From 0dc3f423d25d3a50fa39ecee8a8ca13cdfe32267 Mon Sep 17 00:00:00 2001
From: Richard Sharpe <realrichardsharpe@gmail.com>
Date: Fri, 27 Apr 2012 21:31:34 -0700
Subject: Add an audit file VFS routine so we can handle auditing with SACLs.

Autobuild-User: Richard Sharpe <sharpe@samba.org>
Autobuild-Date: Sat Apr 28 08:05:00 CEST 2012 on sn-devel-104
---
 source3/include/vfs.h        | 6 ++++++
 source3/include/vfs_macros.h | 5 +++++
 2 files changed, 11 insertions(+)

(limited to 'source3/include')

diff --git a/source3/include/vfs.h b/source3/include/vfs.h
index e858235a91..b5f234ad09 100644
--- a/source3/include/vfs.h
+++ b/source3/include/vfs.h
@@ -370,6 +370,12 @@ struct vfs_fn_pointers {
 				   uint32 security_info_sent,
 				   const struct security_descriptor *psd);
 
+	NTSTATUS (*audit_file_fn)(struct vfs_handle_struct *handle,
+				  struct smb_filename *file,
+				  struct security_acl *sacl,
+				  uint32_t access_requested,
+				  uint32_t access_denied);
+
 	/* POSIX ACL operations. */
 
 	int (*chmod_acl_fn)(struct vfs_handle_struct *handle, const char *name, mode_t mode);
diff --git a/source3/include/vfs_macros.h b/source3/include/vfs_macros.h
index c324439e3f..3c2256bfee 100644
--- a/source3/include/vfs_macros.h
+++ b/source3/include/vfs_macros.h
@@ -389,6 +389,11 @@
 #define SMB_VFS_NEXT_GET_NT_ACL(handle, name, security_info, ppdesc) \
 	smb_vfs_call_get_nt_acl((handle)->next, (name), (security_info), (ppdesc))
 
+#define SMB_VFS_AUDIT_FILE(conn, name, sacl, access_requested, access_denied) \
+	smb_vfs_call_audit_file((conn)->vfs_handles, (name), (sacl), (access_requested), (access_denied))
+#define SMB_VFS_NEXT_AUDIT_FILE(handle, name, sacl, access_requested, access_denied) \
+	smb_vfs_call_audit_file((handle)->next, (name), (sacl), (access_requested), (access_denied))
+
 #define SMB_VFS_FSET_NT_ACL(fsp, security_info_sent, psd) \
 	smb_vfs_call_fset_nt_acl((fsp)->conn->vfs_handles, (fsp), (security_info_sent), (psd))
 #define SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, security_info_sent, psd) \
-- 
cgit