diff options
Diffstat (limited to 'source3/modules/vfs_full_audit.c')
| -rw-r--r-- | source3/modules/vfs_full_audit.c | 35 |
1 files changed, 32 insertions, 3 deletions
diff --git a/source3/modules/vfs_full_audit.c b/source3/modules/vfs_full_audit.c index 7970bf2644..1d9983a753 100644 --- a/source3/modules/vfs_full_audit.c +++ b/source3/modules/vfs_full_audit.c @@ -211,6 +211,11 @@ static NTSTATUS smb_full_audit_streaminfo(vfs_handle_struct *handle, TALLOC_CTX *mem_ctx, unsigned int *pnum_streams, struct stream_struct **pstreams); +static int smb_full_audit_get_real_filename(struct vfs_handle_struct *handle, + const char *path, + const char *name, + TALLOC_CTX *mem_ctx, + char **found_name); static NTSTATUS smb_full_audit_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info, SEC_DESC **ppdesc); @@ -444,6 +449,8 @@ static vfs_op_tuple audit_op_tuples[] = { SMB_VFS_LAYER_LOGGER}, {SMB_VFS_OP(smb_full_audit_streaminfo), SMB_VFS_OP_STREAMINFO, SMB_VFS_LAYER_LOGGER}, + {SMB_VFS_OP(smb_full_audit_get_real_filename), SMB_VFS_OP_GET_REAL_FILENAME, + SMB_VFS_LAYER_LOGGER}, /* NT ACL operations. */ @@ -576,6 +583,7 @@ static struct { { SMB_VFS_OP_RMDIR, "rmdir" }, { SMB_VFS_OP_CLOSEDIR, "closedir" }, { SMB_VFS_OP_OPEN, "open" }, + { SMB_VFS_OP_CREATE_FILE, "create_file" }, { SMB_VFS_OP_CLOSE, "close" }, { SMB_VFS_OP_READ, "read" }, { SMB_VFS_OP_PREAD, "pread" }, @@ -612,6 +620,7 @@ static struct { { SMB_VFS_OP_CHFLAGS, "chflags" }, { SMB_VFS_OP_FILE_ID_CREATE, "file_id_create" }, { SMB_VFS_OP_STREAMINFO, "streaminfo" }, + { SMB_VFS_OP_GET_REAL_FILENAME, "get_real_filename" }, { SMB_VFS_OP_FGET_NT_ACL, "fget_nt_acl" }, { SMB_VFS_OP_GET_NT_ACL, "get_nt_acl" }, { SMB_VFS_OP_FSET_NT_ACL, "fset_nt_acl" }, @@ -712,6 +721,7 @@ static int audit_syslog_priority(vfs_handle_struct *handle) static char *audit_prefix(TALLOC_CTX *ctx, connection_struct *conn) { char *prefix = NULL; + char *result; prefix = talloc_strdup(ctx, lp_parm_const_string(SNUM(conn), "full_audit", @@ -719,7 +729,7 @@ static char *audit_prefix(TALLOC_CTX *ctx, connection_struct *conn) if (!prefix) { return NULL; } - return talloc_sub_advanced(ctx, + result = talloc_sub_advanced(ctx, lp_servicename(SNUM(conn)), conn->server_info->unix_name, conn->connectpath, @@ -727,6 +737,8 @@ static char *audit_prefix(TALLOC_CTX *ctx, connection_struct *conn) conn->server_info->sanitized_username, pdb_get_domain(conn->server_info->sam_account), prefix); + TALLOC_FREE(prefix); + return result; } static bool log_success(vfs_handle_struct *handle, vfs_op_type op) @@ -840,14 +852,14 @@ static void do_log(vfs_op_type op, bool success, vfs_handle_struct *handle, fstr_sprintf(err_msg, "fail (%s)", strerror(errno)); va_start(ap, format); - op_msg = talloc_vasprintf(NULL, format, ap); + op_msg = talloc_vasprintf(talloc_tos(), format, ap); va_end(ap); if (!op_msg) { return; } - audit_pre = audit_prefix(NULL, handle->conn); + audit_pre = audit_prefix(talloc_tos(), handle->conn); syslog(audit_syslog_priority(handle), "%s|%s|%s|%s\n", audit_pre ? audit_pre : "", audit_opname(op), err_msg, op_msg); @@ -1615,6 +1627,23 @@ static NTSTATUS smb_full_audit_streaminfo(vfs_handle_struct *handle, return result; } +static int smb_full_audit_get_real_filename(struct vfs_handle_struct *handle, + const char *path, + const char *name, + TALLOC_CTX *mem_ctx, + char **found_name) +{ + int result; + + result = SMB_VFS_NEXT_GET_REAL_FILENAME(handle, path, name, mem_ctx, + found_name); + + do_log(SMB_VFS_OP_GET_REAL_FILENAME, (result == 0), handle, + "%s/%s->%s", path, name, (result == 0) ? "" : *found_name); + + return result; +} + static NTSTATUS smb_full_audit_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info, SEC_DESC **ppdesc) |