summaryrefslogtreecommitdiff
path: root/source3/modules/vfs_full_audit.c
diff options
context:
space:
mode:
Diffstat (limited to 'source3/modules/vfs_full_audit.c')
-rw-r--r--source3/modules/vfs_full_audit.c35
1 files changed, 32 insertions, 3 deletions
diff --git a/source3/modules/vfs_full_audit.c b/source3/modules/vfs_full_audit.c
index 7970bf2644..1d9983a753 100644
--- a/source3/modules/vfs_full_audit.c
+++ b/source3/modules/vfs_full_audit.c
@@ -211,6 +211,11 @@ static NTSTATUS smb_full_audit_streaminfo(vfs_handle_struct *handle,
TALLOC_CTX *mem_ctx,
unsigned int *pnum_streams,
struct stream_struct **pstreams);
+static int smb_full_audit_get_real_filename(struct vfs_handle_struct *handle,
+ const char *path,
+ const char *name,
+ TALLOC_CTX *mem_ctx,
+ char **found_name);
static NTSTATUS smb_full_audit_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
uint32 security_info,
SEC_DESC **ppdesc);
@@ -444,6 +449,8 @@ static vfs_op_tuple audit_op_tuples[] = {
SMB_VFS_LAYER_LOGGER},
{SMB_VFS_OP(smb_full_audit_streaminfo), SMB_VFS_OP_STREAMINFO,
SMB_VFS_LAYER_LOGGER},
+ {SMB_VFS_OP(smb_full_audit_get_real_filename), SMB_VFS_OP_GET_REAL_FILENAME,
+ SMB_VFS_LAYER_LOGGER},
/* NT ACL operations. */
@@ -576,6 +583,7 @@ static struct {
{ SMB_VFS_OP_RMDIR, "rmdir" },
{ SMB_VFS_OP_CLOSEDIR, "closedir" },
{ SMB_VFS_OP_OPEN, "open" },
+ { SMB_VFS_OP_CREATE_FILE, "create_file" },
{ SMB_VFS_OP_CLOSE, "close" },
{ SMB_VFS_OP_READ, "read" },
{ SMB_VFS_OP_PREAD, "pread" },
@@ -612,6 +620,7 @@ static struct {
{ SMB_VFS_OP_CHFLAGS, "chflags" },
{ SMB_VFS_OP_FILE_ID_CREATE, "file_id_create" },
{ SMB_VFS_OP_STREAMINFO, "streaminfo" },
+ { SMB_VFS_OP_GET_REAL_FILENAME, "get_real_filename" },
{ SMB_VFS_OP_FGET_NT_ACL, "fget_nt_acl" },
{ SMB_VFS_OP_GET_NT_ACL, "get_nt_acl" },
{ SMB_VFS_OP_FSET_NT_ACL, "fset_nt_acl" },
@@ -712,6 +721,7 @@ static int audit_syslog_priority(vfs_handle_struct *handle)
static char *audit_prefix(TALLOC_CTX *ctx, connection_struct *conn)
{
char *prefix = NULL;
+ char *result;
prefix = talloc_strdup(ctx,
lp_parm_const_string(SNUM(conn), "full_audit",
@@ -719,7 +729,7 @@ static char *audit_prefix(TALLOC_CTX *ctx, connection_struct *conn)
if (!prefix) {
return NULL;
}
- return talloc_sub_advanced(ctx,
+ result = talloc_sub_advanced(ctx,
lp_servicename(SNUM(conn)),
conn->server_info->unix_name,
conn->connectpath,
@@ -727,6 +737,8 @@ static char *audit_prefix(TALLOC_CTX *ctx, connection_struct *conn)
conn->server_info->sanitized_username,
pdb_get_domain(conn->server_info->sam_account),
prefix);
+ TALLOC_FREE(prefix);
+ return result;
}
static bool log_success(vfs_handle_struct *handle, vfs_op_type op)
@@ -840,14 +852,14 @@ static void do_log(vfs_op_type op, bool success, vfs_handle_struct *handle,
fstr_sprintf(err_msg, "fail (%s)", strerror(errno));
va_start(ap, format);
- op_msg = talloc_vasprintf(NULL, format, ap);
+ op_msg = talloc_vasprintf(talloc_tos(), format, ap);
va_end(ap);
if (!op_msg) {
return;
}
- audit_pre = audit_prefix(NULL, handle->conn);
+ audit_pre = audit_prefix(talloc_tos(), handle->conn);
syslog(audit_syslog_priority(handle), "%s|%s|%s|%s\n",
audit_pre ? audit_pre : "",
audit_opname(op), err_msg, op_msg);
@@ -1615,6 +1627,23 @@ static NTSTATUS smb_full_audit_streaminfo(vfs_handle_struct *handle,
return result;
}
+static int smb_full_audit_get_real_filename(struct vfs_handle_struct *handle,
+ const char *path,
+ const char *name,
+ TALLOC_CTX *mem_ctx,
+ char **found_name)
+{
+ int result;
+
+ result = SMB_VFS_NEXT_GET_REAL_FILENAME(handle, path, name, mem_ctx,
+ found_name);
+
+ do_log(SMB_VFS_OP_GET_REAL_FILENAME, (result == 0), handle,
+ "%s/%s->%s", path, name, (result == 0) ? "" : *found_name);
+
+ return result;
+}
+
static NTSTATUS smb_full_audit_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
uint32 security_info,
SEC_DESC **ppdesc)