, name
, value
, size
);
1948 do_log(SMB_VFS_OP_LGETXATTR
, (result
>= 0), handle
,
1949 "%s|%s", path
, name
);
1954 static ssize_t
smb_full_audit_fgetxattr(struct vfs_handle_struct
*handle
,
1955 struct files_struct
*fsp
,
1956 const char *name
, void *value
, size_t size
)
1960 result
= SMB_VFS_NEXT_FGETXATTR(handle
, fsp
, name
, value
, size
);
1962 do_log(SMB_VFS_OP_FGETXATTR
, (result
>= 0), handle
,
1963 "%s|%s", fsp_str_do_log(fsp
), name
);
1968 static ssize_t
smb_full_audit_listxattr(struct vfs_handle_struct
*handle
,
1969 const char *path
, char *list
, size_t size
)
1973 result
= SMB_VFS_NEXT_LISTXATTR(handle
, path
, list
, size
);
1975 do_log(SMB_VFS_OP_LISTXATTR
, (result
>= 0), handle
, "%s", path
);
1980 static ssize_t
smb_full_audit_llistxattr(struct vfs_handle_struct
*handle
,
1981 const char *path
, char *list
, size_t size
)
1985 result
= SMB_VFS_NEXT_LLISTXATTR(handle
, path
, list
, size
);
1987 do_log(SMB_VFS_OP_LLISTXATTR
, (result
>= 0), handle
, "%s", path
);
1992 static ssize_t
smb_full_audit_flistxattr(struct vfs_handle_struct
*handle
,
1993 struct files_struct
*fsp
, char *list
,
1998 result
= SMB_VFS_NEXT_FLISTXATTR(handle
, fsp
, list
, size
);
2000 do_log(SMB_VFS_OP_FLISTXATTR
, (result
>= 0), handle
,
2001 "%s", fsp_str_do_log(fsp
));
2006 static int smb_full_audit_removexattr(struct vfs_handle_struct
*handle
,
2012 result
= SMB_VFS_NEXT_REMOVEXATTR(handle
, path
, name
);
2014 do_log(SMB_VFS_OP_REMOVEXATTR
, (result
>= 0), handle
,
2015 "%s|%s", path
, name
);
2020 static int smb_full_audit_lremovexattr(struct vfs_handle_struct
*handle
,
2026 result
= SMB_VFS_NEXT_LREMOVEXATTR(handle
, path
, name
);
2028 do_log(SMB_VFS_OP_LREMOVEXATTR
, (result
>= 0), handle
,
2029 "%s|%s", path
, name
);
2034 static int smb_full_audit_fremovexattr(struct vfs_handle_struct
*handle
,
2035 struct files_struct
*fsp
,
2040 result
= SMB_VFS_NEXT_FREMOVEXATTR(handle
, fsp
, name
);
2042 do_log(SMB_VFS_OP_FREMOVEXATTR
, (result
>= 0), handle
,
2043 "%s|%s", fsp_str_do_log(fsp
), name
);
2048 static int smb_full_audit_setxattr(struct vfs_handle_struct
*handle
,
2050 const char *name
, const void *value
, size_t size
,
2055 result
= SMB_VFS_NEXT_SETXATTR(handle
, path
, name
, value
, size
,
2058 do_log(SMB_VFS_OP_SETXATTR
, (result
>= 0), handle
,
2059 "%s|%s", path
, name
);
2064 static int smb_full_audit_lsetxattr(struct vfs_handle_struct
*handle
,
2066 const char *name
, const void *value
, size_t size
,
2071 result
= SMB_VFS_NEXT_LSETXATTR(handle
, path
, name
, value
, size
,
2074 do_log(SMB_VFS_OP_LSETXATTR
, (result
>= 0), handle
,
2075 "%s|%s", path
, name
);
2080 static int smb_full_audit_fsetxattr(struct vfs_handle_struct
*handle
,
2081 struct files_struct
*fsp
, const char *name
,
2082 const void *value
, size_t size
, int flags
)
2086 result
= SMB_VFS_NEXT_FSETXATTR(handle
, fsp
, name
, value
, size
, flags
);
2088 do_log(SMB_VFS_OP_FSETXATTR
, (result
>= 0), handle
,
2089 "%s|%s", fsp_str_do_log(fsp
), name
);
2094 static int smb_full_audit_aio_read(struct vfs_handle_struct
*handle
, struct files_struct
*fsp
, SMB_STRUCT_AIOCB
*aiocb
)
2098 result
= SMB_VFS_NEXT_AIO_READ(handle
, fsp
, aiocb
);
2099 do_log(SMB_VFS_OP_AIO_READ
, (result
>= 0), handle
,
2100 "%s", fsp_str_do_log(fsp
));
2105 static int smb_full_audit_aio_write(struct vfs_handle_struct
*handle
, struct files_struct
*fsp
, SMB_STRUCT_AIOCB
*aiocb
)
2109 result
= SMB_VFS_NEXT_AIO_WRITE(handle
, fsp
, aiocb
);
2110 do_log(SMB_VFS_OP_AIO_WRITE
, (result
>= 0), handle
,
2111 "%s", fsp_str_do_log(fsp
));
2116 static ssize_t
smb_full_audit_aio_return(struct vfs_handle_struct
*handle
, struct files_struct
*fsp
, SMB_STRUCT_AIOCB
*aiocb
)
2120 result
= SMB_VFS_NEXT_AIO_RETURN(handle
, fsp
, aiocb
);
2121 do_log(SMB_VFS_OP_AIO_RETURN
, (result
>= 0), handle
,
2122 "%s", fsp_str_do_log(fsp
));
2127 static int smb_full_audit_aio_cancel(struct vfs_handle_struct
*handle
, struct files_struct
*fsp
, SMB_STRUCT_AIOCB
*aiocb
)
2131 result
= SMB_VFS_NEXT_AIO_CANCEL(handle
, fsp
, aiocb
);
2132 do_log(SMB_VFS_OP_AIO_CANCEL
, (result
>= 0), handle
,
2133 "%s", fsp_str_do_log(fsp
));
2138 static int smb_full_audit_aio_error(struct vfs_handle_struct
*handle
, struct files_struct
*fsp
, SMB_STRUCT_AIOCB
*aiocb
)
2142 result
= SMB_VFS_NEXT_AIO_ERROR(handle
, fsp
, aiocb
);
2143 do_log(SMB_VFS_OP_AIO_ERROR
, (result
>= 0), handle
,
2144 "%s", fsp_str_do_log(fsp
));
2149 static int smb_full_audit_aio_fsync(struct vfs_handle_struct
*handle
, struct files_struct
*fsp
, int op
, SMB_STRUCT_AIOCB
*aiocb
)
2153 result
= SMB_VFS_NEXT_AIO_FSYNC(handle
, fsp
, op
, aiocb
);
2154 do_log(SMB_VFS_OP_AIO_FSYNC
, (result
>= 0), handle
,
2155 "%s", fsp_str_do_log(fsp
));
2160 static int smb_full_audit_aio_suspend(struct vfs_handle_struct
*handle
, struct files_struct
*fsp
, const SMB_STRUCT_AIOCB
* const aiocb
[], int n
, const struct timespec
*ts
)
2164 result
= SMB_VFS_NEXT_AIO_SUSPEND(handle
, fsp
, aiocb
, n
, ts
);
2165 do_log(SMB_VFS_OP_AIO_SUSPEND
, (result
>= 0), handle
,
2166 "%s", fsp_str_do_log(fsp
));
2171 static bool smb_full_audit_aio_force(struct vfs_handle_struct
*handle
,
2172 struct files_struct
*fsp
)
2176 result
= SMB_VFS_NEXT_AIO_FORCE(handle
, fsp
);
2177 do_log(SMB_VFS_OP_AIO_FORCE
, result
, handle
,
2178 "%s", fsp_str_do_log(fsp
));
2183 static struct vfs_fn_pointers vfs_full_audit_fns
= {
2185 /* Disk operations */
2187 .connect_fn
= smb_full_audit_connect
,
2188 .disconnect
= smb_full_audit_disconnect
,
2189 .disk_free
= smb_full_audit_disk_free
,
2190 .get_quota
= smb_full_audit_get_quota
,
2191 .set_quota
= smb_full_audit_set_quota
,
2192 .get_shadow_copy_data
= smb_full_audit_get_shadow_copy_data
,
2193 .statvfs
= smb_full_audit_statvfs
,
2194 .fs_capabilities
= smb_full_audit_fs_capabilities
,
2195 .opendir
= smb_full_audit_opendir
,
2196 .readdir
= smb_full_audit_readdir
,
2197 .seekdir
= smb_full_audit_seekdir
,
2198 .telldir
= smb_full_audit_telldir
,
2199 .rewind_dir
= smb_full_audit_rewinddir
,
2200 .mkdir
= smb_full_audit_mkdir
,
2201 .rmdir
= smb_full_audit_rmdir
,
2202 .closedir
= smb_full_audit_closedir
,
2203 .init_search_op
= smb_full_audit_init_search_op
,
2204 .open
= smb_full_audit_open
,
2205 .create_file
= smb_full_audit_create_file
,
2206 .close_fn
= smb_full_audit_close
,
2207 .vfs_read
= smb_full_audit_read
,
2208 .pread
= smb_full_audit_pread
,
2209 .write
= smb_full_audit_write
,
2210 .pwrite
= smb_full_audit_pwrite
,
2211 .lseek
= smb_full_audit_lseek
,
2212 .sendfile
= smb_full_audit_sendfile
,
2213 .recvfile
= smb_full_audit_recvfile
,
2214 .rename
= smb_full_audit_rename
,
2215 .fsync
= smb_full_audit_fsync
,
2216 .stat
= smb_full_audit_stat
,
2217 .fstat
= smb_full_audit_fstat
,
2218 .lstat
= smb_full_audit_lstat
,
2219 .get_alloc_size
= smb_full_audit_get_alloc_size
,
2220 .unlink
= smb_full_audit_unlink
,
2221 .chmod
= smb_full_audit_chmod
,
2222 .fchmod
= smb_full_audit_fchmod
,
2223 .chown
= smb_full_audit_chown
,
2224 .fchown
= smb_full_audit_fchown
,
2225 .lchown
= smb_full_audit_lchown
,
2226 .chdir
= smb_full_audit_chdir
,
2227 .getwd
= smb_full_audit_getwd
,
2228 .ntimes
= smb_full_audit_ntimes
,
2229 .ftruncate
= smb_full_audit_ftruncate
,
2230 .lock
= smb_full_audit_lock
,
2231 .kernel_flock
= smb_full_audit_kernel_flock
,
2232 .linux_setlease
= smb_full_audit_linux_setlease
,
2233 .getlock
= smb_full_audit_getlock
,
2234 .symlink
= smb_full_audit_symlink
,
2235 .vfs_readlink
= smb_full_audit_readlink
,
2236 .link
= smb_full_audit_link
,
2237 .mknod
= smb_full_audit_mknod
,
2238 .realpath
= smb_full_audit_realpath
,
2239 .notify_watch
= smb_full_audit_notify_watch
,
2240 .chflags
= smb_full_audit_chflags
,
2241 .file_id_create
= smb_full_audit_file_id_create
,
2242 .streaminfo
= smb_full_audit_streaminfo
,
2243 .get_real_filename
= smb_full_audit_get_real_filename
,
2244 .connectpath
= smb_full_audit_connectpath
,
2245 .brl_lock_windows
= smb_full_audit_brl_lock_windows
,
2246 .brl_unlock_windows
= smb_full_audit_brl_unlock_windows
,
2247 .brl_cancel_windows
= smb_full_audit_brl_cancel_windows
,
2248 .strict_lock
= smb_full_audit_strict_lock
,
2249 .strict_unlock
= smb_full_audit_strict_unlock
,
2250 .translate_name
= smb_full_audit_translate_name
,
2251 .fget_nt_acl
= smb_full_audit_fget_nt_acl
,
2252 .get_nt_acl
= smb_full_audit_get_nt_acl
,
2253 .fset_nt_acl
= smb_full_audit_fset_nt_acl
,
2254 .chmod_acl
= smb_full_audit_chmod_acl
,
2255 .fchmod_acl
= smb_full_audit_fchmod_acl
,
2256 .sys_acl_get_entry
= smb_full_audit_sys_acl_get_entry
,
2257 .sys_acl_get_tag_type
= smb_full_audit_sys_acl_get_tag_type
,
2258 .sys_acl_get_permset
= smb_full_audit_sys_acl_get_permset
,
2259 .sys_acl_get_qualifier
= smb_full_audit_sys_acl_get_qualifier
,
2260 .sys_acl_get_file
= smb_full_audit_sys_acl_get_file
,
2261 .sys_acl_get_fd
= smb_full_audit_sys_acl_get_fd
,
2262 .sys_acl_clear_perms
= smb_full_audit_sys_acl_clear_perms
,
2263 .sys_acl_add_perm
= smb_full_audit_sys_acl_add_perm
,
2264 .sys_acl_to_text
= smb_full_audit_sys_acl_to_text
,
2265 .sys_acl_init
= smb_full_audit_sys_acl_init
,
2266 .sys_acl_create_entry
= smb_full_audit_sys_acl_create_entry
,
2267 .sys_acl_set_tag_type
= smb_full_audit_sys_acl_set_tag_type
,
2268 .sys_acl_set_qualifier
= smb_full_audit_sys_acl_set_qualifier
,
2269 .sys_acl_set_permset
= smb_full_audit_sys_acl_set_permset
,
2270 .sys_acl_valid
= smb_full_audit_sys_acl_valid
,
2271 .sys_acl_set_file
= smb_full_audit_sys_acl_set_file
,
2272 .sys_acl_set_fd
= smb_full_audit_sys_acl_set_fd
,
2273 .sys_acl_delete_def_file
= smb_full_audit_sys_acl_delete_def_file
,
2274 .sys_acl_get_perm
= smb_full_audit_sys_acl_get_perm
,
2275 .sys_acl_free_text
= smb_full_audit_sys_acl_free_text
,
2276 .sys_acl_free_acl
= smb_full_audit_sys_acl_free_acl
,
2277 .sys_acl_free_qualifier
= smb_full_audit_sys_acl_free_qualifier
,
2278 .getxattr
= smb_full_audit_getxattr
,
2279 .lgetxattr
= smb_full_audit_lgetxattr
,
2280 .fgetxattr
= smb_full_audit_fgetxattr
,
2281 .listxattr
= smb_full_audit_listxattr
,
2282 .llistxattr
= smb_full_audit_llistxattr
,
2283 .flistxattr
= smb_full_audit_flistxattr
,
2284 .removexattr
= smb_full_audit_removexattr
,
2285 .lremovexattr
= smb_full_audit_lremovexattr
,
2286 .fremovexattr
= smb_full_audit_fremovexattr
,
2287 .setxattr
= smb_full_audit_setxattr
,
2288 .lsetxattr
= smb_full_audit_lsetxattr
,
2289 .fsetxattr
= smb_full_audit_fsetxattr
,
2290 .aio_read
= smb_full_audit_aio_read
,
2291 .aio_write
= smb_full_audit_aio_write
,
2292 .aio_return_fn
= smb_full_audit_aio_return
,
2293 .aio_cancel
= smb_full_audit_aio_cancel
,
2294 .aio_error_fn
= smb_full_audit_aio_error
,
2295 .aio_fsync
= smb_full_audit_aio_fsync
,
2296 .aio_suspend
= smb_full_audit_aio_suspend
,
2297 .aio_force
= smb_full_audit_aio_force
,
2300 NTSTATUS
vfs_full_audit_init(void)
2302 NTSTATUS ret
= smb_register_vfs(SMB_VFS_INTERFACE_VERSION
,
2303 "full_audit", &vfs_full_audit_fns
);
2305 if (!NT_STATUS_IS_OK(ret
))
2308 vfs_full_audit_debug_level
= debug_add_class("full_audit");
2309 if (vfs_full_audit_debug_level
== -1) {
2310 vfs_full_audit_debug_level
= DBGC_VFS
;
2311 DEBUG(0, ("vfs_full_audit: Couldn't register custom debugging "
2314 DEBUG(10, ("vfs_full_audit: Debug class number of "
2315 "'full_audit': %d\n", vfs_full_audit_debug_level
));