diff options
-rw-r--r-- | WHATSNEW.txt | 48 | ||||
-rw-r--r-- | docs/README-NOW | 10 | ||||
-rw-r--r-- | make-tarball.sh | 57 | ||||
-rw-r--r-- | source/VERSION | 2 | ||||
-rw-r--r-- | source/include/messages.h | 5 | ||||
-rw-r--r-- | source/libsmb/ntlmssp.c | 2 | ||||
-rw-r--r-- | source/modules/vfs_afsacl.c | 730 | ||||
-rw-r--r-- | source/modules/vfs_full_audit.c | 1789 | ||||
-rw-r--r-- | source/printing/notify.c | 9 | ||||
-rw-r--r-- | source/printing/printing.c | 69 | ||||
-rw-r--r-- | source/rpc_server/srv_spoolss_nt.c | 109 | ||||
-rw-r--r-- | source/smbd/server.c | 13 |
12 files changed, 182 insertions, 2661 deletions
diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 4c66cefc18a..c3e3dad047e 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,48 +1,17 @@ - ================================= - Release Notes for Samba 3.0.5pre1 - XXXX XX, 2004 - ================================= - -This is a preview release of the Samba 3.0.5 code base and is -provided for testing only. This release is *not* intended for -production servers. Use at your own risk. - -There have been several bug fixes since the 3.0.4 release that -we feel are important to make available to the Samba community -for wider testings. See the "Changes" section for details on -exact updates. - -Common bugs fixed in Samba 3.0.5pre1 include: - - o <FILL IN> - - -###################################################################### -Changes -####### - -Changes since 3.0.4 -------------------- - -commits -------- - - - - -Changes for older versions follow below: - - -------------------------------------------------- - ============================= Release Notes for Samba 3.0.4 May 8, 2004 ============================= +This is the latest stable release of Samba. This is the version +that production Samba servers should be running for all +current bug-fixes. There have been several issues fixes since +the 3.0.3 release and new features have been added as well. +See the "Changes" section for details on exact updates. Common bugs fixed in Samba 3.0.4 include: - o Password changing after applying the patch described in + o Password changing after applying the patch described in the Microsoft KB828741 article to Windows clients. o Crashes in smbd. o Managing print jobs via Windows on Big-Endian servers. @@ -50,6 +19,9 @@ Common bugs fixed in Samba 3.0.4 include: o Compile issues on AIX and *BSD. +###################################################################### +Changes +####### Changes since 3.0.3 -------------------- @@ -59,7 +31,7 @@ commits o Jeremy Allison <jra@samba.org> * Fix path processing for DeletePrinterDriverEx(). - * BUG 1303: Fix for Microsoft hotfix KB828741 password change + * BUG 1303: Fix for Microsoft hotfix MS04-011 password change breakage. diff --git a/docs/README-NOW b/docs/README-NOW deleted file mode 100644 index 46a772385cc..00000000000 --- a/docs/README-NOW +++ /dev/null @@ -1,10 +0,0 @@ - ATTENTION - DOCS TREE REMOVED ---------------------------------------------------- - -This docs tree has been moved to a separate CVS -module on cvs.samba.org name 'samba-docs'. -See http://cvs.samba.org/ for details on accessing -Samba cvs trees. - - diff --git a/make-tarball.sh b/make-tarball.sh deleted file mode 100644 index f3250d5c732..00000000000 --- a/make-tarball.sh +++ /dev/null @@ -1,57 +0,0 @@ -#!/bin/sh - -## A simple script to build a tarball of the current CVS tree. -## You either need to include the using_samba cvs module in the -## parent directory or tell the script where to find it -## -## Usgae: ./make-tarball.sh - -DOCSDIR=../samba-docs/ -USING_SAMBA=../using_samba/ -SRCDIR=`pwd` - -if [ ! -d $USING_SAMBA ]; then - - echo Cannot find "Using Samba" directory \(assuming $USING_SAMBA\). - echo Please set the USING_SAMBA variable in this script to the correct - echo location. The html files are available in the using_samba CVS - echo module on cvs.samba.org. See http://cvs/samba.org/ for details - echo about anonymous CVS access. Exiting now.... - - exit 1 - -fi - -if [ ! -d $DOCSDIR ]; then - - echo Cannot find samba-docs \(assuming $DOCSDIR\). - echo Please set the DOCSDIR variable in this script - echo to the correct path. - - exit 1 - -fi - - -VERSION=`grep SAMBA_VERSION_OFFICIAL_STRING source/include/version.h | cut -d\" -f2 | sed 's/ /_/g'` -TARBALLDIR=/tmp/samba-$VERSION - -echo Creating the tarball source directory in $TARBALLDIR - -/bin/rm -rf $TARBALLDIR -/bin/rm -f samba-$VERSION.tar - -mkdir $TARBALLDIR -rsync -aC ./ $TARBALLDIR -/bin/rm -rf $TARBALLDIR/docs/* -rsync -aC $DOCSDIR/ $TARBALLDIR/docs/ -rsync -aC $USING_SAMBA $TARBALLDIR/docs/htmldocs/ - -echo Creating packaging scripts... -( cd $TARBALLDIR/packaging; sh bin/update-pkginfo $VERSION 1 ) - -echo Creating source/configure... -( cd $TARBALLDIR/source; ./autogen.sh ) - -echo Making tarball samba-$VERSION.tar in current directory... -( cd `dirname $TARBALLDIR`; tar cf $SRCDIR/samba-$VERSION.tar samba-$VERSION ) diff --git a/source/VERSION b/source/VERSION index 2ca60435f4e..e493805fdb4 100644 --- a/source/VERSION +++ b/source/VERSION @@ -51,7 +51,7 @@ SAMBA_VERSION_RC_RELEASE= # e.g. SAMBA_VERSION_IS_SVN_SNAPSHOT=yes # # -> "3.0.0-SVN-build-199" # ######################################################## -SAMBA_VERSION_IS_SVN_SNAPSHOT=yes +SAMBA_VERSION_IS_SVN_SNAPSHOT= ######################################################## # This can be set by vendors if they want... # diff --git a/source/include/messages.h b/source/include/messages.h index 37e9372cdaa..78f19fa0bdb 100644 --- a/source/include/messages.h +++ b/source/include/messages.h @@ -49,9 +49,10 @@ /* printing messages */ /* #define MSG_PRINTER_NOTIFY 2001*/ /* Obsolete */ -#define MSG_PRINTER_DRVUPGRADE 2002 -#define MSG_PRINTER_NOTIFY2 2003 +#define MSG_PRINTER_DRVUPGRADE 2002 +#define MSG_PRINTER_NOTIFY2 2003 #define MSG_PRINTERDATA_INIT_RESET 2004 +#define MSG_PRINTER_UPDATE 2005 /* smbd messages */ #define MSG_SMB_CONF_UPDATED 3001 diff --git a/source/libsmb/ntlmssp.c b/source/libsmb/ntlmssp.c index 66d48afc463..52e5cd004ff 100644 --- a/source/libsmb/ntlmssp.c +++ b/source/libsmb/ntlmssp.c @@ -1102,6 +1102,8 @@ NTSTATUS ntlmssp_client_start(NTLMSSP_STATE **ntlmssp_state) NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_NEGOTIATE_NTLM2 | NTLMSSP_NEGOTIATE_KEY_EXCH | + NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED | + NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED | /* * We need to set this to allow a later SetPassword * via the SAMR pipe to succeed. Strange.... We could diff --git a/source/modules/vfs_afsacl.c b/source/modules/vfs_afsacl.c deleted file mode 100644 index 01b3fcb2b90..00000000000 --- a/source/modules/vfs_afsacl.c +++ /dev/null @@ -1,730 +0,0 @@ -/* - * Convert AFS acls to NT acls and vice versa. - * - * Copyright (C) Volker Lendecke, 2003 - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - */ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_VFS - -#include <afs/stds.h> -#include <afs/afs.h> -#include <afs/auth.h> -#include <afs/venus.h> -#include <afs/prs_fs.h> - -#define MAXSIZE 2048 - -extern DOM_SID global_sid_World; -extern DOM_SID global_sid_Builtin_Administrators; -extern DOM_SID global_sid_Builtin_Backup_Operators; -extern DOM_SID global_sid_Authenticated_Users; -extern DOM_SID global_sid_NULL; - -extern int afs_syscall(int, char *, int, char *, int); - -struct afs_ace { - BOOL positive; - char *name; - DOM_SID sid; - enum SID_NAME_USE type; - uint32 rights; - struct afs_ace *next; -}; - -struct afs_acl { - TALLOC_CTX *ctx; - int type; - int num_aces; - struct afs_ace *acelist; -}; - -struct afs_iob { - char *in, *out; - uint16 in_size, out_size; -}; - - -static BOOL init_afs_acl(struct afs_acl *acl) -{ - ZERO_STRUCT(*acl); - acl->ctx = talloc_init("afs_acl"); - if (acl->ctx == NULL) { - DEBUG(10, ("Could not init afs_acl")); - return False; - } - return True; -} - -static void free_afs_acl(struct afs_acl *acl) -{ - talloc_destroy(acl->ctx); -} - -static struct afs_ace *clone_afs_ace(TALLOC_CTX *mem_ctx, struct afs_ace *ace) -{ - struct afs_ace *result = talloc(mem_ctx, sizeof(struct afs_ace)); - - if (result == NULL) - return NULL; - - *result = *ace; - - result->next = NULL; - result->name = talloc_strdup(mem_ctx, ace->name); - - if (result->name == NULL) { - return NULL; - } - - return result; -} - - -/* Ok, this is sort-of a hack. We assume here that we have winbind users in - * AFS. And yet another copy of parse_domain_user.... */ - -static BOOL parse_domain_user(const char *domuser, fstring domain, - fstring user) -{ - char *p = strchr(domuser,*lp_winbind_separator()); - - if (p==NULL) { - return False; - } - - fstrcpy(user, p+1); - fstrcpy(domain, domuser); - domain[PTR_DIFF(p, domuser)] = 0; - strupper_m(domain); - - return True; -} - -static struct afs_ace *new_afs_ace(TALLOC_CTX *mem_ctx, - BOOL positive, - const char *name, uint32 rights) -{ - DOM_SID sid; - enum SID_NAME_USE type; - struct afs_ace *result; - - if (strcmp(name, "system:administrators") == 0) { - - sid_copy(&sid, &global_sid_Builtin_Administrators); - type = SID_NAME_ALIAS; - - } else if (strcmp(name, "system:anyuser") == 0) { - - sid_copy(&sid, &global_sid_World); - type = SID_NAME_ALIAS; - - } else if (strcmp(name, "system:authuser") == 0) { - - sid_copy(&sid, &global_sid_Authenticated_Users); - type = SID_NAME_WKN_GRP; - - } else if (strcmp(name, "system:backup") == 0) { - - sid_copy(&sid, &global_sid_Builtin_Backup_Operators); - type = SID_NAME_ALIAS; - - } else { - - fstring user, domain; - - if (!parse_domain_user(name, domain, user)) { - fstrcpy(user, name); - fstrcpy(domain, lp_workgroup()); - } - - if (!lookup_name(domain, user, &sid, &type)) { - DEBUG(10, ("Could not find AFS user %s\n", name)); - - sid_copy(&sid, &global_sid_NULL); - type = SID_NAME_UNKNOWN; - - } - } - - result = talloc(mem_ctx, sizeof(struct afs_ace)); - - if (result == NULL) { - DEBUG(0, ("Could not talloc AFS ace\n")); - return NULL; - } - - result->name = talloc_strdup(mem_ctx, name); - if (result->name == NULL) { - DEBUG(0, ("Could not talloc AFS ace name\n")); - return NULL; - } - - result->sid = sid; - result->type = type; - - result->positive = positive; - result->rights = rights; - - return result; -} - -static void add_afs_ace(struct afs_acl *acl, - BOOL positive, - const char *name, uint32 rights) -{ - struct afs_ace *ace; - - ace = new_afs_ace(acl->ctx, positive, name, rights); - - ace->next = acl->acelist; - acl->acelist = ace; - - acl->num_aces += 1; - - DEBUG(10, ("add_afs_ace: Added %s entry for %s with rights %d\n", - ace->positive?"positive":"negative", - ace->name, ace->rights)); - - return; -} - -/* AFS ACLs in string form are a long string of fields delimited with \n. - * - * First line: Number of positive entries - * Second line: Number of negative entries - * Third and following lines: The entries themselves - * - * An ACE is a line of two fields, delimited by \t. - * - * First field: Name - * Second field: Rights - */ - -static BOOL parse_afs_acl(struct afs_acl *acl, const char *acl_str) -{ - int nplus, nminus; - int aces; - - char str[MAXSIZE+1]; - char *p = str; - - strncpy(str, acl_str, MAXSIZE); - - if (sscanf(p, "%d", &nplus) != 1) - return False; - - DEBUG(10, ("Found %d positive entries\n", nplus)); - - if ((p = strchr(p, '\n')) == NULL) - return False; - p += 1; - - if (sscanf(p, "%d", &nminus) != 1) - return False; - - DEBUG(10, ("Found %d negative entries\n", nminus)); - - if ((p = strchr(p, '\n')) == NULL) - return False; - p += 1; - - for (aces = nplus+nminus; aces > 0; aces--) - { - - const char *name; - uint32 rights; - - name = p; - - if ((p = strchr(p, '\t')) == NULL) - return False; - *p = '\0'; - p += 1; - - if (sscanf(p, "%d", &rights) != 1) - return False; - - if ((p = strchr(p, '\n')) == NULL) - return False; - p += 1; - - add_afs_ace(acl, nplus>0, name, rights); - - nplus -= 1; - } - - return True; -} - -static BOOL unparse_afs_acl(struct afs_acl *acl, char *acl_str) -{ - /* TODO: String length checks!!!! */ - - int positives = 0; - int negatives = 0; - fstring line; - - *acl_str = 0; - - struct afs_ace *ace = acl->acelist; - - while (ace != NULL) { - if (ace->positive) - positives++; - else - negatives++; - ace = ace->next; - } - - fstr_sprintf(line, "%d\n", positives); - safe_strcat(acl_str, line, MAXSIZE); - - fstr_sprintf(line, "%d\n", negatives); - safe_strcat(acl_str, line, MAXSIZE); - - ace = acl->acelist; - - while (ace != NULL) { - fstr_sprintf(line, "%s\t%d\n", ace->name, ace->rights); - safe_strcat(acl_str, line, MAXSIZE); - ace = ace->next; - } - return True; -} - -static uint32 afs_to_nt_file_rights(uint32 rights) -{ - uint32 result = 0; - - if (rights & PRSFS_READ) - result |= FILE_READ_DATA | FILE_READ_EA | - FILE_EXECUTE | FILE_READ_ATTRIBUTES | - READ_CONTROL_ACCESS | SYNCHRONIZE_ACCESS; - - if (rights & PRSFS_WRITE) - result |= FILE_WRITE_DATA | FILE_WRITE_ATTRIBUTES | - FILE_WRITE_EA | FILE_APPEND_DATA; - - if (rights & PRSFS_LOCK) - result |= WRITE_OWNER_ACCESS; - - if (rights & PRSFS_DELETE) - result |= DELETE_ACCESS; - - return result; -} - -static uint32 afs_to_nt_dir_rights(uint32 rights) -{ - uint32 result = 0; - - if (rights & PRSFS_INSERT) - result |= FILE_ADD_FILE | FILE_ADD_SUBDIRECTORY; - - if (rights & PRSFS_LOOKUP) - result |= FILE_READ_DATA | FILE_READ_EA | - FILE_EXECUTE | FILE_READ_ATTRIBUTES | - READ_CONTROL_ACCESS | SYNCHRONIZE_ACCESS; - - if (rights & PRSFS_WRITE) - result |= FILE_WRITE_ATTRIBUTES | FILE_WRITE_DATA | - FILE_APPEND_DATA | FILE_WRITE_EA; - - if ((rights & (PRSFS_INSERT|PRSFS_LOOKUP|PRSFS_DELETE)) == - (PRSFS_INSERT|PRSFS_LOOKUP|PRSFS_DELETE)) - result |= FILE_WRITE_ATTRIBUTES | FILE_WRITE_EA | - GENERIC_WRITE_ACCESS; - - if (rights & PRSFS_DELETE) - result |= DELETE_ACCESS; - - if (rights & PRSFS_ADMINISTER) - result |= FILE_DELETE_CHILD | WRITE_DAC_ACCESS | - WRITE_OWNER_ACCESS; - - return result; -} - -static uint32 nt_to_afs_dir_rights(uint32 rights) -{ - uint32 result = 0; - - if (rights & (GENERIC_ALL_ACCESS|WRITE_DAC_ACCESS)) { - result |= PRSFS_READ | PRSFS_WRITE | PRSFS_INSERT | - PRSFS_LOOKUP | PRSFS_DELETE | PRSFS_LOCK | - PRSFS_ADMINISTER; - } - - if (rights & (GENERIC_READ_ACCESS|FILE_READ_DATA)) { - result |= PRSFS_READ | PRSFS_LOOKUP; - } - - if (rights & (GENERIC_WRITE_ACCESS|FILE_WRITE_DATA)) { - result |= PRSFS_WRITE | PRSFS_INSERT | PRSFS_DELETE | - PRSFS_LOCK; - } - - return result; -} - -static size_t afs_to_nt_acl(struct afs_acl *afs_acl, - struct files_struct *fsp, - uint32 security_info, - struct security_descriptor_info **ppdesc) -{ - SEC_ACE *nt_ace_list; - DOM_SID owner_sid, group_sid; - SEC_ACCESS mask; - SMB_STRUCT_STAT sbuf; - SEC_ACL *psa = NULL; - int good_aces; - size_t sd_size; - TALLOC_CTX *mem_ctx = main_loop_talloc_get(); - - struct afs_ace *afs_ace; - - if (fsp->is_directory || fsp->fd == -1) { - /* Get the stat struct for the owner info. */ - if(SMB_VFS_STAT(fsp->conn,fsp->fsp_name, &sbuf) != 0) { - return 0; - } - } else { - if(SMB_VFS_FSTAT(fsp,fsp->fd,&sbuf) != 0) { - return 0; - } - } - - uid_to_sid(&owner_sid, sbuf.st_uid); - gid_to_sid(&group_sid, sbuf.st_gid); - - nt_ace_list = (SEC_ACE *)malloc(afs_acl->num_aces * sizeof(SEC_ACE)); - - if (nt_ace_list == NULL) - return 0; - - afs_ace = afs_acl->acelist; - good_aces = 0; - - while (afs_ace != NULL) { - uint32 nt_rights; - - if (afs_ace->type == SID_NAME_UNKNOWN) { - DEBUG(10, ("Ignoring unknown name %s\n", - afs_ace->name)); - afs_ace = afs_ace->next; - continue; - } - - if (fsp->is_directory) - nt_rights = afs_to_nt_dir_rights(afs_ace->rights); - else - nt_rights = afs_to_nt_file_rights(afs_ace->rights); - - init_sec_access(&mask, nt_rights); - init_sec_ace(&nt_ace_list[good_aces++], &(afs_ace->sid), - SEC_ACE_TYPE_ACCESS_ALLOWED, mask, - SEC_ACE_FLAG_OBJECT_INHERIT | - SEC_ACE_FLAG_CONTAINER_INHERIT); - afs_ace = afs_ace->next; - } - - psa = make_sec_acl(mem_ctx, NT4_ACL_REVISION, - good_aces, nt_ace_list); - if (psa == NULL) - return 0; - - - *ppdesc = make_sec_desc(mem_ctx, SEC_DESC_REVISION, - SEC_DESC_SELF_RELATIVE, - (security_info & OWNER_SECURITY_INFORMATION) - ? &owner_sid : NULL, - (security_info & GROUP_SECURITY_INFORMATION) - ? &group_sid : NULL, - NULL, psa, &sd_size); - - return sd_size; -} - -static BOOL nt_to_afs_acl(uint32 security_info_sent, - struct security_descriptor_info *psd, - struct afs_acl *afs_acl) -{ - SEC_ACL *dacl; - int i; - - /* Currently we *only* look at the dacl */ - - if (((security_info_sent & DACL_SECURITY_INFORMATION) == 0) || - (psd->dacl == NULL)) - return True; - - if (!init_afs_acl(afs_acl)) - return False; - - dacl = psd->dacl; - - for (i = 0; i < dacl->num_aces; i++) { - SEC_ACE *ace = &(dacl->ace[i]); - fstring dom_name; - fstring name; - enum SID_NAME_USE name_type; - - if (ace->type != SEC_ACE_TYPE_ACCESS_ALLOWED) { - /* First cut: Only positive ACEs */ - return False; - } - - if (sid_compare(&ace->trustee, - &global_sid_Builtin_Administrators) == 0) { - - fstrcpy(name, "system:administrators"); - - } else if (sid_compare(&ace->trustee, - &global_sid_World) == 0) { - - fstrcpy(name, "system:anyuser"); - - } else if (sid_compare(&ace->trustee, - &global_sid_Authenticated_Users) == 0) { - - fstrcpy(name, "system:authuser"); - - } else if (sid_compare(&ace->trustee, - &global_sid_Builtin_Backup_Operators) - == 0) { - - fstrcpy(name, "system:backup"); - - } else { - - if (!lookup_sid(&ace->trustee, - dom_name, name, &name_type)) { - DEBUG(3, ("Could not lookup sid %s\n", - sid_string_static(&ace->trustee))); - return False; - } - - if (strcmp(dom_name, lp_workgroup()) != 0) { - DEBUG(3, ("Got SID for domain %s, not mine\n", - dom_name)); - return False; - } - - if ( (name_type == SID_NAME_USER) || - (name_type == SID_NAME_DOM_GRP) ) { - fstring only_username; - fstrcpy(only_username, name); - fstr_sprintf(name, "%s%s%s", - dom_name, lp_winbind_separator(), - only_username); - strlower_m(name); - } - } - - add_afs_ace(afs_acl, True, name, - nt_to_afs_dir_rights(ace->info.mask)); - } - - return True; -} - -static BOOL afs_get_afs_acl(char *filename, struct afs_acl *acl) -{ - struct afs_iob iob; - - int ret; - - char space[MAXSIZE]; - - DEBUG(5, ("afs_get_afs_acl: %s\n", filename)); - - iob.in_size = 0; - iob.out_size = MAXSIZE; - iob.in = iob.out = space; - - ret = afs_syscall(AFSCALL_PIOCTL, filename, VIOCGETAL, - (char *)&iob, 0); - - if (ret) { - DEBUG(1, ("got error from PIOCTL: %d\n", ret)); - return False; - } - - if (!init_afs_acl(acl)) - return False; - - if (!parse_afs_acl(acl, space)) { - DEBUG(1, ("Could not parse AFS acl\n")); - free_afs_acl(acl); - return False; - } - - return True; -} - -static size_t afs_get_nt_acl(struct files_struct *fsp, uint32 security_info, - struct security_descriptor_info **ppdesc) -{ - struct afs_acl acl; - size_t sd_size; - - DEBUG(5, ("afs_get_nt_acl: %s\n", fsp->fsp_name)); - - if (!afs_get_afs_acl(fsp->fsp_name, &acl)) { - return 0; - } - - sd_size = afs_to_nt_acl(&acl, fsp, security_info, ppdesc); - - free_afs_acl(&acl); - - return sd_size; -} - -/* For setting an AFS ACL we have to take care of the ACEs we could - * not properly map to SIDs. Merge all of them into the new ACL. */ - -static void merge_unknown_aces(struct afs_acl *src, struct afs_acl *dst) -{ - struct afs_ace *ace; - - for (ace = src->acelist; ace != NULL; ace = ace->next) - { - struct afs_ace *copy; - - if (ace->type != SID_NAME_UNKNOWN) { - DEBUG(10, ("Not merging known ACE for %s\n", - ace->name)); - continue; - } - - DEBUG(10, ("Merging unknown ACE for %s\n", ace->name)); - - copy = clone_afs_ace(dst->ctx, ace); - - if (copy == NULL) { - DEBUG(0, ("Could not clone ACE for %s\n", ace->name)); - continue; - } - - copy->next = dst->acelist; - dst->acelist = copy; - dst->num_aces += 1; - } -} - -static BOOL afs_set_nt_acl(files_struct *fsp, uint32 security_info_sent, - struct security_descriptor_info *psd) -{ - struct afs_acl old_afs_acl, new_afs_acl; - char acl_string[2049]; - struct afs_iob iob; - int ret; - - if (!fsp->is_directory) { - /* AFS only supports ACLs on directories... */ - return False; - } - - if (!afs_get_afs_acl(fsp->fsp_name, &old_afs_acl)) { - DEBUG(3, ("Could not get old ACL of %s\n", fsp->fsp_name)); - return False; - } - - if (!nt_to_afs_acl(security_info_sent, psd, &new_afs_acl)) { - free_afs_acl(&old_afs_acl); - return False; - } - - merge_unknown_aces(&old_afs_acl, &new_afs_acl); - - unparse_afs_acl(&new_afs_acl, acl_string); - - free_afs_acl(&old_afs_acl); - free_afs_acl(&new_afs_acl); - - iob.in = acl_string; - iob.in_size = 1+strlen(iob.in); - iob.out = NULL; - iob.out_size = 0; - - DEBUG(10, ("trying to set acl '%s' on file %s\n", - iob.in, fsp->fsp_name)); - - ret = afs_syscall(AFSCALL_PIOCTL, fsp->fsp_name, VIOCSETAL, - (char *)&iob, 0); - - if (ret != 0) { - DEBUG(10, ("VIOCSETAL returned %d\n", ret)); - } - - return (ret == 0); -} - -static size_t afsacl_fget_nt_acl(struct vfs_handle_struct *handle, - struct files_struct *fsp, - int fd, uint32 security_info, - struct security_descriptor_info **ppdesc) -{ - return afs_get_nt_acl(fsp, security_info, ppdesc); -} -static size_t afsacl_get_nt_acl(struct vfs_handle_struct *handle, - struct files_struct *fsp, - const char *name, uint32 security_info, - struct security_descriptor_info **ppdesc) -{ - return afs_get_nt_acl(fsp, security_info, ppdesc); -} - -BOOL afsacl_fset_nt_acl(vfs_handle_struct *handle, - files_struct *fsp, - int fd, uint32 security_info_sent, - SEC_DESC *psd) -{ - return afs_set_nt_acl(fsp, security_info_sent, psd); -} - -BOOL afsacl_set_nt_acl(vfs_handle_struct *handle, - files_struct *fsp, - const char *name, uint32 security_info_sent, - SEC_DESC *psd) -{ - return afs_set_nt_acl(fsp, security_info_sent, psd); -} - -/* VFS operations structure */ - -static vfs_op_tuple afsacl_ops[] = { - {SMB_VFS_OP(afsacl_fget_nt_acl), SMB_VFS_OP_FGET_NT_ACL, - SMB_VFS_LAYER_TRANSPARENT}, - {SMB_VFS_OP(afsacl_get_nt_acl), SMB_VFS_OP_GET_NT_ACL, - SMB_VFS_LAYER_TRANSPARENT}, - {SMB_VFS_OP(afsacl_fset_nt_acl), SMB_VFS_OP_FSET_NT_ACL, - SMB_VFS_LAYER_TRANSPARENT}, - {SMB_VFS_OP(afsacl_set_nt_acl), SMB_VFS_OP_SET_NT_ACL, - SMB_VFS_LAYER_TRANSPARENT}, - {SMB_VFS_OP(NULL), SMB_VFS_OP_NOOP, SMB_VFS_LAYER_NOOP} -}; - -NTSTATUS vfs_afsacl_init(void) -{ - return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "afsacl", - afsacl_ops); -} diff --git a/source/modules/vfs_full_audit.c b/source/modules/vfs_full_audit.c deleted file mode 100644 index 993a8ee4cbe..00000000000 --- a/source/modules/vfs_full_audit.c +++ /dev/null @@ -1,1789 +0,0 @@ -/* - * Auditing VFS module for samba. Log selected file operations to syslog - * facility. - * - * Copyright (C) Tim Potter, 1999-2000 - * Copyright (C) Alexander Bokovoy, 2002 - * Copyright (C) John H Terpstra, 2003 - * Copyright (C) Stefan (metze) Metzmacher, 2003 - * Copyright (C) Volker Lendecke, 2004 - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - */ - -/* - * This module implements parseable logging for all Samba VFS operations. - * - * You use it as follows: - * - * [tmp] - * path = /tmp - * vfs objects = full_audit - * full_audit:prefix = %u|%I - * full_audit:success = open opendir - * full_audit:failure = all - * - * This leads to syslog entries of the form: - * smbd_audit: nobody|192.168.234.1|opendir|ok|. - * smbd_audit: nobody|192.168.234.1|open|fail (File not found)|r|x.txt - * - * where "nobody" is the connected username and "192.168.234.1" is the - * client's IP address. - * - * Options: - * - * prefix: A macro expansion template prepended to the syslog entry. - * - * success: A list of VFS operations for which a successful completion should - * be logged. Defaults to no logging at all. The special operation "all" logs - * - you guessed it - everything. - * - * failure: A list of VFS operations for which failure to complete should be - * logged. Defaults to logging everything. - */ - - -#include "includes.h" - -extern struct current_user current_user; - -static int vfs_full_audit_debug_level = DBGC_VFS; - -#undef DBGC_CLASS -#define DBGC_CLASS vfs_full_audit_debug_level - -/* Function prototypes */ - -static int audit_connect(vfs_handle_struct *handle, connection_struct *conn, - const char *svc, const char *user); -static void audit_disconnect(vfs_handle_struct *handle, - connection_struct *conn); -static SMB_BIG_UINT audit_disk_free(vfs_handle_struct *handle, - connection_struct *conn, const char *path, - BOOL small_query, SMB_BIG_UINT *bsize, - SMB_BIG_UINT *dfree, SMB_BIG_UINT *dsize); -static int audit_get_quota(struct vfs_handle_struct *handle, - struct connection_struct *conn, - enum SMB_QUOTA_TYPE qtype, unid_t id, - SMB_DISK_QUOTA *qt); -static int audit_set_quota(struct vfs_handle_struct *handle, - struct connection_struct *conn, - enum SMB_QUOTA_TYPE qtype, unid_t id, - SMB_DISK_QUOTA *qt); -static DIR *audit_opendir(vfs_handle_struct *handle, connection_struct *conn, - const char *fname); -static struct dirent *audit_readdir(vfs_handle_struct *handle, - connection_struct *conn, DIR *dirp); -static int audit_mkdir(vfs_handle_struct *handle, connection_struct *conn, - const char *path, mode_t mode); -static int audit_rmdir(vfs_handle_struct *handle, connection_struct *conn, - const char *path); -static int audit_closedir(vfs_handle_struct *handle, connection_struct *conn, - DIR *dirp); -static int audit_open(vfs_handle_struct *handle, connection_struct *conn, - const char *fname, int flags, mode_t mode); -static int audit_close(vfs_handle_struct *handle, files_struct *fsp, int fd); -static ssize_t audit_read(vfs_handle_struct *handle, files_struct *fsp, - int fd, void *data, size_t n); -static ssize_t audit_pread(vfs_handle_struct *handle, files_struct *fsp, - int fd, void *data, size_t n, SMB_OFF_T offset); -static ssize_t audit_write(vfs_handle_struct *handle, files_struct *fsp, - int fd, const void *data, size_t n); -static ssize_t audit_pwrite(vfs_handle_struct *handle, files_struct *fsp, - int fd, const void *data, size_t n, - SMB_OFF_T offset); -static SMB_OFF_T audit_lseek(vfs_handle_struct *handle, files_struct *fsp, - int filedes, SMB_OFF_T offset, int whence); -static ssize_t audit_sendfile(vfs_handle_struct *handle, int tofd, - files_struct *fsp, int fromfd, - const DATA_BLOB *hdr, SMB_OFF_T offset, - size_t n); -static int audit_rename(vfs_handle_struct *handle, connection_struct *conn, - const char *old, const char *new); -static int audit_fsync(vfs_handle_struct *handle, files_struct *fsp, int fd); -static int audit_stat(vfs_handle_struct *handle, connection_struct *conn, - const char *fname, SMB_STRUCT_STAT *sbuf); -static int audit_fstat(vfs_handle_struct *handle, files_struct *fsp, int fd, - SMB_STRUCT_STAT *sbuf); -static int audit_lstat(vfs_handle_struct *handle, connection_struct *conn, - const char *path, SMB_STRUCT_STAT *sbuf); -static int audit_unlink(vfs_handle_struct *handle, connection_struct *conn, - const char *path); -static int audit_chmod(vfs_handle_struct *handle, connection_struct *conn, - const char *path, mode_t mode); -static int audit_fchmod(vfs_handle_struct *handle, files_struct *fsp, int fd, - mode_t mode); -static int audit_chown(vfs_handle_struct *handle, connection_struct *conn, - const char *path, uid_t uid, gid_t gid); -static int audit_fchown(vfs_handle_struct *handle, files_struct *fsp, int fd, - uid_t uid, gid_t gid); -static int audit_chdir(vfs_handle_struct *handle, connection_struct *conn, - const char *path); -static char *audit_getwd(vfs_handle_struct *handle, connection_struct *conn, - char *path); -static int audit_utime(vfs_handle_struct *handle, connection_struct *conn, - const char *path, struct utimbuf *times); -static int audit_ftruncate(vfs_handle_struct *handle, files_struct *fsp, - int fd, SMB_OFF_T len); -static BOOL audit_lock(vfs_handle_struct *handle, files_struct *fsp, int fd, - int op, SMB_OFF_T offset, SMB_OFF_T count, int type); -static int audit_symlink(vfs_handle_struct *handle, connection_struct *conn, - const char *oldpath, const char *newpath); -static int audit_readlink(vfs_handle_struct *handle, connection_struct *conn, - const char *path, char *buf, size_t bufsiz); -static int audit_link(vfs_handle_struct *handle, connection_struct *conn, - const char *oldpath, const char *newpath); -static int audit_mknod(vfs_handle_struct *handle, connection_struct *conn, - const char *pathname, mode_t mode, SMB_DEV_T dev); -static char *audit_realpath(vfs_handle_struct *handle, connection_struct *conn, - const char *path, char *resolved_path); -static size_t audit_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp, - int fd, uint32 security_info, - SEC_DESC **ppdesc); -static size_t audit_get_nt_acl(vfs_handle_struct *handle, files_struct *fsp, - const char *name, uint32 security_info, - SEC_DESC **ppdesc); -static BOOL audit_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, - int fd, uint32 security_info_sent, - SEC_DESC *psd); -static BOOL audit_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, - const char *name, uint32 security_info_sent, - SEC_DESC *psd); -static int audit_chmod_acl(vfs_handle_struct *handle, connection_struct *conn, - const char *path, mode_t mode); -static int audit_fchmod_acl(vfs_handle_struct *handle, files_struct *fsp, - int fd, mode_t mode); -static int audit_sys_acl_get_entry(vfs_handle_struct *handle, - connection_struct *conn, - SMB_ACL_T theacl, int entry_id, - SMB_ACL_ENTRY_T *entry_p); -static int audit_sys_acl_get_tag_type(vfs_handle_struct *handle, - connection_struct *conn, - SMB_ACL_ENTRY_T entry_d, - SMB_ACL_TAG_T *tag_type_p); -static int audit_sys_acl_get_permset(vfs_handle_struct *handle, - connection_struct *conn, - SMB_ACL_ENTRY_T entry_d, - SMB_ACL_PERMSET_T *permset_p); -static void * audit_sys_acl_get_qualifier(vfs_handle_struct *handle, - connection_struct *conn, - SMB_ACL_ENTRY_T entry_d); -static SMB_ACL_T audit_sys_acl_get_file(vfs_handle_struct *handle, - connection_struct *conn, - const char *path_p, - SMB_ACL_TYPE_T type); -static SMB_ACL_T audit_sys_acl_get_fd(vfs_handle_struct *handle, - files_struct *fsp, - int fd); -static int audit_sys_acl_clear_perms(vfs_handle_struct *handle, - connection_struct *conn, - SMB_ACL_PERMSET_T permset); -static int audit_sys_acl_add_perm(vfs_handle_struct *handle, - connection_struct *conn, - SMB_ACL_PERMSET_T permset, - SMB_ACL_PERM_T perm); -static char * audit_sys_acl_to_text(vfs_handle_struct *handle, - connection_struct *conn, SMB_ACL_T theacl, - ssize_t *plen); -static SMB_ACL_T audit_sys_acl_init(vfs_handle_struct *handle, - connection_struct *conn, - int count); -static int audit_sys_acl_create_entry(vfs_handle_struct *handle, - connection_struct *conn, SMB_ACL_T *pacl, - SMB_ACL_ENTRY_T *pentry); -static int audit_sys_acl_set_tag_type(vfs_handle_struct *handle, - connection_struct *conn, - SMB_ACL_ENTRY_T entry, - SMB_ACL_TAG_T tagtype); -static int audit_sys_acl_set_qualifier(vfs_handle_struct *handle, - connection_struct *conn, - SMB_ACL_ENTRY_T entry, - void *qual); -static int audit_sys_acl_set_permset(vfs_handle_struct *handle, - connection_struct *conn, - SMB_ACL_ENTRY_T entry, - SMB_ACL_PERMSET_T permset); -static int audit_sys_acl_valid(vfs_handle_struct *handle, - connection_struct *conn, - SMB_ACL_T theacl ); -static int audit_sys_acl_set_file(vfs_handle_struct *handle, - connection_struct *conn, - const char *name, SMB_ACL_TYPE_T acltype, - SMB_ACL_T theacl); -static int audit_sys_acl_set_fd(vfs_handle_struct *handle, files_struct *fsp, - int fd, SMB_ACL_T theacl); -static int audit_sys_acl_delete_def_file(vfs_handle_struct *handle, - connection_struct *conn, - const char *path); -static int audit_sys_acl_get_perm(vfs_handle_struct *handle, - connection_struct *conn, - SMB_ACL_PERMSET_T permset, - SMB_ACL_PERM_T perm); -static int audit_sys_acl_free_text(vfs_handle_struct *handle, - connection_struct *conn, - char *text); -static int audit_sys_acl_free_acl(vfs_handle_struct *handle, - connection_struct *conn, - SMB_ACL_T posix_acl); -static int audit_sys_acl_free_qualifier(vfs_handle_struct *handle, - connection_struct *conn, - void *qualifier, - SMB_ACL_TAG_T tagtype); -static ssize_t audit_getxattr(struct vfs_handle_struct *handle, - struct connection_struct *conn, const char *path, - const char *name, void *value, size_t size); -static ssize_t audit_lgetxattr(struct vfs_handle_struct *handle, - struct connection_struct *conn, - const char *path, const char *name, - void *value, size_t size); -static ssize_t audit_fgetxattr(struct vfs_handle_struct *handle, - struct files_struct *fsp, int fd, - const char *name, void *value, size_t size); -static ssize_t audit_listxattr(struct vfs_handle_struct *handle, - struct connection_struct *conn, - const char *path, char *list, size_t size); -static ssize_t audit_llistxattr(struct vfs_handle_struct *handle, - struct connection_struct *conn, - const char *path, char *list, size_t size); -static ssize_t audit_flistxattr(struct vfs_handle_struct *handle, - struct files_struct *fsp, int fd, char *list, - size_t size); -static int audit_removexattr(struct vfs_handle_struct *handle, - struct connection_struct *conn, const char *path, - const char *name); -static int audit_lremovexattr(struct vfs_handle_struct *handle, - struct connection_struct *conn, const char *path, - const char *name); -static int audit_fremovexattr(struct vfs_handle_struct *handle, - struct files_struct *fsp, int fd, - const char *name); -static int audit_setxattr(struct vfs_handle_struct *handle, - struct connection_struct *conn, const char *path, - const char *name, const void *value, size_t size, - int flags); -static int audit_lsetxattr(struct vfs_handle_struct *handle, - struct connection_struct *conn, const char *path, - const char *name, const void *value, size_t size, - int flags); -static int audit_fsetxattr(struct vfs_handle_struct *handle, - struct files_struct *fsp, int fd, const char *name, - const void *value, size_t size, int flags); - -/* VFS operations */ - -static vfs_op_tuple audit_op_tuples[] = { - - /* Disk operations */ - - {SMB_VFS_OP(audit_connect), SMB_VFS_OP_CONNECT, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_disconnect), SMB_VFS_OP_DISCONNECT, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_disk_free), SMB_VFS_OP_DISK_FREE, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_get_quota), SMB_VFS_OP_GET_QUOTA, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_set_quota), SMB_VFS_OP_SET_QUOTA, - SMB_VFS_LAYER_LOGGER}, - - /* Directory operations */ - - {SMB_VFS_OP(audit_opendir), SMB_VFS_OP_OPENDIR, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_readdir), SMB_VFS_OP_READDIR, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_mkdir), SMB_VFS_OP_MKDIR, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_rmdir), SMB_VFS_OP_RMDIR, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_closedir), SMB_VFS_OP_CLOSEDIR, - SMB_VFS_LAYER_LOGGER}, - - /* File operations */ - - {SMB_VFS_OP(audit_open), SMB_VFS_OP_OPEN, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_close), SMB_VFS_OP_CLOSE, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_read), SMB_VFS_OP_READ, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_pread), SMB_VFS_OP_PREAD, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_write), SMB_VFS_OP_WRITE, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_pwrite), SMB_VFS_OP_PWRITE, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_lseek), SMB_VFS_OP_LSEEK, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_sendfile), SMB_VFS_OP_SENDFILE, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_rename), SMB_VFS_OP_RENAME, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_fsync), SMB_VFS_OP_FSYNC, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_stat), SMB_VFS_OP_STAT, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_fstat), SMB_VFS_OP_FSTAT, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_lstat), SMB_VFS_OP_LSTAT, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_unlink), SMB_VFS_OP_UNLINK, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_chmod), SMB_VFS_OP_CHMOD, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_fchmod), SMB_VFS_OP_FCHMOD, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_chown), SMB_VFS_OP_CHOWN, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_fchown), SMB_VFS_OP_FCHOWN, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_chdir), SMB_VFS_OP_CHDIR, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_getwd), SMB_VFS_OP_GETWD, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_utime), SMB_VFS_OP_UTIME, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_ftruncate), SMB_VFS_OP_FTRUNCATE, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_lock), SMB_VFS_OP_LOCK, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_symlink), SMB_VFS_OP_SYMLINK, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_readlink), SMB_VFS_OP_READLINK, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_link), SMB_VFS_OP_LINK, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_mknod), SMB_VFS_OP_MKNOD, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_realpath), SMB_VFS_OP_REALPATH, - SMB_VFS_LAYER_LOGGER}, - - /* NT ACL operations. */ - - {SMB_VFS_OP(audit_fget_nt_acl), SMB_VFS_OP_FGET_NT_ACL, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_get_nt_acl), SMB_VFS_OP_GET_NT_ACL, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_fset_nt_acl), SMB_VFS_OP_FSET_NT_ACL, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_set_nt_acl), SMB_VFS_OP_SET_NT_ACL, - SMB_VFS_LAYER_LOGGER}, - - /* POSIX ACL operations. */ - - {SMB_VFS_OP(audit_chmod_acl), SMB_VFS_OP_CHMOD, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_fchmod_acl), SMB_VFS_OP_FCHMOD, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_sys_acl_get_entry), SMB_VFS_OP_SYS_ACL_GET_ENTRY, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_sys_acl_get_tag_type), SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_sys_acl_get_permset), SMB_VFS_OP_SYS_ACL_GET_PERMSET, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_sys_acl_get_qualifier), SMB_VFS_OP_SYS_ACL_GET_QUALIFIER, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_sys_acl_get_file), SMB_VFS_OP_SYS_ACL_GET_FILE, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_sys_acl_get_fd), SMB_VFS_OP_SYS_ACL_GET_FD, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_sys_acl_clear_perms), SMB_VFS_OP_SYS_ACL_CLEAR_PERMS, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_sys_acl_add_perm), SMB_VFS_OP_SYS_ACL_ADD_PERM, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_sys_acl_to_text), SMB_VFS_OP_SYS_ACL_TO_TEXT, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_sys_acl_init), SMB_VFS_OP_SYS_ACL_INIT, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_sys_acl_create_entry), SMB_VFS_OP_SYS_ACL_CREATE_ENTRY, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_sys_acl_set_tag_type), SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_sys_acl_set_qualifier), SMB_VFS_OP_SYS_ACL_SET_QUALIFIER, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_sys_acl_set_permset), SMB_VFS_OP_SYS_ACL_SET_PERMSET, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_sys_acl_valid), SMB_VFS_OP_SYS_ACL_VALID, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_sys_acl_set_file), SMB_VFS_OP_SYS_ACL_SET_FILE, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_sys_acl_set_fd), SMB_VFS_OP_SYS_ACL_SET_FD, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_sys_acl_delete_def_file), SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_sys_acl_get_perm), SMB_VFS_OP_SYS_ACL_GET_PERM, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_sys_acl_free_text), SMB_VFS_OP_SYS_ACL_FREE_TEXT, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_sys_acl_free_acl), SMB_VFS_OP_SYS_ACL_FREE_ACL, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_sys_acl_free_qualifier), SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER, - SMB_VFS_LAYER_LOGGER}, - - /* EA operations. */ - - {SMB_VFS_OP(audit_getxattr), SMB_VFS_OP_GETXATTR, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_lgetxattr), SMB_VFS_OP_LGETXATTR, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_fgetxattr), SMB_VFS_OP_FGETXATTR, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_listxattr), SMB_VFS_OP_LISTXATTR, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_llistxattr), SMB_VFS_OP_LLISTXATTR, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_flistxattr), SMB_VFS_OP_FLISTXATTR, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_removexattr), SMB_VFS_OP_REMOVEXATTR, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_lremovexattr), SMB_VFS_OP_LREMOVEXATTR, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_fremovexattr), SMB_VFS_OP_FREMOVEXATTR, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_setxattr), SMB_VFS_OP_SETXATTR, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_lsetxattr), SMB_VFS_OP_LSETXATTR, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(audit_fsetxattr), SMB_VFS_OP_FSETXATTR, - SMB_VFS_LAYER_LOGGER}, - - /* Finish VFS operations definition */ - - {SMB_VFS_OP(NULL), SMB_VFS_OP_NOOP, - SMB_VFS_LAYER_NOOP} -}; - -/* The following array *must* be in the same order as defined in vfs.h */ - -static struct { - vfs_op_type type; - const char *name; -} vfs_op_names[] = { - { SMB_VFS_OP_CONNECT, "connect" }, - { SMB_VFS_OP_DISCONNECT, "disconnect" }, - { SMB_VFS_OP_DISK_FREE, "disk_free" }, - { SMB_VFS_OP_GET_QUOTA, "get_quota" }, - { SMB_VFS_OP_SET_QUOTA, "set_quota" }, - { SMB_VFS_OP_GET_SHADOW_COPY_DATA, "get_shadow_copy_data" }, - { SMB_VFS_OP_OPENDIR, "opendir" }, - { SMB_VFS_OP_READDIR, "readdir" }, - { SMB_VFS_OP_MKDIR, "mkdir" }, - { SMB_VFS_OP_RMDIR, "rmdir" }, - { SMB_VFS_OP_CLOSEDIR, "closedir" }, - { SMB_VFS_OP_OPEN, "open" }, - { SMB_VFS_OP_CLOSE, "close" }, - { SMB_VFS_OP_READ, "read" }, - { SMB_VFS_OP_PREAD, "pread" }, - { SMB_VFS_OP_WRITE, "write" }, - { SMB_VFS_OP_PWRITE, "pwrite" }, - { SMB_VFS_OP_LSEEK, "lseek" }, - { SMB_VFS_OP_SENDFILE, "sendfile" }, - { SMB_VFS_OP_RENAME, "rename" }, - { SMB_VFS_OP_FSYNC, "fsync" }, - { SMB_VFS_OP_STAT, "stat" }, - { SMB_VFS_OP_FSTAT, "fstat" }, - { SMB_VFS_OP_LSTAT, "lstat" }, - { SMB_VFS_OP_UNLINK, "unlink" }, - { SMB_VFS_OP_CHMOD, "chmod" }, - { SMB_VFS_OP_FCHMOD, "fchmod" }, - { SMB_VFS_OP_CHOWN, "chown" }, - { SMB_VFS_OP_FCHOWN, "fchown" }, - { SMB_VFS_OP_CHDIR, "chdir" }, - { SMB_VFS_OP_GETWD, "getwd" }, - { SMB_VFS_OP_UTIME, "utime" }, - { SMB_VFS_OP_FTRUNCATE, "ftruncate" }, - { SMB_VFS_OP_LOCK, "lock" }, - { SMB_VFS_OP_SYMLINK, "symlink" }, - { SMB_VFS_OP_READLINK, "readlink" }, - { SMB_VFS_OP_LINK, "link" }, - { SMB_VFS_OP_MKNOD, "mknod" }, - { SMB_VFS_OP_REALPATH, "realpath" }, - { SMB_VFS_OP_FGET_NT_ACL, "fget_nt_acl" }, - { SMB_VFS_OP_GET_NT_ACL, "get_nt_acl" }, - { SMB_VFS_OP_FSET_NT_ACL, "fset_nt_acl" }, - { SMB_VFS_OP_SET_NT_ACL, "set_nt_acl" }, - { SMB_VFS_OP_CHMOD_ACL, "chmod_acl" }, - { SMB_VFS_OP_FCHMOD_ACL, "fchmod_acl" }, - { SMB_VFS_OP_SYS_ACL_GET_ENTRY, "sys_acl_get_entry" }, - { SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE, "sys_acl_get_tag_type" }, - { SMB_VFS_OP_SYS_ACL_GET_PERMSET, "sys_acl_get_permset" }, - { SMB_VFS_OP_SYS_ACL_GET_QUALIFIER, "sys_acl_get_qualifier" }, - { SMB_VFS_OP_SYS_ACL_GET_FILE, "sys_acl_get_file" }, - { SMB_VFS_OP_SYS_ACL_GET_FD, "sys_acl_get_fd" }, - { SMB_VFS_OP_SYS_ACL_CLEAR_PERMS, "sys_acl_clear_perms" }, - { SMB_VFS_OP_SYS_ACL_ADD_PERM, "sys_acl_add_perm" }, - { SMB_VFS_OP_SYS_ACL_TO_TEXT, "sys_acl_to_text" }, - { SMB_VFS_OP_SYS_ACL_INIT, "sys_acl_init" }, - { SMB_VFS_OP_SYS_ACL_CREATE_ENTRY, "sys_acl_create_entry" }, - { SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE, "sys_acl_set_tag_type" }, - { SMB_VFS_OP_SYS_ACL_SET_QUALIFIER, "sys_acl_set_qualifier" }, - { SMB_VFS_OP_SYS_ACL_SET_PERMSET, "sys_acl_set_permset" }, - { SMB_VFS_OP_SYS_ACL_VALID, "sys_acl_valid" }, - { SMB_VFS_OP_SYS_ACL_SET_FILE, "sys_acl_set_file" }, - { SMB_VFS_OP_SYS_ACL_SET_FD, "sys_acl_set_fd" }, - { SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE, "sys_acl_delete_def_file" }, - { SMB_VFS_OP_SYS_ACL_GET_PERM, "sys_acl_get_perm" }, - { SMB_VFS_OP_SYS_ACL_FREE_TEXT, "sys_acl_free_text" }, - { SMB_VFS_OP_SYS_ACL_FREE_ACL, "sys_acl_free_acl" }, - { SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER, "sys_acl_free_qualifier" }, - { SMB_VFS_OP_GETXATTR, "getxattr" }, - { SMB_VFS_OP_LGETXATTR, "lgetxattr" }, - { SMB_VFS_OP_FGETXATTR, "fgetxattr" }, - { SMB_VFS_OP_LISTXATTR, "listxattr" }, - { SMB_VFS_OP_LLISTXATTR, "llistxattr" }, - { SMB_VFS_OP_FLISTXATTR, "flistxattr" }, - { SMB_VFS_OP_REMOVEXATTR, "removexattr" }, - { SMB_VFS_OP_LREMOVEXATTR, "lremovexattr" }, - { SMB_VFS_OP_FREMOVEXATTR, "fremovexattr" }, - { SMB_VFS_OP_SETXATTR, "setxattr" }, - { SMB_VFS_OP_LSETXATTR, "lsetxattr" }, - { SMB_VFS_OP_FSETXATTR, "fsetxattr" }, - { SMB_VFS_OP_LAST, NULL } -}; - -static int audit_syslog_facility(vfs_handle_struct *handle) -{ - /* fix me: let this be configurable by: - * lp_param_enum(SNUM(handle->conn), - * (handle->param?handle->param:"full_audit"), - * "syslog facility", - * audit_enum_facility,LOG_USER); - */ - return LOG_USER; -} - -static int audit_syslog_priority(vfs_handle_struct *handle) -{ - /* fix me: let this be configurable by: - * lp_param_enum(SNUM(handle->conn), - * (handle->param?handle->param:"full_audit"), - * "syslog priority", - * audit_enum_priority,LOG_NOTICE); - */ - return LOG_NOTICE; -} - -static char *audit_prefix(connection_struct *conn) -{ - static pstring prefix; - - pstrcpy(prefix, lp_parm_const_string(SNUM(conn), "full_audit", - "prefix", "%u|%I")); - standard_sub_snum(SNUM(conn), prefix, sizeof(prefix)-1); - return prefix; -} - -static struct bitmap *success_ops = NULL; - -static BOOL log_success(vfs_op_type op) -{ - if (success_ops == NULL) - return True; - - return bitmap_query(success_ops, op); -} - -static struct bitmap *failure_ops = NULL; - -static BOOL log_failure(vfs_op_type op) -{ - if (failure_ops == NULL) - return True; - - return bitmap_query(failure_ops, op); -} - -static void init_bitmap(struct bitmap **bm, const char **ops) -{ - BOOL log_all = False; - - if (*bm != NULL) - return; - - *bm = bitmap_allocate(SMB_VFS_OP_LAST); - - if (*bm == NULL) { - DEBUG(0, ("Could not alloc bitmap -- " - "defaulting to logging everything\n")); - return; - } - - while (*ops != NULL) { - int i; - BOOL found = False; - - if (strequal(*ops, "all")) { - log_all = True; - break; - } - - for (i=0; i<SMB_VFS_OP_LAST; i++) { - if (strequal(*ops, vfs_op_names[i].name)) { - bitmap_set(*bm, i); - found = True; - } - } - if (!found) { - DEBUG(0, ("Could not find opname %s, logging all\n", - *ops)); - log_all = True; - break; - } - ops += 1; - } - - if (log_all) { - /* The query functions default to True */ - bitmap_free(*bm); - *bm = NULL; - } -} - -static const char *audit_opname(vfs_op_type op) -{ - if (op >= SMB_VFS_OP_LAST) - return "INVALID VFS OP"; - return vfs_op_names[op].name; -} - -static void do_log(vfs_op_type op, BOOL success, vfs_handle_struct *handle, - const char *format, ...) -{ - fstring err_msg; - pstring op_msg; - va_list ap; - - if (success && (!log_success(op))) - return; - - if (!success && (!log_failure(op))) - return; - - if (success) - fstrcpy(err_msg, "ok"); - else - fstr_sprintf(err_msg, "fail (%s)", strerror(errno)); - - va_start(ap, format); - vsnprintf(op_msg, sizeof(op_msg), format, ap); - va_end(ap); - - syslog(audit_syslog_priority(handle), "%s|%s|%s|%s\n", - audit_prefix(handle->conn), audit_opname(op), err_msg, op_msg); - - return; -} - -/* Implementation of vfs_ops. Pass everything on to the default - operation but log event first. */ - -static int audit_connect(vfs_handle_struct *handle, connection_struct *conn, - const char *svc, const char *user) -{ - int result; - const char *none[] = { NULL }; - const char *all [] = { "all" }; - - openlog("smbd_audit", 0, audit_syslog_facility(handle)); - - init_bitmap(&success_ops, - lp_parm_string_list(SNUM(conn), "full_audit", "success", - none)); - init_bitmap(&failure_ops, - lp_parm_string_list(SNUM(conn), "full_audit", "failure", - all)); - - result = SMB_VFS_NEXT_CONNECT(handle, conn, svc, user); - - do_log(SMB_VFS_OP_CONNECT, True, handle, - "%s", svc); - - return result; -} - -static void audit_disconnect(vfs_handle_struct *handle, - connection_struct *conn) -{ - SMB_VFS_NEXT_DISCONNECT(handle, conn); - - do_log(SMB_VFS_OP_DISCONNECT, True, handle, - "%s", lp_servicename(SNUM(conn))); - - bitmap_free(success_ops); - success_ops = NULL; - - bitmap_free(failure_ops); - failure_ops = NULL; - - return; -} - -static SMB_BIG_UINT audit_disk_free(vfs_handle_struct *handle, - connection_struct *conn, const char *path, - BOOL small_query, SMB_BIG_UINT *bsize, - SMB_BIG_UINT *dfree, SMB_BIG_UINT *dsize) -{ - SMB_BIG_UINT result; - - result = SMB_VFS_NEXT_DISK_FREE(handle, conn, path, small_query, bsize, - dfree, dsize); - - /* Don't have a reasonable notion of failure here */ - - do_log(SMB_VFS_OP_DISK_FREE, True, handle, "%s", path); - - return result; -} - -static int audit_get_quota(struct vfs_handle_struct *handle, - struct connection_struct *conn, - enum SMB_QUOTA_TYPE qtype, unid_t id, - SMB_DISK_QUOTA *qt) -{ - int result; - - result = SMB_VFS_NEXT_GET_QUOTA(handle, conn, qtype, id, qt); - - do_log(SMB_VFS_OP_GET_QUOTA, (result >= 0), handle, ""); - - return result; -} - - -static int audit_set_quota(struct vfs_handle_struct *handle, - struct connection_struct *conn, - enum SMB_QUOTA_TYPE qtype, unid_t id, - SMB_DISK_QUOTA *qt) -{ - int result; - - result = SMB_VFS_NEXT_SET_QUOTA(handle, conn, qtype, id, qt); - - do_log(SMB_VFS_OP_SET_QUOTA, (result >= 0), handle, ""); - - return result; -} - -static DIR *audit_opendir(vfs_handle_struct *handle, connection_struct *conn, - const char *fname) -{ - DIR *result; - - result = SMB_VFS_NEXT_OPENDIR(handle, conn, fname); - - do_log(SMB_VFS_OP_OPENDIR, (result != NULL), handle, "%s", fname); - - return result; -} - -static struct dirent *audit_readdir(vfs_handle_struct *handle, - connection_struct *conn, DIR *dirp) -{ - struct dirent *result; - - result = SMB_VFS_NEXT_READDIR(handle, conn, dirp); - - /* This operation has no reasonable error condition - * (End of dir is also failure), so always succeed. - */ - do_log(SMB_VFS_OP_READDIR, True, handle, ""); - - return result; -} - -static int audit_mkdir(vfs_handle_struct *handle, connection_struct *conn, - const char *path, mode_t mode) -{ - int result; - - result = SMB_VFS_NEXT_MKDIR(handle, conn, path, mode); - - do_log(SMB_VFS_OP_MKDIR, (result >= 0), handle, "%s", path); - - return result; -} - -static int audit_rmdir(vfs_handle_struct *handle, connection_struct *conn, - const char *path) -{ - int result; - - result = SMB_VFS_NEXT_RMDIR(handle, conn, path); - - do_log(SMB_VFS_OP_RMDIR, (result >= 0), handle, "%s", path); - - return result; -} - -static int audit_closedir(vfs_handle_struct *handle, connection_struct *conn, - DIR *dirp) -{ - int result; - - result = SMB_VFS_NEXT_CLOSEDIR(handle, conn, dirp); - - do_log(SMB_VFS_OP_CLOSEDIR, (result >= 0), handle, ""); - - return result; -} - -static int audit_open(vfs_handle_struct *handle, connection_struct *conn, - const char *fname, int flags, mode_t mode) -{ - int result; - - result = SMB_VFS_NEXT_OPEN(handle, conn, fname, flags, mode); - - do_log(SMB_VFS_OP_OPEN, (result >= 0), handle, "%s|%s", - ((flags & O_WRONLY) || (flags & O_RDWR))?"w":"r", - fname); - - return result; -} - -static int audit_close(vfs_handle_struct *handle, files_struct *fsp, int fd) -{ - int result; - - result = SMB_VFS_NEXT_CLOSE(handle, fsp, fd); - - do_log(SMB_VFS_OP_CLOSE, (result >= 0), handle, "%s", fsp->fsp_name); - - return result; -} - -static ssize_t audit_read(vfs_handle_struct *handle, files_struct *fsp, - int fd, void *data, size_t n) -{ - ssize_t result; - - result = SMB_VFS_NEXT_READ(handle, fsp, fd, data, n); - - do_log(SMB_VFS_OP_READ, (result >= 0), handle, "%s", fsp->fsp_name); - - return result; -} - -static ssize_t audit_pread(vfs_handle_struct *handle, files_struct *fsp, - int fd, void *data, size_t n, SMB_OFF_T offset) -{ - ssize_t result; - - result = SMB_VFS_NEXT_PREAD(handle, fsp, fd, data, n, offset); - - do_log(SMB_VFS_OP_PREAD, (result >= 0), handle, "%s", fsp->fsp_name); - - return result; -} - -static ssize_t audit_write(vfs_handle_struct *handle, files_struct *fsp, - int fd, const void *data, size_t n) -{ - ssize_t result; - - result = SMB_VFS_NEXT_WRITE(handle, fsp, fd, data, n); - - do_log(SMB_VFS_OP_WRITE, (result >= 0), handle, "%s", fsp->fsp_name); - - return result; -} - -static ssize_t audit_pwrite(vfs_handle_struct *handle, files_struct *fsp, - int fd, const void *data, size_t n, - SMB_OFF_T offset) -{ - ssize_t result; - - result = SMB_VFS_NEXT_PWRITE(handle, fsp, fd, data, n, offset); - - do_log(SMB_VFS_OP_PWRITE, (result >= 0), handle, "%s", fsp->fsp_name); - - return result; -} - -static SMB_OFF_T audit_lseek(vfs_handle_struct *handle, files_struct *fsp, - int filedes, SMB_OFF_T offset, int whence) -{ - ssize_t result; - - result = SMB_VFS_NEXT_LSEEK(handle, fsp, filedes, offset, whence); - - do_log(SMB_VFS_OP_LSEEK, (result != (ssize_t)-1), handle, - "%s", fsp->fsp_name); - - return result; -} - -static ssize_t audit_sendfile(vfs_handle_struct *handle, int tofd, - files_struct *fsp, int fromfd, - const DATA_BLOB *hdr, SMB_OFF_T offset, - size_t n) -{ - ssize_t result; - - result = SMB_VFS_NEXT_SENDFILE(handle, tofd, fsp, fromfd, hdr, - offset, n); - - do_log(SMB_VFS_OP_SENDFILE, (result >= 0), handle, - "%s", fsp->fsp_name); - - return result; -} - -static int audit_rename(vfs_handle_struct *handle, connection_struct *conn, - const char *old, const char *new) -{ - int result; - - result = SMB_VFS_NEXT_RENAME(handle, conn, old, new); - - do_log(SMB_VFS_OP_RENAME, (result >= 0), handle, "%s|%s", old, new); - - return result; -} - -static int audit_fsync(vfs_handle_struct *handle, files_struct *fsp, int fd) -{ - int result; - - result = SMB_VFS_NEXT_FSYNC(handle, fsp, fd); - - do_log(SMB_VFS_OP_FSYNC, (result >= 0), handle, "%s", fsp->fsp_name); - - return result; -} - -static int audit_stat(vfs_handle_struct *handle, connection_struct *conn, - const char *fname, SMB_STRUCT_STAT *sbuf) -{ - int result; - - result = SMB_VFS_NEXT_STAT(handle, conn, fname, sbuf); - - do_log(SMB_VFS_OP_STAT, (result >= 0), handle, "%s", fname); - - return result; -} - -static int audit_fstat(vfs_handle_struct *handle, files_struct *fsp, int fd, - SMB_STRUCT_STAT *sbuf) -{ - int result; - - result = SMB_VFS_NEXT_FSTAT(handle, fsp, fd, sbuf); - - do_log(SMB_VFS_OP_FSTAT, (result >= 0), handle, "%s", fsp->fsp_name); - - return result; -} - -static int audit_lstat(vfs_handle_struct *handle, connection_struct *conn, - const char *path, SMB_STRUCT_STAT *sbuf) -{ - int result; - - result = SMB_VFS_NEXT_LSTAT(handle, conn, path, sbuf); - - do_log(SMB_VFS_OP_LSTAT, (result >= 0), handle, "%s", path); - - return result; -} - -static int audit_unlink(vfs_handle_struct *handle, connection_struct *conn, - const char *path) -{ - int result; - - result = SMB_VFS_NEXT_UNLINK(handle, conn, path); - - do_log(SMB_VFS_OP_UNLINK, (result >= 0), handle, "%s", path); - - return result; -} - -static int audit_chmod(vfs_handle_struct *handle, connection_struct *conn, - const char *path, mode_t mode) -{ - int result; - - result = SMB_VFS_NEXT_CHMOD(handle, conn, path, mode); - - do_log(SMB_VFS_OP_CHMOD, (result >= 0), handle, "%s|%o", path, mode); - - return result; -} - -static int audit_fchmod(vfs_handle_struct *handle, files_struct *fsp, int fd, - mode_t mode) -{ - int result; - - result = SMB_VFS_NEXT_FCHMOD(handle, fsp, fd, mode); - - do_log(SMB_VFS_OP_FCHMOD, (result >= 0), handle, - "%s|%o", fsp->fsp_name, mode); - - return result; -} - -static int audit_chown(vfs_handle_struct *handle, connection_struct *conn, - const char *path, uid_t uid, gid_t gid) -{ - int result; - - result = SMB_VFS_NEXT_CHOWN(handle, conn, path, uid, gid); - - do_log(SMB_VFS_OP_CHOWN, (result >= 0), handle, "%s|%ld|%ld", - path, (long int)uid, (long int)gid); - - return result; -} - -static int audit_fchown(vfs_handle_struct *handle, files_struct *fsp, int fd, - uid_t uid, gid_t gid) -{ - int result; - - result = SMB_VFS_NEXT_FCHOWN(handle, fsp, fd, uid, gid); - - do_log(SMB_VFS_OP_FCHOWN, (result >= 0), handle, "%s|%ld|%ld", - fsp->fsp_name, (long int)uid, (long int)gid); - - return result; -} - -static int audit_chdir(vfs_handle_struct *handle, connection_struct *conn, - const char *path) -{ - int result; - - result = SMB_VFS_NEXT_CHDIR(handle, conn, path); - - do_log(SMB_VFS_OP_CHDIR, (result >= 0), handle, "chdir|%s", path); - - return result; -} - -static char *audit_getwd(vfs_handle_struct *handle, connection_struct *conn, - char *path) -{ - char *result; - - result = SMB_VFS_NEXT_GETWD(handle, conn, path); - - do_log(SMB_VFS_OP_GETWD, (result != NULL), handle, "%s", path); - - return result; -} - -static int audit_utime(vfs_handle_struct *handle, connection_struct *conn, - const char *path, struct utimbuf *times) -{ - int result; - - result = SMB_VFS_NEXT_UTIME(handle, conn, path, times); - - do_log(SMB_VFS_OP_UTIME, (result >= 0), handle, "%s", path); - - return result; -} - -static int audit_ftruncate(vfs_handle_struct *handle, files_struct *fsp, - int fd, SMB_OFF_T len) -{ - int result; - - result = SMB_VFS_NEXT_FTRUNCATE(handle, fsp, fd, len); - - do_log(SMB_VFS_OP_FTRUNCATE, (result >= 0), handle, - "%s", fsp->fsp_name); - - return result; -} - -static BOOL audit_lock(vfs_handle_struct *handle, files_struct *fsp, int fd, - int op, SMB_OFF_T offset, SMB_OFF_T count, int type) -{ - BOOL result; - - result = SMB_VFS_NEXT_LOCK(handle, fsp, fd, op, offset, count, type); - - do_log(SMB_VFS_OP_LOCK, (result >= 0), handle, "%s", fsp->fsp_name); - - return result; -} - -static int audit_symlink(vfs_handle_struct *handle, connection_struct *conn, - const char *oldpath, const char *newpath) -{ - int result; - - result = SMB_VFS_NEXT_SYMLINK(handle, conn, oldpath, newpath); - - do_log(SMB_VFS_OP_SYMLINK, (result >= 0), handle, - "%s|%s", oldpath, newpath); - - return result; -} - -static int audit_readlink(vfs_handle_struct *handle, connection_struct *conn, - const char *path, char *buf, size_t bufsiz) -{ - int result; - - result = SMB_VFS_NEXT_READLINK(handle, conn, path, buf, bufsiz); - - do_log(SMB_VFS_OP_READLINK, (result >= 0), handle, "%s", path); - - return result; -} - -static int audit_link(vfs_handle_struct *handle, connection_struct *conn, - const char *oldpath, const char *newpath) -{ - int result; - - result = SMB_VFS_NEXT_LINK(handle, conn, oldpath, newpath); - - do_log(SMB_VFS_OP_LINK, (result >= 0), handle, - "%s|%s", oldpath, newpath); - - return result; -} - -static int audit_mknod(vfs_handle_struct *handle, connection_struct *conn, - const char *pathname, mode_t mode, SMB_DEV_T dev) -{ - int result; - - result = SMB_VFS_NEXT_MKNOD(handle, conn, pathname, mode, dev); - - do_log(SMB_VFS_OP_MKNOD, (result >= 0), handle, "%s", pathname); - - return result; -} - -static char *audit_realpath(vfs_handle_struct *handle, connection_struct *conn, - const char *path, char *resolved_path) -{ - char *result; - - result = SMB_VFS_NEXT_REALPATH(handle, conn, path, resolved_path); - - do_log(SMB_VFS_OP_REALPATH, (result != NULL), handle, "%s", path); - - return result; -} - -static size_t audit_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp, - int fd, uint32 security_info, - SEC_DESC **ppdesc) -{ - size_t result; - - result = SMB_VFS_NEXT_FGET_NT_ACL(handle, fsp, fd, security_info, - ppdesc); - - do_log(SMB_VFS_OP_FGET_NT_ACL, (result > 0), handle, - "%s", fsp->fsp_name); - - return result; -} - -static size_t audit_get_nt_acl(vfs_handle_struct *handle, files_struct *fsp, - const char *name, uint32 security_info, - SEC_DESC **ppdesc) -{ - size_t result; - - result = SMB_VFS_NEXT_GET_NT_ACL(handle, fsp, name, security_info, - ppdesc); - - do_log(SMB_VFS_OP_GET_NT_ACL, (result > 0), handle, - "%s", fsp->fsp_name); - - return result; -} - -static BOOL audit_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, - int fd, uint32 security_info_sent, - SEC_DESC *psd) -{ - BOOL result; - - result = SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, fd, security_info_sent, - psd); - - do_log(SMB_VFS_OP_FSET_NT_ACL, result, handle, "%s", fsp->fsp_name); - - return result; -} - -static BOOL audit_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, - const char *name, uint32 security_info_sent, - SEC_DESC *psd) -{ - BOOL result; - - result = SMB_VFS_NEXT_SET_NT_ACL(handle, fsp, name, security_info_sent, - psd); - - do_log(SMB_VFS_OP_SET_NT_ACL, result, handle, "%s", fsp->fsp_name); - - return result; -} - -static int audit_chmod_acl(vfs_handle_struct *handle, connection_struct *conn, - const char *path, mode_t mode) -{ - int result; - - result = SMB_VFS_NEXT_CHMOD_ACL(handle, conn, path, mode); - - do_log(SMB_VFS_OP_CHMOD_ACL, (result >= 0), handle, - "%s|%o", path, mode); - - return result; -} - -static int audit_fchmod_acl(vfs_handle_struct *handle, files_struct *fsp, - int fd, mode_t mode) -{ - int result; - - result = SMB_VFS_NEXT_FCHMOD_ACL(handle, fsp, fd, mode); - - do_log(SMB_VFS_OP_FCHMOD_ACL, (result >= 0), handle, - "%s|%o", fsp->fsp_name, mode); - - return result; -} - -static int audit_sys_acl_get_entry(vfs_handle_struct *handle, - connection_struct *conn, - SMB_ACL_T theacl, int entry_id, - SMB_ACL_ENTRY_T *entry_p) -{ - int result; - - result = SMB_VFS_NEXT_SYS_ACL_GET_ENTRY(handle, conn, theacl, entry_id, - entry_p); - - do_log(SMB_VFS_OP_SYS_ACL_GET_ENTRY, (result >= 0), handle, - ""); - - return result; -} - -static int audit_sys_acl_get_tag_type(vfs_handle_struct *handle, - connection_struct *conn, - SMB_ACL_ENTRY_T entry_d, - SMB_ACL_TAG_T *tag_type_p) -{ - int result; - - result = SMB_VFS_NEXT_SYS_ACL_GET_TAG_TYPE(handle, conn, entry_d, - tag_type_p); - - do_log(SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE, (result >= 0), handle, - ""); - - return result; -} - -static int audit_sys_acl_get_permset(vfs_handle_struct *handle, - connection_struct *conn, - SMB_ACL_ENTRY_T entry_d, - SMB_ACL_PERMSET_T *permset_p) -{ - int result; - - result = SMB_VFS_NEXT_SYS_ACL_GET_PERMSET(handle, conn, entry_d, - permset_p); - - do_log(SMB_VFS_OP_SYS_ACL_GET_PERMSET, (result >= 0), handle, - ""); - - return result; -} - -static void * audit_sys_acl_get_qualifier(vfs_handle_struct *handle, - connection_struct *conn, - SMB_ACL_ENTRY_T entry_d) -{ - void *result; - - result = SMB_VFS_NEXT_SYS_ACL_GET_QUALIFIER(handle, conn, entry_d); - - do_log(SMB_VFS_OP_SYS_ACL_GET_QUALIFIER, (result != NULL), handle, - ""); - - return result; -} - -static SMB_ACL_T audit_sys_acl_get_file(vfs_handle_struct *handle, - connection_struct *conn, - const char *path_p, - SMB_ACL_TYPE_T type) -{ - SMB_ACL_T result; - - result = SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, conn, path_p, type); - - do_log(SMB_VFS_OP_SYS_ACL_GET_FILE, (result != NULL), handle, - "%s", path_p); - - return result; -} - -static SMB_ACL_T audit_sys_acl_get_fd(vfs_handle_struct *handle, - files_struct *fsp, int fd) -{ - SMB_ACL_T result; - - result = SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp, fd); - - do_log(SMB_VFS_OP_SYS_ACL_GET_FD, (result != NULL), handle, - "%s", fsp->fsp_name); - - return result; -} - -static int audit_sys_acl_clear_perms(vfs_handle_struct *handle, - connection_struct *conn, - SMB_ACL_PERMSET_T permset) -{ - int result; - - result = SMB_VFS_NEXT_SYS_ACL_CLEAR_PERMS(handle, conn, permset); - - do_log(SMB_VFS_OP_SYS_ACL_CLEAR_PERMS, (result >= 0), handle, - ""); - - return result; -} - -static int audit_sys_acl_add_perm(vfs_handle_struct *handle, - connection_struct *conn, - SMB_ACL_PERMSET_T permset, - SMB_ACL_PERM_T perm) -{ - int result; - - result = SMB_VFS_NEXT_SYS_ACL_ADD_PERM(handle, conn, permset, perm); - - do_log(SMB_VFS_OP_SYS_ACL_ADD_PERM, (result >= 0), handle, - ""); - - return result; -} - -static char * audit_sys_acl_to_text(vfs_handle_struct *handle, - connection_struct *conn, SMB_ACL_T theacl, - ssize_t *plen) -{ - char * result; - - result = SMB_VFS_NEXT_SYS_ACL_TO_TEXT(handle, conn, theacl, plen); - - do_log(SMB_VFS_OP_SYS_ACL_TO_TEXT, (result != NULL), handle, - ""); - - return result; -} - -static SMB_ACL_T audit_sys_acl_init(vfs_handle_struct *handle, - connection_struct *conn, - int count) -{ - SMB_ACL_T result; - - result = SMB_VFS_NEXT_SYS_ACL_INIT(handle, conn, count); - - do_log(SMB_VFS_OP_SYS_ACL_INIT, (result != NULL), handle, - ""); - - return result; -} - -static int audit_sys_acl_create_entry(vfs_handle_struct *handle, - connection_struct *conn, SMB_ACL_T *pacl, - SMB_ACL_ENTRY_T *pentry) -{ - int result; - - result = SMB_VFS_NEXT_SYS_ACL_CREATE_ENTRY(handle, conn, pacl, pentry); - - do_log(SMB_VFS_OP_SYS_ACL_CREATE_ENTRY, (result >= 0), handle, - ""); - - return result; -} - -static int audit_sys_acl_set_tag_type(vfs_handle_struct *handle, - connection_struct *conn, - SMB_ACL_ENTRY_T entry, - SMB_ACL_TAG_T tagtype) -{ - int result; - - result = SMB_VFS_NEXT_SYS_ACL_SET_TAG_TYPE(handle, conn, entry, - tagtype); - - do_log(SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE, (result >= 0), handle, - ""); - - return result; -} - -static int audit_sys_acl_set_qualifier(vfs_handle_struct *handle, - connection_struct *conn, - SMB_ACL_ENTRY_T entry, - void *qual) -{ - int result; - - result = SMB_VFS_NEXT_SYS_ACL_SET_QUALIFIER(handle, conn, entry, qual); - - do_log(SMB_VFS_OP_SYS_ACL_SET_QUALIFIER, (result >= 0), handle, - ""); - - return result; -} - -static int audit_sys_acl_set_permset(vfs_handle_struct *handle, - connection_struct *conn, - SMB_ACL_ENTRY_T entry, - SMB_ACL_PERMSET_T permset) -{ - int result; - - result = SMB_VFS_NEXT_SYS_ACL_SET_PERMSET(handle, conn, entry, permset); - - do_log(SMB_VFS_OP_SYS_ACL_SET_PERMSET, (result >= 0), handle, - ""); - - return result; -} - -static int audit_sys_acl_valid(vfs_handle_struct *handle, - connection_struct *conn, - SMB_ACL_T theacl ) -{ - int result; - - result = SMB_VFS_NEXT_SYS_ACL_VALID(handle, conn, theacl); - - do_log(SMB_VFS_OP_SYS_ACL_VALID, (result >= 0), handle, - ""); - - return result; -} - -static int audit_sys_acl_set_file(vfs_handle_struct *handle, - connection_struct *conn, - const char *name, SMB_ACL_TYPE_T acltype, - SMB_ACL_T theacl) -{ - int result; - - result = SMB_VFS_NEXT_SYS_ACL_SET_FILE(handle, conn, name, acltype, - theacl); - - do_log(SMB_VFS_OP_SYS_ACL_SET_FILE, (result >= 0), handle, - "%s", name); - - return result; -} - -static int audit_sys_acl_set_fd(vfs_handle_struct *handle, files_struct *fsp, - int fd, SMB_ACL_T theacl) -{ - int result; - - result = SMB_VFS_NEXT_SYS_ACL_SET_FD(handle, fsp, fd, theacl); - - do_log(SMB_VFS_OP_SYS_ACL_SET_FD, (result >= 0), handle, - "%s", fsp->fsp_name); - - return result; -} - -static int audit_sys_acl_delete_def_file(vfs_handle_struct *handle, - connection_struct *conn, - const char *path) -{ - int result; - - result = SMB_VFS_NEXT_SYS_ACL_DELETE_DEF_FILE(handle, conn, path); - - do_log(SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE, (result >= 0), handle, - "%s", path); - - return result; -} - -static int audit_sys_acl_get_perm(vfs_handle_struct *handle, - connection_struct *conn, - SMB_ACL_PERMSET_T permset, - SMB_ACL_PERM_T perm) -{ - int result; - - result = SMB_VFS_NEXT_SYS_ACL_GET_PERM(handle, conn, permset, perm); - - do_log(SMB_VFS_OP_SYS_ACL_GET_PERM, (result >= 0), handle, - ""); - - return result; -} - -static int audit_sys_acl_free_text(vfs_handle_struct *handle, - connection_struct *conn, - char *text) -{ - int result; - - result = SMB_VFS_NEXT_SYS_ACL_FREE_TEXT(handle, conn, text); - - do_log(SMB_VFS_OP_SYS_ACL_FREE_TEXT, (result >= 0), handle, - ""); - - return result; -} - -static int audit_sys_acl_free_acl(vfs_handle_struct *handle, - connection_struct *conn, - SMB_ACL_T posix_acl) -{ - int result; - - result = SMB_VFS_NEXT_SYS_ACL_FREE_ACL(handle, conn, posix_acl); - - do_log(SMB_VFS_OP_SYS_ACL_FREE_ACL, (result >= 0), handle, - ""); - - return result; -} - -static int audit_sys_acl_free_qualifier(vfs_handle_struct *handle, - connection_struct *conn, - void *qualifier, - SMB_ACL_TAG_T tagtype) -{ - int result; - - result = SMB_VFS_NEXT_SYS_ACL_FREE_QUALIFIER(handle, conn, qualifier, - tagtype); - - do_log(SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER, (result >= 0), handle, - ""); - - return result; -} - -static ssize_t audit_getxattr(struct vfs_handle_struct *handle, - struct connection_struct *conn, const char *path, - const char *name, void *value, size_t size) -{ - ssize_t result; - - result = SMB_VFS_NEXT_GETXATTR(handle, conn, path, name, value, size); - - do_log(SMB_VFS_OP_GETXATTR, (result >= 0), handle, - "%s|%s", path, name); - - return result; -} - -static ssize_t audit_lgetxattr(struct vfs_handle_struct *handle, - struct connection_struct *conn, - const char *path, const char *name, - void *value, size_t size) -{ - ssize_t result; - - result = SMB_VFS_NEXT_LGETXATTR(handle, conn, path, name, value, size); - - do_log(SMB_VFS_OP_LGETXATTR, (result >= 0), handle, - "%s|%s", path, name); - - return result; -} - -static ssize_t audit_fgetxattr(struct vfs_handle_struct *handle, - struct files_struct *fsp, int fd, - const char *name, void *value, size_t size) -{ - ssize_t result; - - result = SMB_VFS_NEXT_FGETXATTR(handle, fsp, fd, name, value, size); - - do_log(SMB_VFS_OP_FGETXATTR, (result >= 0), handle, - "%s|%s", fsp->fsp_name, name); - - return result; -} - -static ssize_t audit_listxattr(struct vfs_handle_struct *handle, - struct connection_struct *conn, - const char *path, char *list, size_t size) -{ - ssize_t result; - - result = SMB_VFS_NEXT_LISTXATTR(handle, conn, path, list, size); - - do_log(SMB_VFS_OP_LISTXATTR, (result >= 0), handle, "%s", path); - - return result; -} - -static ssize_t audit_llistxattr(struct vfs_handle_struct *handle, - struct connection_struct *conn, - const char *path, char *list, size_t size) -{ - ssize_t result; - - result = SMB_VFS_NEXT_LLISTXATTR(handle, conn, path, list, size); - - do_log(SMB_VFS_OP_LLISTXATTR, (result >= 0), handle, "%s", path); - - return result; -} - -static ssize_t audit_flistxattr(struct vfs_handle_struct *handle, - struct files_struct *fsp, int fd, char *list, - size_t size) -{ - ssize_t result; - - result = SMB_VFS_NEXT_FLISTXATTR(handle, fsp, fd, list, size); - - do_log(SMB_VFS_OP_FLISTXATTR, (result >= 0), handle, - "%s", fsp->fsp_name); - - return result; -} - -static int audit_removexattr(struct vfs_handle_struct *handle, - struct connection_struct *conn, const char *path, - const char *name) -{ - int result; - - result = SMB_VFS_NEXT_REMOVEXATTR(handle, conn, path, name); - - do_log(SMB_VFS_OP_REMOVEXATTR, (result >= 0), handle, - "%s|%s", path, name); - - return result; -} - -static int audit_lremovexattr(struct vfs_handle_struct *handle, - struct connection_struct *conn, const char *path, - const char *name) -{ - int result; - - result = SMB_VFS_NEXT_LREMOVEXATTR(handle, conn, path, name); - - do_log(SMB_VFS_OP_LREMOVEXATTR, (result >= 0), handle, - "%s|%s", path, name); - - return result; -} - -static int audit_fremovexattr(struct vfs_handle_struct *handle, - struct files_struct *fsp, int fd, - const char *name) -{ - int result; - - result = SMB_VFS_NEXT_FREMOVEXATTR(handle, fsp, fd, name); - - do_log(SMB_VFS_OP_FREMOVEXATTR, (result >= 0), handle, - "%s|%s", fsp->fsp_name, name); - - return result; -} - -static int audit_setxattr(struct vfs_handle_struct *handle, - struct connection_struct *conn, const char *path, - const char *name, const void *value, size_t size, - int flags) -{ - int result; - - result = SMB_VFS_NEXT_SETXATTR(handle, conn, path, name, value, size, - flags); - - do_log(SMB_VFS_OP_SETXATTR, (result >= 0), handle, - "%s|%s", path, name); - - return result; -} - -static int audit_lsetxattr(struct vfs_handle_struct *handle, - struct connection_struct *conn, const char *path, - const char *name, const void *value, size_t size, - int flags) -{ - int result; - - result = SMB_VFS_NEXT_LSETXATTR(handle, conn, path, name, value, size, - flags); - - do_log(SMB_VFS_OP_LSETXATTR, (result >= 0), handle, - "%s|%s", path, name); - - return result; -} - -static int audit_fsetxattr(struct vfs_handle_struct *handle, - struct files_struct *fsp, int fd, const char *name, - const void *value, size_t size, int flags) -{ - int result; - - result = SMB_VFS_NEXT_FSETXATTR(handle, fsp, fd, name, value, size, - flags); - - do_log(SMB_VFS_OP_FSETXATTR, (result >= 0), handle, - "%s|%s", fsp->fsp_name, name); - - return result; -} - -NTSTATUS vfs_full_audit_init(void) -{ - NTSTATUS ret = smb_register_vfs(SMB_VFS_INTERFACE_VERSION, - "full_audit", audit_op_tuples); - - if (!NT_STATUS_IS_OK(ret)) - return ret; - - vfs_full_audit_debug_level = debug_add_class("full_audit"); - if (vfs_full_audit_debug_level == -1) { - vfs_full_audit_debug_level = DBGC_VFS; - DEBUG(0, ("vfs_full_audit: Couldn't register custom debugging " - "class!\n")); - } else { - DEBUG(10, ("vfs_full_audit: Debug class number of " - "'full_audit': %d\n", vfs_full_audit_debug_level)); - } - - return ret; -} - diff --git a/source/printing/notify.c b/source/printing/notify.c index 7750239630c..26ef191f877 100644 --- a/source/printing/notify.c +++ b/source/printing/notify.c @@ -463,6 +463,15 @@ void notify_printer_sharename(int snum, char *share_name) snum, strlen(share_name) + 1, share_name); } +void notify_printer_printername(int snum, char *printername) +{ + const char *printer_name = SERVICE(snum); + + send_notify_field_buffer( + printer_name, PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_PRINTER_NAME, + snum, strlen(printername) + 1, printername); +} + void notify_printer_port(int snum, char *port_name) { const char *printer_name = SERVICE(snum); diff --git a/source/printing/printing.c b/source/printing/printing.c index 2355dd14506..2274e2d5f45 100644 --- a/source/printing/printing.c +++ b/source/printing/printing.c @@ -971,7 +971,7 @@ static void check_job_changed(int snum, TDB_DATA data, uint32 jobid) Update the internal database from the system print queue for a queue. ****************************************************************************/ -static void print_queue_update(int snum) +static void print_queue_update_internal(int snum) { int i, qcount; print_queue_struct *queue = NULL; @@ -1151,6 +1151,73 @@ static void print_queue_update(int snum) } /**************************************************************************** +this is the receive function of the background lpq updater +****************************************************************************/ +static void print_queue_receive(int msg_type, pid_t src, void *buf, size_t len) +{ + int snum; + snum=*((int *)buf); + print_queue_update_internal(snum); +} + +static pid_t background_lpq_updater_pid = -1; + +/**************************************************************************** +main thread of the background lpq updater +****************************************************************************/ +void start_background_queue(void) +{ + DEBUG(3,("start_background_queue: Starting background LPQ thread\n")); + background_lpq_updater_pid = sys_fork(); + + if (background_lpq_updater_pid == -1) { + DEBUG(5,("start_background_queue: background LPQ thread failed to start. %s\n", strerror(errno) )); + exit(1); + } + + if(background_lpq_updater_pid == 0) { + /* Child. */ + DEBUG(5,("start_background_queue: background LPQ thread started\n")); + + claim_connection( NULL, "smbd lpq backend", 0, False, + FLAG_MSG_GENERAL|FLAG_MSG_SMBD|FLAG_MSG_PRINTING ); + + if (!locking_init(0)) { + exit(1); + } + + if (!print_backend_init()) { + exit(1); + } + + message_register(MSG_PRINTER_UPDATE, print_queue_receive); + + DEBUG(5,("start_background_queue: background LPQ thread waiting for messages\n")); + while (1) { + pause(); + DEBUG(10,("start_background_queue: background LPQ thread got a message\n")); + message_dispatch(); + } + } +} + +/**************************************************************************** +update the internal database from the system print queue for a queue +****************************************************************************/ +static void print_queue_update(int snum) +{ + /* + * Make sure that the backgroup queueu process exists. + * Otherwise just do the update ourselves + */ + + if ( background_lpq_updater_pid != -1 ) + message_send_pid(background_lpq_updater_pid, MSG_PRINTER_UPDATE, &snum, sizeof(snum), False); + else + print_queue_update_internal( snum ); +} + +/**************************************************************************** Create/Update an entry in the print tdb that will allow us to send notify updates only to interested smbd's. ****************************************************************************/ diff --git a/source/rpc_server/srv_spoolss_nt.c b/source/rpc_server/srv_spoolss_nt.c index 3b1bb5ede5d..65d5517da45 100644 --- a/source/rpc_server/srv_spoolss_nt.c +++ b/source/rpc_server/srv_spoolss_nt.c @@ -473,9 +473,11 @@ static BOOL set_printer_hnd_name(Printer_entry *Printer, char *handlename) { int snum; int n_services=lp_numservices(); - char *aprinter; + char *aprinter, *printername; fstring sname; BOOL found=False; + NT_PRINTER_INFO_LEVEL *printer; + WERROR result; DEBUG(4,("Setting printer name=%s (len=%lu)\n", handlename, (unsigned long)strlen(handlename))); @@ -496,16 +498,9 @@ static BOOL set_printer_hnd_name(Printer_entry *Printer, char *handlename) aprinter=handlename; } - DEBUGADD(5,("searching for [%s] (len=%lu)\n", aprinter, (unsigned long)strlen(aprinter))); + DEBUGADD(5, ("searching for [%s] (len=%lu)\n", aprinter, (unsigned long)strlen(aprinter))); - /* - * The original code allowed smbd to store a printer name that - * was different from the share name. This is not possible - * anymore, so I've simplified this loop greatly. Here - * we are just verifying that the printer name is a valid - * printer service defined in smb.conf - * --jerry [Fri Feb 15 11:17:46 CST 2002] - */ + /* have to search on sharename and PRINTER_INFO2->printername */ for (snum=0; snum<n_services; snum++) { @@ -514,13 +509,45 @@ static BOOL set_printer_hnd_name(Printer_entry *Printer, char *handlename) fstrcpy(sname, lp_servicename(snum)); - DEBUGADD(5,("share:%s\n",sname)); + DEBUGADD(10, ("share: %s\n",sname)); - if (! StrCaseCmp(sname, aprinter)) { + /* sharename */ + if ( strequal(sname, aprinter) ) { found = True; break; } - + + /* printername */ + printer = NULL; + result = get_a_printer( NULL, &printer, 2, sname ); + if ( !W_ERROR_IS_OK(result) ) { + DEBUG(0,("set_printer_hnd_name: failed to lookup printer [%s] -- result [%s]\n", + sname, dos_errstr(result))); + continue; + } + + /* printername is always returned as \\server\printername */ + if ( !(printername = strchr_m(&printer->info_2->printername[2], '\\')) ) { + DEBUG(0,("set_printer_hnd_name: info2->printername in wrong format! [%s]\n", + printer->info_2->printername)); + free_a_printer( &printer, 2); + continue; + } + + /* FIXME!! not mb safe here */ + printername++; + + /* sharename */ + if ( strequal(printername, aprinter) ) { + found = True; + } + + DEBUGADD(10, ("printername: %s\n", printername)); + + free_a_printer( &printer, 2); + + if ( found ) + break; } @@ -5854,14 +5881,28 @@ static WERROR update_printer_sec(POLICY_HND *handle, uint32 level, static BOOL check_printer_ok(NT_PRINTER_INFO_LEVEL_2 *info, int snum) { + fstring printername; + const char *p; + DEBUG(5,("check_printer_ok: servername=%s printername=%s sharename=%s portname=%s drivername=%s comment=%s location=%s\n", info->servername, info->printername, info->sharename, info->portname, info->drivername, info->comment, info->location)); /* we force some elements to "correct" values */ slprintf(info->servername, sizeof(info->servername)-1, "\\\\%s", get_called_name()); fstrcpy(info->sharename, lp_servicename(snum)); + + /* make sure printername is in \\server\printername format */ + + fstrcpy( printername, info->printername ); + p = printername; + if ( printername[0] == '\\' && printername[1] == '\\' ) { + if ( (p = strchr_m( &printername[2], '\\' )) != NULL ) + p++; + } + slprintf(info->printername, sizeof(info->printername)-1, "\\\\%s\\%s", - get_called_name(), info->sharename); + get_called_name(), p ); + info->attributes = PRINTER_ATTRIBUTE_SAMBA; @@ -6057,14 +6098,28 @@ static WERROR update_printer(pipes_struct *p, POLICY_HND *handle, uint32 level, if (!strequal(printer->info_2->sharename, old_printer->info_2->sharename)) { init_unistr2( &buffer, printer->info_2->sharename, UNI_STR_TERMINATE); - set_printer_dataex( printer, SPOOL_DSSPOOLER_KEY, "printerName", - REG_SZ, (uint8*)buffer.buffer, buffer.uni_str_len*2 ); set_printer_dataex( printer, SPOOL_DSSPOOLER_KEY, "shareName", REG_SZ, (uint8*)buffer.buffer, buffer.uni_str_len*2 ); notify_printer_sharename(snum, printer->info_2->sharename); } + if (!strequal(printer->info_2->printername, old_printer->info_2->printername)) { + char *pname; + + if ( (pname = strchr_m( printer->info_2->printername+2, '\\' )) != NULL ) + pname++; + else + pname = printer->info_2->printername; + + + init_unistr2( &buffer, pname, UNI_STR_TERMINATE); + set_printer_dataex( printer, SPOOL_DSSPOOLER_KEY, "printerName", + REG_SZ, (uint8*)buffer.buffer, buffer.uni_str_len*2 ); + + notify_printer_printername( snum, pname ); + } + if (!strequal(printer->info_2->portname, old_printer->info_2->portname)) { init_unistr2( &buffer, printer->info_2->portname, UNI_STR_TERMINATE); set_printer_dataex( printer, SPOOL_DSSPOOLER_KEY, "portName", @@ -8750,19 +8805,19 @@ WERROR _spoolss_setprinterdataex(pipes_struct *p, SPOOL_Q_SETPRINTERDATAEX *q_u, { /* save the OID if one was specified */ if ( oid_string ) { - fstrcat( keyname, "\\" ); - fstrcat( keyname, SPOOL_OID_KEY ); + fstrcat( keyname, "\\" ); + fstrcat( keyname, SPOOL_OID_KEY ); - /* - * I'm not checking the status here on purpose. Don't know - * if this is right, but I'm returning the status from the - * previous set_printer_dataex() call. I have no idea if - * this is right. --jerry - */ + /* + * I'm not checking the status here on purpose. Don't know + * if this is right, but I'm returning the status from the + * previous set_printer_dataex() call. I have no idea if + * this is right. --jerry + */ - set_printer_dataex( printer, keyname, valuename, - REG_SZ, (void*)oid_string, strlen(oid_string)+1 ); - } + set_printer_dataex( printer, keyname, valuename, + REG_SZ, (void*)oid_string, strlen(oid_string)+1 ); + } status = mod_a_printer(*printer, 2); } diff --git a/source/smbd/server.c b/source/smbd/server.c index f25d42711db..343a835be8a 100644 --- a/source/smbd/server.c +++ b/source/smbd/server.c @@ -849,12 +849,13 @@ void build_options(BOOL screen); /* Setup the main smbd so that we can get messages. */ claim_connection(NULL,"",0,True,FLAG_MSG_GENERAL|FLAG_MSG_SMBD); - /* - DO NOT ENABLE THIS TILL YOU COPE WITH KILLING THESE TASKS AND INETD - THIS *killed* LOTS OF BUILD FARM MACHINES. IT CREATED HUNDREDS OF - smbd PROCESSES THAT NEVER DIE - start_background_queue(); - */ + /* only start the background queue daemon if we are + running as a daemon -- bad things will happen if + smbd is launched via inetd and we fork a copy of + ourselves here */ + + if ( is_daemon ) + start_background_queue(); if (!open_sockets_smbd(is_daemon, interactive, ports)) exit(1); |