diff options
-rw-r--r-- | source3/include/vfs.h | 6 | ||||
-rw-r--r-- | source3/include/vfs_macros.h | 5 | ||||
-rw-r--r-- | source3/modules/vfs_default.c | 10 | ||||
-rw-r--r-- | source3/smbd/vfs.c | 14 |
4 files changed, 35 insertions, 0 deletions
diff --git a/source3/include/vfs.h b/source3/include/vfs.h index e858235a91..b5f234ad09 100644 --- a/source3/include/vfs.h +++ b/source3/include/vfs.h @@ -370,6 +370,12 @@ struct vfs_fn_pointers { uint32 security_info_sent, const struct security_descriptor *psd); + NTSTATUS (*audit_file_fn)(struct vfs_handle_struct *handle, + struct smb_filename *file, + struct security_acl *sacl, + uint32_t access_requested, + uint32_t access_denied); + /* POSIX ACL operations. */ int (*chmod_acl_fn)(struct vfs_handle_struct *handle, const char *name, mode_t mode); diff --git a/source3/include/vfs_macros.h b/source3/include/vfs_macros.h index c324439e3f..3c2256bfee 100644 --- a/source3/include/vfs_macros.h +++ b/source3/include/vfs_macros.h @@ -389,6 +389,11 @@ #define SMB_VFS_NEXT_GET_NT_ACL(handle, name, security_info, ppdesc) \ smb_vfs_call_get_nt_acl((handle)->next, (name), (security_info), (ppdesc)) +#define SMB_VFS_AUDIT_FILE(conn, name, sacl, access_requested, access_denied) \ + smb_vfs_call_audit_file((conn)->vfs_handles, (name), (sacl), (access_requested), (access_denied)) +#define SMB_VFS_NEXT_AUDIT_FILE(handle, name, sacl, access_requested, access_denied) \ + smb_vfs_call_audit_file((handle)->next, (name), (sacl), (access_requested), (access_denied)) + #define SMB_VFS_FSET_NT_ACL(fsp, security_info_sent, psd) \ smb_vfs_call_fset_nt_acl((fsp)->conn->vfs_handles, (fsp), (security_info_sent), (psd)) #define SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, security_info_sent, psd) \ diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c index dd5441740a..887dbcb9af 100644 --- a/source3/modules/vfs_default.c +++ b/source3/modules/vfs_default.c @@ -1872,6 +1872,15 @@ static NTSTATUS vfswrap_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp return result; } +NTSTATUS vfswrap_audit_file(struct vfs_handle_struct *handle, + struct smb_filename *file, + struct security_acl *sacl, + uint32_t access_requested, + uint32_t access_denied) +{ + return NT_STATUS_OK; /* Nothing to do here ... */ +} + static int vfswrap_chmod_acl(vfs_handle_struct *handle, const char *name, mode_t mode) { #ifdef HAVE_NO_ACL @@ -2249,6 +2258,7 @@ static struct vfs_fn_pointers vfs_default_fns = { .fget_nt_acl_fn = vfswrap_fget_nt_acl, .get_nt_acl_fn = vfswrap_get_nt_acl, .fset_nt_acl_fn = vfswrap_fset_nt_acl, + .audit_file_fn = vfswrap_audit_file, /* POSIX ACL operations. */ diff --git a/source3/smbd/vfs.c b/source3/smbd/vfs.c index 6c9692a65b..2be6c54a88 100644 --- a/source3/smbd/vfs.c +++ b/source3/smbd/vfs.c @@ -1958,6 +1958,20 @@ NTSTATUS smb_vfs_call_fset_nt_acl(struct vfs_handle_struct *handle, psd); } +NTSTATUS smb_vfs_call_audit_file(struct vfs_handle_struct *handle, + struct smb_filename *file, + struct security_acl *sacl, + uint32_t access_requested, + uint32_t access_denied) +{ + VFS_FIND(audit_file); + return handle->fns->audit_file_fn(handle, + file, + sacl, + access_requested, + access_denied); +} + int smb_vfs_call_chmod_acl(struct vfs_handle_struct *handle, const char *name, mode_t mode) { |