summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--WHATSNEW.txt48
-rw-r--r--docs/README-NOW10
-rw-r--r--make-tarball.sh57
-rw-r--r--source/VERSION2
-rw-r--r--source/include/messages.h5
-rw-r--r--source/libsmb/ntlmssp.c2
-rw-r--r--source/modules/vfs_afsacl.c730
-rw-r--r--source/modules/vfs_full_audit.c1789
-rw-r--r--source/printing/notify.c9
-rw-r--r--source/printing/printing.c69
-rw-r--r--source/rpc_server/srv_spoolss_nt.c109
-rw-r--r--source/smbd/server.c13
12 files changed, 182 insertions, 2661 deletions
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 4c66cefc18a..c3e3dad047e 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,48 +1,17 @@
- =================================
- Release Notes for Samba 3.0.5pre1
- XXXX XX, 2004
- =================================
-
-This is a preview release of the Samba 3.0.5 code base and is
-provided for testing only. This release is *not* intended for
-production servers. Use at your own risk.
-
-There have been several bug fixes since the 3.0.4 release that
-we feel are important to make available to the Samba community
-for wider testings. See the "Changes" section for details on
-exact updates.
-
-Common bugs fixed in Samba 3.0.5pre1 include:
-
- o <FILL IN>
-
-
-######################################################################
-Changes
-#######
-
-Changes since 3.0.4
--------------------
-
-commits
--------
-
-
-
-
-Changes for older versions follow below:
-
- --------------------------------------------------
-
=============================
Release Notes for Samba 3.0.4
May 8, 2004
=============================
+This is the latest stable release of Samba. This is the version
+that production Samba servers should be running for all
+current bug-fixes. There have been several issues fixes since
+the 3.0.3 release and new features have been added as well.
+See the "Changes" section for details on exact updates.
Common bugs fixed in Samba 3.0.4 include:
- o Password changing after applying the patch described in
+ o Password changing after applying the patch described in
the Microsoft KB828741 article to Windows clients.
o Crashes in smbd.
o Managing print jobs via Windows on Big-Endian servers.
@@ -50,6 +19,9 @@ Common bugs fixed in Samba 3.0.4 include:
o Compile issues on AIX and *BSD.
+######################################################################
+Changes
+#######
Changes since 3.0.3
--------------------
@@ -59,7 +31,7 @@ commits
o Jeremy Allison <jra@samba.org>
* Fix path processing for DeletePrinterDriverEx().
- * BUG 1303: Fix for Microsoft hotfix KB828741 password change
+ * BUG 1303: Fix for Microsoft hotfix MS04-011 password change
breakage.
diff --git a/docs/README-NOW b/docs/README-NOW
deleted file mode 100644
index 46a772385cc..00000000000
--- a/docs/README-NOW
+++ /dev/null
@@ -1,10 +0,0 @@
- ATTENTION
- DOCS TREE REMOVED
----------------------------------------------------
-
-This docs tree has been moved to a separate CVS
-module on cvs.samba.org name 'samba-docs'.
-See http://cvs.samba.org/ for details on accessing
-Samba cvs trees.
-
-
diff --git a/make-tarball.sh b/make-tarball.sh
deleted file mode 100644
index f3250d5c732..00000000000
--- a/make-tarball.sh
+++ /dev/null
@@ -1,57 +0,0 @@
-#!/bin/sh
-
-## A simple script to build a tarball of the current CVS tree.
-## You either need to include the using_samba cvs module in the
-## parent directory or tell the script where to find it
-##
-## Usgae: ./make-tarball.sh
-
-DOCSDIR=../samba-docs/
-USING_SAMBA=../using_samba/
-SRCDIR=`pwd`
-
-if [ ! -d $USING_SAMBA ]; then
-
- echo Cannot find "Using Samba" directory \(assuming $USING_SAMBA\).
- echo Please set the USING_SAMBA variable in this script to the correct
- echo location. The html files are available in the using_samba CVS
- echo module on cvs.samba.org. See http://cvs/samba.org/ for details
- echo about anonymous CVS access. Exiting now....
-
- exit 1
-
-fi
-
-if [ ! -d $DOCSDIR ]; then
-
- echo Cannot find samba-docs \(assuming $DOCSDIR\).
- echo Please set the DOCSDIR variable in this script
- echo to the correct path.
-
- exit 1
-
-fi
-
-
-VERSION=`grep SAMBA_VERSION_OFFICIAL_STRING source/include/version.h | cut -d\" -f2 | sed 's/ /_/g'`
-TARBALLDIR=/tmp/samba-$VERSION
-
-echo Creating the tarball source directory in $TARBALLDIR
-
-/bin/rm -rf $TARBALLDIR
-/bin/rm -f samba-$VERSION.tar
-
-mkdir $TARBALLDIR
-rsync -aC ./ $TARBALLDIR
-/bin/rm -rf $TARBALLDIR/docs/*
-rsync -aC $DOCSDIR/ $TARBALLDIR/docs/
-rsync -aC $USING_SAMBA $TARBALLDIR/docs/htmldocs/
-
-echo Creating packaging scripts...
-( cd $TARBALLDIR/packaging; sh bin/update-pkginfo $VERSION 1 )
-
-echo Creating source/configure...
-( cd $TARBALLDIR/source; ./autogen.sh )
-
-echo Making tarball samba-$VERSION.tar in current directory...
-( cd `dirname $TARBALLDIR`; tar cf $SRCDIR/samba-$VERSION.tar samba-$VERSION )
diff --git a/source/VERSION b/source/VERSION
index 2ca60435f4e..e493805fdb4 100644
--- a/source/VERSION
+++ b/source/VERSION
@@ -51,7 +51,7 @@ SAMBA_VERSION_RC_RELEASE=
# e.g. SAMBA_VERSION_IS_SVN_SNAPSHOT=yes #
# -> "3.0.0-SVN-build-199" #
########################################################
-SAMBA_VERSION_IS_SVN_SNAPSHOT=yes
+SAMBA_VERSION_IS_SVN_SNAPSHOT=
########################################################
# This can be set by vendors if they want... #
diff --git a/source/include/messages.h b/source/include/messages.h
index 37e9372cdaa..78f19fa0bdb 100644
--- a/source/include/messages.h
+++ b/source/include/messages.h
@@ -49,9 +49,10 @@
/* printing messages */
/* #define MSG_PRINTER_NOTIFY 2001*/ /* Obsolete */
-#define MSG_PRINTER_DRVUPGRADE 2002
-#define MSG_PRINTER_NOTIFY2 2003
+#define MSG_PRINTER_DRVUPGRADE 2002
+#define MSG_PRINTER_NOTIFY2 2003
#define MSG_PRINTERDATA_INIT_RESET 2004
+#define MSG_PRINTER_UPDATE 2005
/* smbd messages */
#define MSG_SMB_CONF_UPDATED 3001
diff --git a/source/libsmb/ntlmssp.c b/source/libsmb/ntlmssp.c
index 66d48afc463..52e5cd004ff 100644
--- a/source/libsmb/ntlmssp.c
+++ b/source/libsmb/ntlmssp.c
@@ -1102,6 +1102,8 @@ NTSTATUS ntlmssp_client_start(NTLMSSP_STATE **ntlmssp_state)
NTLMSSP_NEGOTIATE_NTLM |
NTLMSSP_NEGOTIATE_NTLM2 |
NTLMSSP_NEGOTIATE_KEY_EXCH |
+ NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED |
+ NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED |
/*
* We need to set this to allow a later SetPassword
* via the SAMR pipe to succeed. Strange.... We could
diff --git a/source/modules/vfs_afsacl.c b/source/modules/vfs_afsacl.c
deleted file mode 100644
index 01b3fcb2b90..00000000000
--- a/source/modules/vfs_afsacl.c
+++ /dev/null
@@ -1,730 +0,0 @@
-/*
- * Convert AFS acls to NT acls and vice versa.
- *
- * Copyright (C) Volker Lendecke, 2003
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- */
-
-#include "includes.h"
-
-#undef DBGC_CLASS
-#define DBGC_CLASS DBGC_VFS
-
-#include <afs/stds.h>
-#include <afs/afs.h>
-#include <afs/auth.h>
-#include <afs/venus.h>
-#include <afs/prs_fs.h>
-
-#define MAXSIZE 2048
-
-extern DOM_SID global_sid_World;
-extern DOM_SID global_sid_Builtin_Administrators;
-extern DOM_SID global_sid_Builtin_Backup_Operators;
-extern DOM_SID global_sid_Authenticated_Users;
-extern DOM_SID global_sid_NULL;
-
-extern int afs_syscall(int, char *, int, char *, int);
-
-struct afs_ace {
- BOOL positive;
- char *name;
- DOM_SID sid;
- enum SID_NAME_USE type;
- uint32 rights;
- struct afs_ace *next;
-};
-
-struct afs_acl {
- TALLOC_CTX *ctx;
- int type;
- int num_aces;
- struct afs_ace *acelist;
-};
-
-struct afs_iob {
- char *in, *out;
- uint16 in_size, out_size;
-};
-
-
-static BOOL init_afs_acl(struct afs_acl *acl)
-{
- ZERO_STRUCT(*acl);
- acl->ctx = talloc_init("afs_acl");
- if (acl->ctx == NULL) {
- DEBUG(10, ("Could not init afs_acl"));
- return False;
- }
- return True;
-}
-
-static void free_afs_acl(struct afs_acl *acl)
-{
- talloc_destroy(acl->ctx);
-}
-
-static struct afs_ace *clone_afs_ace(TALLOC_CTX *mem_ctx, struct afs_ace *ace)
-{
- struct afs_ace *result = talloc(mem_ctx, sizeof(struct afs_ace));
-
- if (result == NULL)
- return NULL;
-
- *result = *ace;
-
- result->next = NULL;
- result->name = talloc_strdup(mem_ctx, ace->name);
-
- if (result->name == NULL) {
- return NULL;
- }
-
- return result;
-}
-
-
-/* Ok, this is sort-of a hack. We assume here that we have winbind users in
- * AFS. And yet another copy of parse_domain_user.... */
-
-static BOOL parse_domain_user(const char *domuser, fstring domain,
- fstring user)
-{
- char *p = strchr(domuser,*lp_winbind_separator());
-
- if (p==NULL) {
- return False;
- }
-
- fstrcpy(user, p+1);
- fstrcpy(domain, domuser);
- domain[PTR_DIFF(p, domuser)] = 0;
- strupper_m(domain);
-
- return True;
-}
-
-static struct afs_ace *new_afs_ace(TALLOC_CTX *mem_ctx,
- BOOL positive,
- const char *name, uint32 rights)
-{
- DOM_SID sid;
- enum SID_NAME_USE type;
- struct afs_ace *result;
-
- if (strcmp(name, "system:administrators") == 0) {
-
- sid_copy(&sid, &global_sid_Builtin_Administrators);
- type = SID_NAME_ALIAS;
-
- } else if (strcmp(name, "system:anyuser") == 0) {
-
- sid_copy(&sid, &global_sid_World);
- type = SID_NAME_ALIAS;
-
- } else if (strcmp(name, "system:authuser") == 0) {
-
- sid_copy(&sid, &global_sid_Authenticated_Users);
- type = SID_NAME_WKN_GRP;
-
- } else if (strcmp(name, "system:backup") == 0) {
-
- sid_copy(&sid, &global_sid_Builtin_Backup_Operators);
- type = SID_NAME_ALIAS;
-
- } else {
-
- fstring user, domain;
-
- if (!parse_domain_user(name, domain, user)) {
- fstrcpy(user, name);
- fstrcpy(domain, lp_workgroup());
- }
-
- if (!lookup_name(domain, user, &sid, &type)) {
- DEBUG(10, ("Could not find AFS user %s\n", name));
-
- sid_copy(&sid, &global_sid_NULL);
- type = SID_NAME_UNKNOWN;
-
- }
- }
-
- result = talloc(mem_ctx, sizeof(struct afs_ace));
-
- if (result == NULL) {
- DEBUG(0, ("Could not talloc AFS ace\n"));
- return NULL;
- }
-
- result->name = talloc_strdup(mem_ctx, name);
- if (result->name == NULL) {
- DEBUG(0, ("Could not talloc AFS ace name\n"));
- return NULL;
- }
-
- result->sid = sid;
- result->type = type;
-
- result->positive = positive;
- result->rights = rights;
-
- return result;
-}
-
-static void add_afs_ace(struct afs_acl *acl,
- BOOL positive,
- const char *name, uint32 rights)
-{
- struct afs_ace *ace;
-
- ace = new_afs_ace(acl->ctx, positive, name, rights);
-
- ace->next = acl->acelist;
- acl->acelist = ace;
-
- acl->num_aces += 1;
-
- DEBUG(10, ("add_afs_ace: Added %s entry for %s with rights %d\n",
- ace->positive?"positive":"negative",
- ace->name, ace->rights));
-
- return;
-}
-
-/* AFS ACLs in string form are a long string of fields delimited with \n.
- *
- * First line: Number of positive entries
- * Second line: Number of negative entries
- * Third and following lines: The entries themselves
- *
- * An ACE is a line of two fields, delimited by \t.
- *
- * First field: Name
- * Second field: Rights
- */
-
-static BOOL parse_afs_acl(struct afs_acl *acl, const char *acl_str)
-{
- int nplus, nminus;
- int aces;
-
- char str[MAXSIZE+1];
- char *p = str;
-
- strncpy(str, acl_str, MAXSIZE);
-
- if (sscanf(p, "%d", &nplus) != 1)
- return False;
-
- DEBUG(10, ("Found %d positive entries\n", nplus));
-
- if ((p = strchr(p, '\n')) == NULL)
- return False;
- p += 1;
-
- if (sscanf(p, "%d", &nminus) != 1)
- return False;
-
- DEBUG(10, ("Found %d negative entries\n", nminus));
-
- if ((p = strchr(p, '\n')) == NULL)
- return False;
- p += 1;
-
- for (aces = nplus+nminus; aces > 0; aces--)
- {
-
- const char *name;
- uint32 rights;
-
- name = p;
-
- if ((p = strchr(p, '\t')) == NULL)
- return False;
- *p = '\0';
- p += 1;
-
- if (sscanf(p, "%d", &rights) != 1)
- return False;
-
- if ((p = strchr(p, '\n')) == NULL)
- return False;
- p += 1;
-
- add_afs_ace(acl, nplus>0, name, rights);
-
- nplus -= 1;
- }
-
- return True;
-}
-
-static BOOL unparse_afs_acl(struct afs_acl *acl, char *acl_str)
-{
- /* TODO: String length checks!!!! */
-
- int positives = 0;
- int negatives = 0;
- fstring line;
-
- *acl_str = 0;
-
- struct afs_ace *ace = acl->acelist;
-
- while (ace != NULL) {
- if (ace->positive)
- positives++;
- else
- negatives++;
- ace = ace->next;
- }
-
- fstr_sprintf(line, "%d\n", positives);
- safe_strcat(acl_str, line, MAXSIZE);
-
- fstr_sprintf(line, "%d\n", negatives);
- safe_strcat(acl_str, line, MAXSIZE);
-
- ace = acl->acelist;
-
- while (ace != NULL) {
- fstr_sprintf(line, "%s\t%d\n", ace->name, ace->rights);
- safe_strcat(acl_str, line, MAXSIZE);
- ace = ace->next;
- }
- return True;
-}
-
-static uint32 afs_to_nt_file_rights(uint32 rights)
-{
- uint32 result = 0;
-
- if (rights & PRSFS_READ)
- result |= FILE_READ_DATA | FILE_READ_EA |
- FILE_EXECUTE | FILE_READ_ATTRIBUTES |
- READ_CONTROL_ACCESS | SYNCHRONIZE_ACCESS;
-
- if (rights & PRSFS_WRITE)
- result |= FILE_WRITE_DATA | FILE_WRITE_ATTRIBUTES |
- FILE_WRITE_EA | FILE_APPEND_DATA;
-
- if (rights & PRSFS_LOCK)
- result |= WRITE_OWNER_ACCESS;
-
- if (rights & PRSFS_DELETE)
- result |= DELETE_ACCESS;
-
- return result;
-}
-
-static uint32 afs_to_nt_dir_rights(uint32 rights)
-{
- uint32 result = 0;
-
- if (rights & PRSFS_INSERT)
- result |= FILE_ADD_FILE | FILE_ADD_SUBDIRECTORY;
-
- if (rights & PRSFS_LOOKUP)
- result |= FILE_READ_DATA | FILE_READ_EA |
- FILE_EXECUTE | FILE_READ_ATTRIBUTES |
- READ_CONTROL_ACCESS | SYNCHRONIZE_ACCESS;
-
- if (rights & PRSFS_WRITE)
- result |= FILE_WRITE_ATTRIBUTES | FILE_WRITE_DATA |
- FILE_APPEND_DATA | FILE_WRITE_EA;
-
- if ((rights & (PRSFS_INSERT|PRSFS_LOOKUP|PRSFS_DELETE)) ==
- (PRSFS_INSERT|PRSFS_LOOKUP|PRSFS_DELETE))
- result |= FILE_WRITE_ATTRIBUTES | FILE_WRITE_EA |
- GENERIC_WRITE_ACCESS;
-
- if (rights & PRSFS_DELETE)
- result |= DELETE_ACCESS;
-
- if (rights & PRSFS_ADMINISTER)
- result |= FILE_DELETE_CHILD | WRITE_DAC_ACCESS |
- WRITE_OWNER_ACCESS;
-
- return result;
-}
-
-static uint32 nt_to_afs_dir_rights(uint32 rights)
-{
- uint32 result = 0;
-
- if (rights & (GENERIC_ALL_ACCESS|WRITE_DAC_ACCESS)) {
- result |= PRSFS_READ | PRSFS_WRITE | PRSFS_INSERT |
- PRSFS_LOOKUP | PRSFS_DELETE | PRSFS_LOCK |
- PRSFS_ADMINISTER;
- }
-
- if (rights & (GENERIC_READ_ACCESS|FILE_READ_DATA)) {
- result |= PRSFS_READ | PRSFS_LOOKUP;
- }
-
- if (rights & (GENERIC_WRITE_ACCESS|FILE_WRITE_DATA)) {
- result |= PRSFS_WRITE | PRSFS_INSERT | PRSFS_DELETE |
- PRSFS_LOCK;
- }
-
- return result;
-}
-
-static size_t afs_to_nt_acl(struct afs_acl *afs_acl,
- struct files_struct *fsp,
- uint32 security_info,
- struct security_descriptor_info **ppdesc)
-{
- SEC_ACE *nt_ace_list;
- DOM_SID owner_sid, group_sid;
- SEC_ACCESS mask;
- SMB_STRUCT_STAT sbuf;
- SEC_ACL *psa = NULL;
- int good_aces;
- size_t sd_size;
- TALLOC_CTX *mem_ctx = main_loop_talloc_get();
-
- struct afs_ace *afs_ace;
-
- if (fsp->is_directory || fsp->fd == -1) {
- /* Get the stat struct for the owner info. */
- if(SMB_VFS_STAT(fsp->conn,fsp->fsp_name, &sbuf) != 0) {
- return 0;
- }
- } else {
- if(SMB_VFS_FSTAT(fsp,fsp->fd,&sbuf) != 0) {
- return 0;
- }
- }
-
- uid_to_sid(&owner_sid, sbuf.st_uid);
- gid_to_sid(&group_sid, sbuf.st_gid);
-
- nt_ace_list = (SEC_ACE *)malloc(afs_acl->num_aces * sizeof(SEC_ACE));
-
- if (nt_ace_list == NULL)
- return 0;
-
- afs_ace = afs_acl->acelist;
- good_aces = 0;
-
- while (afs_ace != NULL) {
- uint32 nt_rights;
-
- if (afs_ace->type == SID_NAME_UNKNOWN) {
- DEBUG(10, ("Ignoring unknown name %s\n",
- afs_ace->name));
- afs_ace = afs_ace->next;
- continue;
- }
-
- if (fsp->is_directory)
- nt_rights = afs_to_nt_dir_rights(afs_ace->rights);
- else
- nt_rights = afs_to_nt_file_rights(afs_ace->rights);
-
- init_sec_access(&mask, nt_rights);
- init_sec_ace(&nt_ace_list[good_aces++], &(afs_ace->sid),
- SEC_ACE_TYPE_ACCESS_ALLOWED, mask,
- SEC_ACE_FLAG_OBJECT_INHERIT |
- SEC_ACE_FLAG_CONTAINER_INHERIT);
- afs_ace = afs_ace->next;
- }
-
- psa = make_sec_acl(mem_ctx, NT4_ACL_REVISION,
- good_aces, nt_ace_list);
- if (psa == NULL)
- return 0;
-
-
- *ppdesc = make_sec_desc(mem_ctx, SEC_DESC_REVISION,
- SEC_DESC_SELF_RELATIVE,
- (security_info & OWNER_SECURITY_INFORMATION)
- ? &owner_sid : NULL,
- (security_info & GROUP_SECURITY_INFORMATION)
- ? &group_sid : NULL,
- NULL, psa, &sd_size);
-
- return sd_size;
-}
-
-static BOOL nt_to_afs_acl(uint32 security_info_sent,
- struct security_descriptor_info *psd,
- struct afs_acl *afs_acl)
-{
- SEC_ACL *dacl;
- int i;
-
- /* Currently we *only* look at the dacl */
-
- if (((security_info_sent & DACL_SECURITY_INFORMATION) == 0) ||
- (psd->dacl == NULL))
- return True;
-
- if (!init_afs_acl(afs_acl))
- return False;
-
- dacl = psd->dacl;
-
- for (i = 0; i < dacl->num_aces; i++) {
- SEC_ACE *ace = &(dacl->ace[i]);
- fstring dom_name;
- fstring name;
- enum SID_NAME_USE name_type;
-
- if (ace->type != SEC_ACE_TYPE_ACCESS_ALLOWED) {
- /* First cut: Only positive ACEs */
- return False;
- }
-
- if (sid_compare(&ace->trustee,
- &global_sid_Builtin_Administrators) == 0) {
-
- fstrcpy(name, "system:administrators");
-
- } else if (sid_compare(&ace->trustee,
- &global_sid_World) == 0) {
-
- fstrcpy(name, "system:anyuser");
-
- } else if (sid_compare(&ace->trustee,
- &global_sid_Authenticated_Users) == 0) {
-
- fstrcpy(name, "system:authuser");
-
- } else if (sid_compare(&ace->trustee,
- &global_sid_Builtin_Backup_Operators)
- == 0) {
-
- fstrcpy(name, "system:backup");
-
- } else {
-
- if (!lookup_sid(&ace->trustee,
- dom_name, name, &name_type)) {
- DEBUG(3, ("Could not lookup sid %s\n",
- sid_string_static(&ace->trustee)));
- return False;
- }
-
- if (strcmp(dom_name, lp_workgroup()) != 0) {
- DEBUG(3, ("Got SID for domain %s, not mine\n",
- dom_name));
- return False;
- }
-
- if ( (name_type == SID_NAME_USER) ||
- (name_type == SID_NAME_DOM_GRP) ) {
- fstring only_username;
- fstrcpy(only_username, name);
- fstr_sprintf(name, "%s%s%s",
- dom_name, lp_winbind_separator(),
- only_username);
- strlower_m(name);
- }
- }
-
- add_afs_ace(afs_acl, True, name,
- nt_to_afs_dir_rights(ace->info.mask));
- }
-
- return True;
-}
-
-static BOOL afs_get_afs_acl(char *filename, struct afs_acl *acl)
-{
- struct afs_iob iob;
-
- int ret;
-
- char space[MAXSIZE];
-
- DEBUG(5, ("afs_get_afs_acl: %s\n", filename));
-
- iob.in_size = 0;
- iob.out_size = MAXSIZE;
- iob.in = iob.out = space;
-
- ret = afs_syscall(AFSCALL_PIOCTL, filename, VIOCGETAL,
- (char *)&iob, 0);
-
- if (ret) {
- DEBUG(1, ("got error from PIOCTL: %d\n", ret));
- return False;
- }
-
- if (!init_afs_acl(acl))
- return False;
-
- if (!parse_afs_acl(acl, space)) {
- DEBUG(1, ("Could not parse AFS acl\n"));
- free_afs_acl(acl);
- return False;
- }
-
- return True;
-}
-
-static size_t afs_get_nt_acl(struct files_struct *fsp, uint32 security_info,
- struct security_descriptor_info **ppdesc)
-{
- struct afs_acl acl;
- size_t sd_size;
-
- DEBUG(5, ("afs_get_nt_acl: %s\n", fsp->fsp_name));
-
- if (!afs_get_afs_acl(fsp->fsp_name, &acl)) {
- return 0;
- }
-
- sd_size = afs_to_nt_acl(&acl, fsp, security_info, ppdesc);
-
- free_afs_acl(&acl);
-
- return sd_size;
-}
-
-/* For setting an AFS ACL we have to take care of the ACEs we could
- * not properly map to SIDs. Merge all of them into the new ACL. */
-
-static void merge_unknown_aces(struct afs_acl *src, struct afs_acl *dst)
-{
- struct afs_ace *ace;
-
- for (ace = src->acelist; ace != NULL; ace = ace->next)
- {
- struct afs_ace *copy;
-
- if (ace->type != SID_NAME_UNKNOWN) {
- DEBUG(10, ("Not merging known ACE for %s\n",
- ace->name));
- continue;
- }
-
- DEBUG(10, ("Merging unknown ACE for %s\n", ace->name));
-
- copy = clone_afs_ace(dst->ctx, ace);
-
- if (copy == NULL) {
- DEBUG(0, ("Could not clone ACE for %s\n", ace->name));
- continue;
- }
-
- copy->next = dst->acelist;
- dst->acelist = copy;
- dst->num_aces += 1;
- }
-}
-
-static BOOL afs_set_nt_acl(files_struct *fsp, uint32 security_info_sent,
- struct security_descriptor_info *psd)
-{
- struct afs_acl old_afs_acl, new_afs_acl;
- char acl_string[2049];
- struct afs_iob iob;
- int ret;
-
- if (!fsp->is_directory) {
- /* AFS only supports ACLs on directories... */
- return False;
- }
-
- if (!afs_get_afs_acl(fsp->fsp_name, &old_afs_acl)) {
- DEBUG(3, ("Could not get old ACL of %s\n", fsp->fsp_name));
- return False;
- }
-
- if (!nt_to_afs_acl(security_info_sent, psd, &new_afs_acl)) {
- free_afs_acl(&old_afs_acl);
- return False;
- }
-
- merge_unknown_aces(&old_afs_acl, &new_afs_acl);
-
- unparse_afs_acl(&new_afs_acl, acl_string);
-
- free_afs_acl(&old_afs_acl);
- free_afs_acl(&new_afs_acl);
-
- iob.in = acl_string;
- iob.in_size = 1+strlen(iob.in);
- iob.out = NULL;
- iob.out_size = 0;
-
- DEBUG(10, ("trying to set acl '%s' on file %s\n",
- iob.in, fsp->fsp_name));
-
- ret = afs_syscall(AFSCALL_PIOCTL, fsp->fsp_name, VIOCSETAL,
- (char *)&iob, 0);
-
- if (ret != 0) {
- DEBUG(10, ("VIOCSETAL returned %d\n", ret));
- }
-
- return (ret == 0);
-}
-
-static size_t afsacl_fget_nt_acl(struct vfs_handle_struct *handle,
- struct files_struct *fsp,
- int fd, uint32 security_info,
- struct security_descriptor_info **ppdesc)
-{
- return afs_get_nt_acl(fsp, security_info, ppdesc);
-}
-static size_t afsacl_get_nt_acl(struct vfs_handle_struct *handle,
- struct files_struct *fsp,
- const char *name, uint32 security_info,
- struct security_descriptor_info **ppdesc)
-{
- return afs_get_nt_acl(fsp, security_info, ppdesc);
-}
-
-BOOL afsacl_fset_nt_acl(vfs_handle_struct *handle,
- files_struct *fsp,
- int fd, uint32 security_info_sent,
- SEC_DESC *psd)
-{
- return afs_set_nt_acl(fsp, security_info_sent, psd);
-}
-
-BOOL afsacl_set_nt_acl(vfs_handle_struct *handle,
- files_struct *fsp,
- const char *name, uint32 security_info_sent,
- SEC_DESC *psd)
-{
- return afs_set_nt_acl(fsp, security_info_sent, psd);
-}
-
-/* VFS operations structure */
-
-static vfs_op_tuple afsacl_ops[] = {
- {SMB_VFS_OP(afsacl_fget_nt_acl), SMB_VFS_OP_FGET_NT_ACL,
- SMB_VFS_LAYER_TRANSPARENT},
- {SMB_VFS_OP(afsacl_get_nt_acl), SMB_VFS_OP_GET_NT_ACL,
- SMB_VFS_LAYER_TRANSPARENT},
- {SMB_VFS_OP(afsacl_fset_nt_acl), SMB_VFS_OP_FSET_NT_ACL,
- SMB_VFS_LAYER_TRANSPARENT},
- {SMB_VFS_OP(afsacl_set_nt_acl), SMB_VFS_OP_SET_NT_ACL,
- SMB_VFS_LAYER_TRANSPARENT},
- {SMB_VFS_OP(NULL), SMB_VFS_OP_NOOP, SMB_VFS_LAYER_NOOP}
-};
-
-NTSTATUS vfs_afsacl_init(void)
-{
- return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "afsacl",
- afsacl_ops);
-}
diff --git a/source/modules/vfs_full_audit.c b/source/modules/vfs_full_audit.c
deleted file mode 100644
index 993a8ee4cbe..00000000000
--- a/source/modules/vfs_full_audit.c
+++ /dev/null
@@ -1,1789 +0,0 @@
-/*
- * Auditing VFS module for samba. Log selected file operations to syslog
- * facility.
- *
- * Copyright (C) Tim Potter, 1999-2000
- * Copyright (C) Alexander Bokovoy, 2002
- * Copyright (C) John H Terpstra, 2003
- * Copyright (C) Stefan (metze) Metzmacher, 2003
- * Copyright (C) Volker Lendecke, 2004
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- */
-
-/*
- * This module implements parseable logging for all Samba VFS operations.
- *
- * You use it as follows:
- *
- * [tmp]
- * path = /tmp
- * vfs objects = full_audit
- * full_audit:prefix = %u|%I
- * full_audit:success = open opendir
- * full_audit:failure = all
- *
- * This leads to syslog entries of the form:
- * smbd_audit: nobody|192.168.234.1|opendir|ok|.
- * smbd_audit: nobody|192.168.234.1|open|fail (File not found)|r|x.txt
- *
- * where "nobody" is the connected username and "192.168.234.1" is the
- * client's IP address.
- *
- * Options:
- *
- * prefix: A macro expansion template prepended to the syslog entry.
- *
- * success: A list of VFS operations for which a successful completion should
- * be logged. Defaults to no logging at all. The special operation "all" logs
- * - you guessed it - everything.
- *
- * failure: A list of VFS operations for which failure to complete should be
- * logged. Defaults to logging everything.
- */
-
-
-#include "includes.h"
-
-extern struct current_user current_user;
-
-static int vfs_full_audit_debug_level = DBGC_VFS;
-
-#undef DBGC_CLASS
-#define DBGC_CLASS vfs_full_audit_debug_level
-
-/* Function prototypes */
-
-static int audit_connect(vfs_handle_struct *handle, connection_struct *conn,
- const char *svc, const char *user);
-static void audit_disconnect(vfs_handle_struct *handle,
- connection_struct *conn);
-static SMB_BIG_UINT audit_disk_free(vfs_handle_struct *handle,
- connection_struct *conn, const char *path,
- BOOL small_query, SMB_BIG_UINT *bsize,
- SMB_BIG_UINT *dfree, SMB_BIG_UINT *dsize);
-static int audit_get_quota(struct vfs_handle_struct *handle,
- struct connection_struct *conn,
- enum SMB_QUOTA_TYPE qtype, unid_t id,
- SMB_DISK_QUOTA *qt);
-static int audit_set_quota(struct vfs_handle_struct *handle,
- struct connection_struct *conn,
- enum SMB_QUOTA_TYPE qtype, unid_t id,
- SMB_DISK_QUOTA *qt);
-static DIR *audit_opendir(vfs_handle_struct *handle, connection_struct *conn,
- const char *fname);
-static struct dirent *audit_readdir(vfs_handle_struct *handle,
- connection_struct *conn, DIR *dirp);
-static int audit_mkdir(vfs_handle_struct *handle, connection_struct *conn,
- const char *path, mode_t mode);
-static int audit_rmdir(vfs_handle_struct *handle, connection_struct *conn,
- const char *path);
-static int audit_closedir(vfs_handle_struct *handle, connection_struct *conn,
- DIR *dirp);
-static int audit_open(vfs_handle_struct *handle, connection_struct *conn,
- const char *fname, int flags, mode_t mode);
-static int audit_close(vfs_handle_struct *handle, files_struct *fsp, int fd);
-static ssize_t audit_read(vfs_handle_struct *handle, files_struct *fsp,
- int fd, void *data, size_t n);
-static ssize_t audit_pread(vfs_handle_struct *handle, files_struct *fsp,
- int fd, void *data, size_t n, SMB_OFF_T offset);
-static ssize_t audit_write(vfs_handle_struct *handle, files_struct *fsp,
- int fd, const void *data, size_t n);
-static ssize_t audit_pwrite(vfs_handle_struct *handle, files_struct *fsp,
- int fd, const void *data, size_t n,
- SMB_OFF_T offset);
-static SMB_OFF_T audit_lseek(vfs_handle_struct *handle, files_struct *fsp,
- int filedes, SMB_OFF_T offset, int whence);
-static ssize_t audit_sendfile(vfs_handle_struct *handle, int tofd,
- files_struct *fsp, int fromfd,
- const DATA_BLOB *hdr, SMB_OFF_T offset,
- size_t n);
-static int audit_rename(vfs_handle_struct *handle, connection_struct *conn,
- const char *old, const char *new);
-static int audit_fsync(vfs_handle_struct *handle, files_struct *fsp, int fd);
-static int audit_stat(vfs_handle_struct *handle, connection_struct *conn,
- const char *fname, SMB_STRUCT_STAT *sbuf);
-static int audit_fstat(vfs_handle_struct *handle, files_struct *fsp, int fd,
- SMB_STRUCT_STAT *sbuf);
-static int audit_lstat(vfs_handle_struct *handle, connection_struct *conn,
- const char *path, SMB_STRUCT_STAT *sbuf);
-static int audit_unlink(vfs_handle_struct *handle, connection_struct *conn,
- const char *path);
-static int audit_chmod(vfs_handle_struct *handle, connection_struct *conn,
- const char *path, mode_t mode);
-static int audit_fchmod(vfs_handle_struct *handle, files_struct *fsp, int fd,
- mode_t mode);
-static int audit_chown(vfs_handle_struct *handle, connection_struct *conn,
- const char *path, uid_t uid, gid_t gid);
-static int audit_fchown(vfs_handle_struct *handle, files_struct *fsp, int fd,
- uid_t uid, gid_t gid);
-static int audit_chdir(vfs_handle_struct *handle, connection_struct *conn,
- const char *path);
-static char *audit_getwd(vfs_handle_struct *handle, connection_struct *conn,
- char *path);
-static int audit_utime(vfs_handle_struct *handle, connection_struct *conn,
- const char *path, struct utimbuf *times);
-static int audit_ftruncate(vfs_handle_struct *handle, files_struct *fsp,
- int fd, SMB_OFF_T len);
-static BOOL audit_lock(vfs_handle_struct *handle, files_struct *fsp, int fd,
- int op, SMB_OFF_T offset, SMB_OFF_T count, int type);
-static int audit_symlink(vfs_handle_struct *handle, connection_struct *conn,
- const char *oldpath, const char *newpath);
-static int audit_readlink(vfs_handle_struct *handle, connection_struct *conn,
- const char *path, char *buf, size_t bufsiz);
-static int audit_link(vfs_handle_struct *handle, connection_struct *conn,
- const char *oldpath, const char *newpath);
-static int audit_mknod(vfs_handle_struct *handle, connection_struct *conn,
- const char *pathname, mode_t mode, SMB_DEV_T dev);
-static char *audit_realpath(vfs_handle_struct *handle, connection_struct *conn,
- const char *path, char *resolved_path);
-static size_t audit_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
- int fd, uint32 security_info,
- SEC_DESC **ppdesc);
-static size_t audit_get_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
- const char *name, uint32 security_info,
- SEC_DESC **ppdesc);
-static BOOL audit_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
- int fd, uint32 security_info_sent,
- SEC_DESC *psd);
-static BOOL audit_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
- const char *name, uint32 security_info_sent,
- SEC_DESC *psd);
-static int audit_chmod_acl(vfs_handle_struct *handle, connection_struct *conn,
- const char *path, mode_t mode);
-static int audit_fchmod_acl(vfs_handle_struct *handle, files_struct *fsp,
- int fd, mode_t mode);
-static int audit_sys_acl_get_entry(vfs_handle_struct *handle,
- connection_struct *conn,
- SMB_ACL_T theacl, int entry_id,
- SMB_ACL_ENTRY_T *entry_p);
-static int audit_sys_acl_get_tag_type(vfs_handle_struct *handle,
- connection_struct *conn,
- SMB_ACL_ENTRY_T entry_d,
- SMB_ACL_TAG_T *tag_type_p);
-static int audit_sys_acl_get_permset(vfs_handle_struct *handle,
- connection_struct *conn,
- SMB_ACL_ENTRY_T entry_d,
- SMB_ACL_PERMSET_T *permset_p);
-static void * audit_sys_acl_get_qualifier(vfs_handle_struct *handle,
- connection_struct *conn,
- SMB_ACL_ENTRY_T entry_d);
-static SMB_ACL_T audit_sys_acl_get_file(vfs_handle_struct *handle,
- connection_struct *conn,
- const char *path_p,
- SMB_ACL_TYPE_T type);
-static SMB_ACL_T audit_sys_acl_get_fd(vfs_handle_struct *handle,
- files_struct *fsp,
- int fd);
-static int audit_sys_acl_clear_perms(vfs_handle_struct *handle,
- connection_struct *conn,
- SMB_ACL_PERMSET_T permset);
-static int audit_sys_acl_add_perm(vfs_handle_struct *handle,
- connection_struct *conn,
- SMB_ACL_PERMSET_T permset,
- SMB_ACL_PERM_T perm);
-static char * audit_sys_acl_to_text(vfs_handle_struct *handle,
- connection_struct *conn, SMB_ACL_T theacl,
- ssize_t *plen);
-static SMB_ACL_T audit_sys_acl_init(vfs_handle_struct *handle,
- connection_struct *conn,
- int count);
-static int audit_sys_acl_create_entry(vfs_handle_struct *handle,
- connection_struct *conn, SMB_ACL_T *pacl,
- SMB_ACL_ENTRY_T *pentry);
-static int audit_sys_acl_set_tag_type(vfs_handle_struct *handle,
- connection_struct *conn,
- SMB_ACL_ENTRY_T entry,
- SMB_ACL_TAG_T tagtype);
-static int audit_sys_acl_set_qualifier(vfs_handle_struct *handle,
- connection_struct *conn,
- SMB_ACL_ENTRY_T entry,
- void *qual);
-static int audit_sys_acl_set_permset(vfs_handle_struct *handle,
- connection_struct *conn,
- SMB_ACL_ENTRY_T entry,
- SMB_ACL_PERMSET_T permset);
-static int audit_sys_acl_valid(vfs_handle_struct *handle,
- connection_struct *conn,
- SMB_ACL_T theacl );
-static int audit_sys_acl_set_file(vfs_handle_struct *handle,
- connection_struct *conn,
- const char *name, SMB_ACL_TYPE_T acltype,
- SMB_ACL_T theacl);
-static int audit_sys_acl_set_fd(vfs_handle_struct *handle, files_struct *fsp,
- int fd, SMB_ACL_T theacl);
-static int audit_sys_acl_delete_def_file(vfs_handle_struct *handle,
- connection_struct *conn,
- const char *path);
-static int audit_sys_acl_get_perm(vfs_handle_struct *handle,
- connection_struct *conn,
- SMB_ACL_PERMSET_T permset,
- SMB_ACL_PERM_T perm);
-static int audit_sys_acl_free_text(vfs_handle_struct *handle,
- connection_struct *conn,
- char *text);
-static int audit_sys_acl_free_acl(vfs_handle_struct *handle,
- connection_struct *conn,
- SMB_ACL_T posix_acl);
-static int audit_sys_acl_free_qualifier(vfs_handle_struct *handle,
- connection_struct *conn,
- void *qualifier,
- SMB_ACL_TAG_T tagtype);
-static ssize_t audit_getxattr(struct vfs_handle_struct *handle,
- struct connection_struct *conn, const char *path,
- const char *name, void *value, size_t size);
-static ssize_t audit_lgetxattr(struct vfs_handle_struct *handle,
- struct connection_struct *conn,
- const char *path, const char *name,
- void *value, size_t size);
-static ssize_t audit_fgetxattr(struct vfs_handle_struct *handle,
- struct files_struct *fsp, int fd,
- const char *name, void *value, size_t size);
-static ssize_t audit_listxattr(struct vfs_handle_struct *handle,
- struct connection_struct *conn,
- const char *path, char *list, size_t size);
-static ssize_t audit_llistxattr(struct vfs_handle_struct *handle,
- struct connection_struct *conn,
- const char *path, char *list, size_t size);
-static ssize_t audit_flistxattr(struct vfs_handle_struct *handle,
- struct files_struct *fsp, int fd, char *list,
- size_t size);
-static int audit_removexattr(struct vfs_handle_struct *handle,
- struct connection_struct *conn, const char *path,
- const char *name);
-static int audit_lremovexattr(struct vfs_handle_struct *handle,
- struct connection_struct *conn, const char *path,
- const char *name);
-static int audit_fremovexattr(struct vfs_handle_struct *handle,
- struct files_struct *fsp, int fd,
- const char *name);
-static int audit_setxattr(struct vfs_handle_struct *handle,
- struct connection_struct *conn, const char *path,
- const char *name, const void *value, size_t size,
- int flags);
-static int audit_lsetxattr(struct vfs_handle_struct *handle,
- struct connection_struct *conn, const char *path,
- const char *name, const void *value, size_t size,
- int flags);
-static int audit_fsetxattr(struct vfs_handle_struct *handle,
- struct files_struct *fsp, int fd, const char *name,
- const void *value, size_t size, int flags);
-
-/* VFS operations */
-
-static vfs_op_tuple audit_op_tuples[] = {
-
- /* Disk operations */
-
- {SMB_VFS_OP(audit_connect), SMB_VFS_OP_CONNECT,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_disconnect), SMB_VFS_OP_DISCONNECT,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_disk_free), SMB_VFS_OP_DISK_FREE,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_get_quota), SMB_VFS_OP_GET_QUOTA,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_set_quota), SMB_VFS_OP_SET_QUOTA,
- SMB_VFS_LAYER_LOGGER},
-
- /* Directory operations */
-
- {SMB_VFS_OP(audit_opendir), SMB_VFS_OP_OPENDIR,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_readdir), SMB_VFS_OP_READDIR,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_mkdir), SMB_VFS_OP_MKDIR,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_rmdir), SMB_VFS_OP_RMDIR,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_closedir), SMB_VFS_OP_CLOSEDIR,
- SMB_VFS_LAYER_LOGGER},
-
- /* File operations */
-
- {SMB_VFS_OP(audit_open), SMB_VFS_OP_OPEN,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_close), SMB_VFS_OP_CLOSE,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_read), SMB_VFS_OP_READ,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_pread), SMB_VFS_OP_PREAD,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_write), SMB_VFS_OP_WRITE,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_pwrite), SMB_VFS_OP_PWRITE,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_lseek), SMB_VFS_OP_LSEEK,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_sendfile), SMB_VFS_OP_SENDFILE,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_rename), SMB_VFS_OP_RENAME,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_fsync), SMB_VFS_OP_FSYNC,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_stat), SMB_VFS_OP_STAT,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_fstat), SMB_VFS_OP_FSTAT,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_lstat), SMB_VFS_OP_LSTAT,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_unlink), SMB_VFS_OP_UNLINK,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_chmod), SMB_VFS_OP_CHMOD,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_fchmod), SMB_VFS_OP_FCHMOD,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_chown), SMB_VFS_OP_CHOWN,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_fchown), SMB_VFS_OP_FCHOWN,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_chdir), SMB_VFS_OP_CHDIR,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_getwd), SMB_VFS_OP_GETWD,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_utime), SMB_VFS_OP_UTIME,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_ftruncate), SMB_VFS_OP_FTRUNCATE,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_lock), SMB_VFS_OP_LOCK,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_symlink), SMB_VFS_OP_SYMLINK,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_readlink), SMB_VFS_OP_READLINK,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_link), SMB_VFS_OP_LINK,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_mknod), SMB_VFS_OP_MKNOD,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_realpath), SMB_VFS_OP_REALPATH,
- SMB_VFS_LAYER_LOGGER},
-
- /* NT ACL operations. */
-
- {SMB_VFS_OP(audit_fget_nt_acl), SMB_VFS_OP_FGET_NT_ACL,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_get_nt_acl), SMB_VFS_OP_GET_NT_ACL,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_fset_nt_acl), SMB_VFS_OP_FSET_NT_ACL,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_set_nt_acl), SMB_VFS_OP_SET_NT_ACL,
- SMB_VFS_LAYER_LOGGER},
-
- /* POSIX ACL operations. */
-
- {SMB_VFS_OP(audit_chmod_acl), SMB_VFS_OP_CHMOD,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_fchmod_acl), SMB_VFS_OP_FCHMOD,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_sys_acl_get_entry), SMB_VFS_OP_SYS_ACL_GET_ENTRY,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_sys_acl_get_tag_type), SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_sys_acl_get_permset), SMB_VFS_OP_SYS_ACL_GET_PERMSET,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_sys_acl_get_qualifier), SMB_VFS_OP_SYS_ACL_GET_QUALIFIER,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_sys_acl_get_file), SMB_VFS_OP_SYS_ACL_GET_FILE,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_sys_acl_get_fd), SMB_VFS_OP_SYS_ACL_GET_FD,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_sys_acl_clear_perms), SMB_VFS_OP_SYS_ACL_CLEAR_PERMS,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_sys_acl_add_perm), SMB_VFS_OP_SYS_ACL_ADD_PERM,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_sys_acl_to_text), SMB_VFS_OP_SYS_ACL_TO_TEXT,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_sys_acl_init), SMB_VFS_OP_SYS_ACL_INIT,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_sys_acl_create_entry), SMB_VFS_OP_SYS_ACL_CREATE_ENTRY,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_sys_acl_set_tag_type), SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_sys_acl_set_qualifier), SMB_VFS_OP_SYS_ACL_SET_QUALIFIER,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_sys_acl_set_permset), SMB_VFS_OP_SYS_ACL_SET_PERMSET,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_sys_acl_valid), SMB_VFS_OP_SYS_ACL_VALID,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_sys_acl_set_file), SMB_VFS_OP_SYS_ACL_SET_FILE,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_sys_acl_set_fd), SMB_VFS_OP_SYS_ACL_SET_FD,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_sys_acl_delete_def_file), SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_sys_acl_get_perm), SMB_VFS_OP_SYS_ACL_GET_PERM,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_sys_acl_free_text), SMB_VFS_OP_SYS_ACL_FREE_TEXT,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_sys_acl_free_acl), SMB_VFS_OP_SYS_ACL_FREE_ACL,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_sys_acl_free_qualifier), SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER,
- SMB_VFS_LAYER_LOGGER},
-
- /* EA operations. */
-
- {SMB_VFS_OP(audit_getxattr), SMB_VFS_OP_GETXATTR,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_lgetxattr), SMB_VFS_OP_LGETXATTR,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_fgetxattr), SMB_VFS_OP_FGETXATTR,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_listxattr), SMB_VFS_OP_LISTXATTR,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_llistxattr), SMB_VFS_OP_LLISTXATTR,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_flistxattr), SMB_VFS_OP_FLISTXATTR,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_removexattr), SMB_VFS_OP_REMOVEXATTR,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_lremovexattr), SMB_VFS_OP_LREMOVEXATTR,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_fremovexattr), SMB_VFS_OP_FREMOVEXATTR,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_setxattr), SMB_VFS_OP_SETXATTR,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_lsetxattr), SMB_VFS_OP_LSETXATTR,
- SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(audit_fsetxattr), SMB_VFS_OP_FSETXATTR,
- SMB_VFS_LAYER_LOGGER},
-
- /* Finish VFS operations definition */
-
- {SMB_VFS_OP(NULL), SMB_VFS_OP_NOOP,
- SMB_VFS_LAYER_NOOP}
-};
-
-/* The following array *must* be in the same order as defined in vfs.h */
-
-static struct {
- vfs_op_type type;
- const char *name;
-} vfs_op_names[] = {
- { SMB_VFS_OP_CONNECT, "connect" },
- { SMB_VFS_OP_DISCONNECT, "disconnect" },
- { SMB_VFS_OP_DISK_FREE, "disk_free" },
- { SMB_VFS_OP_GET_QUOTA, "get_quota" },
- { SMB_VFS_OP_SET_QUOTA, "set_quota" },
- { SMB_VFS_OP_GET_SHADOW_COPY_DATA, "get_shadow_copy_data" },
- { SMB_VFS_OP_OPENDIR, "opendir" },
- { SMB_VFS_OP_READDIR, "readdir" },
- { SMB_VFS_OP_MKDIR, "mkdir" },
- { SMB_VFS_OP_RMDIR, "rmdir" },
- { SMB_VFS_OP_CLOSEDIR, "closedir" },
- { SMB_VFS_OP_OPEN, "open" },
- { SMB_VFS_OP_CLOSE, "close" },
- { SMB_VFS_OP_READ, "read" },
- { SMB_VFS_OP_PREAD, "pread" },
- { SMB_VFS_OP_WRITE, "write" },
- { SMB_VFS_OP_PWRITE, "pwrite" },
- { SMB_VFS_OP_LSEEK, "lseek" },
- { SMB_VFS_OP_SENDFILE, "sendfile" },
- { SMB_VFS_OP_RENAME, "rename" },
- { SMB_VFS_OP_FSYNC, "fsync" },
- { SMB_VFS_OP_STAT, "stat" },
- { SMB_VFS_OP_FSTAT, "fstat" },
- { SMB_VFS_OP_LSTAT, "lstat" },
- { SMB_VFS_OP_UNLINK, "unlink" },
- { SMB_VFS_OP_CHMOD, "chmod" },
- { SMB_VFS_OP_FCHMOD, "fchmod" },
- { SMB_VFS_OP_CHOWN, "chown" },
- { SMB_VFS_OP_FCHOWN, "fchown" },
- { SMB_VFS_OP_CHDIR, "chdir" },
- { SMB_VFS_OP_GETWD, "getwd" },
- { SMB_VFS_OP_UTIME, "utime" },
- { SMB_VFS_OP_FTRUNCATE, "ftruncate" },
- { SMB_VFS_OP_LOCK, "lock" },
- { SMB_VFS_OP_SYMLINK, "symlink" },
- { SMB_VFS_OP_READLINK, "readlink" },
- { SMB_VFS_OP_LINK, "link" },
- { SMB_VFS_OP_MKNOD, "mknod" },
- { SMB_VFS_OP_REALPATH, "realpath" },
- { SMB_VFS_OP_FGET_NT_ACL, "fget_nt_acl" },
- { SMB_VFS_OP_GET_NT_ACL, "get_nt_acl" },
- { SMB_VFS_OP_FSET_NT_ACL, "fset_nt_acl" },
- { SMB_VFS_OP_SET_NT_ACL, "set_nt_acl" },
- { SMB_VFS_OP_CHMOD_ACL, "chmod_acl" },
- { SMB_VFS_OP_FCHMOD_ACL, "fchmod_acl" },
- { SMB_VFS_OP_SYS_ACL_GET_ENTRY, "sys_acl_get_entry" },
- { SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE, "sys_acl_get_tag_type" },
- { SMB_VFS_OP_SYS_ACL_GET_PERMSET, "sys_acl_get_permset" },
- { SMB_VFS_OP_SYS_ACL_GET_QUALIFIER, "sys_acl_get_qualifier" },
- { SMB_VFS_OP_SYS_ACL_GET_FILE, "sys_acl_get_file" },
- { SMB_VFS_OP_SYS_ACL_GET_FD, "sys_acl_get_fd" },
- { SMB_VFS_OP_SYS_ACL_CLEAR_PERMS, "sys_acl_clear_perms" },
- { SMB_VFS_OP_SYS_ACL_ADD_PERM, "sys_acl_add_perm" },
- { SMB_VFS_OP_SYS_ACL_TO_TEXT, "sys_acl_to_text" },
- { SMB_VFS_OP_SYS_ACL_INIT, "sys_acl_init" },
- { SMB_VFS_OP_SYS_ACL_CREATE_ENTRY, "sys_acl_create_entry" },
- { SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE, "sys_acl_set_tag_type" },
- { SMB_VFS_OP_SYS_ACL_SET_QUALIFIER, "sys_acl_set_qualifier" },
- { SMB_VFS_OP_SYS_ACL_SET_PERMSET, "sys_acl_set_permset" },
- { SMB_VFS_OP_SYS_ACL_VALID, "sys_acl_valid" },
- { SMB_VFS_OP_SYS_ACL_SET_FILE, "sys_acl_set_file" },
- { SMB_VFS_OP_SYS_ACL_SET_FD, "sys_acl_set_fd" },
- { SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE, "sys_acl_delete_def_file" },
- { SMB_VFS_OP_SYS_ACL_GET_PERM, "sys_acl_get_perm" },
- { SMB_VFS_OP_SYS_ACL_FREE_TEXT, "sys_acl_free_text" },
- { SMB_VFS_OP_SYS_ACL_FREE_ACL, "sys_acl_free_acl" },
- { SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER, "sys_acl_free_qualifier" },
- { SMB_VFS_OP_GETXATTR, "getxattr" },
- { SMB_VFS_OP_LGETXATTR, "lgetxattr" },
- { SMB_VFS_OP_FGETXATTR, "fgetxattr" },
- { SMB_VFS_OP_LISTXATTR, "listxattr" },
- { SMB_VFS_OP_LLISTXATTR, "llistxattr" },
- { SMB_VFS_OP_FLISTXATTR, "flistxattr" },
- { SMB_VFS_OP_REMOVEXATTR, "removexattr" },
- { SMB_VFS_OP_LREMOVEXATTR, "lremovexattr" },
- { SMB_VFS_OP_FREMOVEXATTR, "fremovexattr" },
- { SMB_VFS_OP_SETXATTR, "setxattr" },
- { SMB_VFS_OP_LSETXATTR, "lsetxattr" },
- { SMB_VFS_OP_FSETXATTR, "fsetxattr" },
- { SMB_VFS_OP_LAST, NULL }
-};
-
-static int audit_syslog_facility(vfs_handle_struct *handle)
-{
- /* fix me: let this be configurable by:
- * lp_param_enum(SNUM(handle->conn),
- * (handle->param?handle->param:"full_audit"),
- * "syslog facility",
- * audit_enum_facility,LOG_USER);
- */
- return LOG_USER;
-}
-
-static int audit_syslog_priority(vfs_handle_struct *handle)
-{
- /* fix me: let this be configurable by:
- * lp_param_enum(SNUM(handle->conn),
- * (handle->param?handle->param:"full_audit"),
- * "syslog priority",
- * audit_enum_priority,LOG_NOTICE);
- */
- return LOG_NOTICE;
-}
-
-static char *audit_prefix(connection_struct *conn)
-{
- static pstring prefix;
-
- pstrcpy(prefix, lp_parm_const_string(SNUM(conn), "full_audit",
- "prefix", "%u|%I"));
- standard_sub_snum(SNUM(conn), prefix, sizeof(prefix)-1);
- return prefix;
-}
-
-static struct bitmap *success_ops = NULL;
-
-static BOOL log_success(vfs_op_type op)
-{
- if (success_ops == NULL)
- return True;
-
- return bitmap_query(success_ops, op);
-}
-
-static struct bitmap *failure_ops = NULL;
-
-static BOOL log_failure(vfs_op_type op)
-{
- if (failure_ops == NULL)
- return True;
-
- return bitmap_query(failure_ops, op);
-}
-
-static void init_bitmap(struct bitmap **bm, const char **ops)
-{
- BOOL log_all = False;
-
- if (*bm != NULL)
- return;
-
- *bm = bitmap_allocate(SMB_VFS_OP_LAST);
-
- if (*bm == NULL) {
- DEBUG(0, ("Could not alloc bitmap -- "
- "defaulting to logging everything\n"));
- return;
- }
-
- while (*ops != NULL) {
- int i;
- BOOL found = False;
-
- if (strequal(*ops, "all")) {
- log_all = True;
- break;
- }
-
- for (i=0; i<SMB_VFS_OP_LAST; i++) {
- if (strequal(*ops, vfs_op_names[i].name)) {
- bitmap_set(*bm, i);
- found = True;
- }
- }
- if (!found) {
- DEBUG(0, ("Could not find opname %s, logging all\n",
- *ops));
- log_all = True;
- break;
- }
- ops += 1;
- }
-
- if (log_all) {
- /* The query functions default to True */
- bitmap_free(*bm);
- *bm = NULL;
- }
-}
-
-static const char *audit_opname(vfs_op_type op)
-{
- if (op >= SMB_VFS_OP_LAST)
- return "INVALID VFS OP";
- return vfs_op_names[op].name;
-}
-
-static void do_log(vfs_op_type op, BOOL success, vfs_handle_struct *handle,
- const char *format, ...)
-{
- fstring err_msg;
- pstring op_msg;
- va_list ap;
-
- if (success && (!log_success(op)))
- return;
-
- if (!success && (!log_failure(op)))
- return;
-
- if (success)
- fstrcpy(err_msg, "ok");
- else
- fstr_sprintf(err_msg, "fail (%s)", strerror(errno));
-
- va_start(ap, format);
- vsnprintf(op_msg, sizeof(op_msg), format, ap);
- va_end(ap);
-
- syslog(audit_syslog_priority(handle), "%s|%s|%s|%s\n",
- audit_prefix(handle->conn), audit_opname(op), err_msg, op_msg);
-
- return;
-}
-
-/* Implementation of vfs_ops. Pass everything on to the default
- operation but log event first. */
-
-static int audit_connect(vfs_handle_struct *handle, connection_struct *conn,
- const char *svc, const char *user)
-{
- int result;
- const char *none[] = { NULL };
- const char *all [] = { "all" };
-
- openlog("smbd_audit", 0, audit_syslog_facility(handle));
-
- init_bitmap(&success_ops,
- lp_parm_string_list(SNUM(conn), "full_audit", "success",
- none));
- init_bitmap(&failure_ops,
- lp_parm_string_list(SNUM(conn), "full_audit", "failure",
- all));
-
- result = SMB_VFS_NEXT_CONNECT(handle, conn, svc, user);
-
- do_log(SMB_VFS_OP_CONNECT, True, handle,
- "%s", svc);
-
- return result;
-}
-
-static void audit_disconnect(vfs_handle_struct *handle,
- connection_struct *conn)
-{
- SMB_VFS_NEXT_DISCONNECT(handle, conn);
-
- do_log(SMB_VFS_OP_DISCONNECT, True, handle,
- "%s", lp_servicename(SNUM(conn)));
-
- bitmap_free(success_ops);
- success_ops = NULL;
-
- bitmap_free(failure_ops);
- failure_ops = NULL;
-
- return;
-}
-
-static SMB_BIG_UINT audit_disk_free(vfs_handle_struct *handle,
- connection_struct *conn, const char *path,
- BOOL small_query, SMB_BIG_UINT *bsize,
- SMB_BIG_UINT *dfree, SMB_BIG_UINT *dsize)
-{
- SMB_BIG_UINT result;
-
- result = SMB_VFS_NEXT_DISK_FREE(handle, conn, path, small_query, bsize,
- dfree, dsize);
-
- /* Don't have a reasonable notion of failure here */
-
- do_log(SMB_VFS_OP_DISK_FREE, True, handle, "%s", path);
-
- return result;
-}
-
-static int audit_get_quota(struct vfs_handle_struct *handle,
- struct connection_struct *conn,
- enum SMB_QUOTA_TYPE qtype, unid_t id,
- SMB_DISK_QUOTA *qt)
-{
- int result;
-
- result = SMB_VFS_NEXT_GET_QUOTA(handle, conn, qtype, id, qt);
-
- do_log(SMB_VFS_OP_GET_QUOTA, (result >= 0), handle, "");
-
- return result;
-}
-
-
-static int audit_set_quota(struct vfs_handle_struct *handle,
- struct connection_struct *conn,
- enum SMB_QUOTA_TYPE qtype, unid_t id,
- SMB_DISK_QUOTA *qt)
-{
- int result;
-
- result = SMB_VFS_NEXT_SET_QUOTA(handle, conn, qtype, id, qt);
-
- do_log(SMB_VFS_OP_SET_QUOTA, (result >= 0), handle, "");
-
- return result;
-}
-
-static DIR *audit_opendir(vfs_handle_struct *handle, connection_struct *conn,
- const char *fname)
-{
- DIR *result;
-
- result = SMB_VFS_NEXT_OPENDIR(handle, conn, fname);
-
- do_log(SMB_VFS_OP_OPENDIR, (result != NULL), handle, "%s", fname);
-
- return result;
-}
-
-static struct dirent *audit_readdir(vfs_handle_struct *handle,
- connection_struct *conn, DIR *dirp)
-{
- struct dirent *result;
-
- result = SMB_VFS_NEXT_READDIR(handle, conn, dirp);
-
- /* This operation has no reasonable error condition
- * (End of dir is also failure), so always succeed.
- */
- do_log(SMB_VFS_OP_READDIR, True, handle, "");
-
- return result;
-}
-
-static int audit_mkdir(vfs_handle_struct *handle, connection_struct *conn,
- const char *path, mode_t mode)
-{
- int result;
-
- result = SMB_VFS_NEXT_MKDIR(handle, conn, path, mode);
-
- do_log(SMB_VFS_OP_MKDIR, (result >= 0), handle, "%s", path);
-
- return result;
-}
-
-static int audit_rmdir(vfs_handle_struct *handle, connection_struct *conn,
- const char *path)
-{
- int result;
-
- result = SMB_VFS_NEXT_RMDIR(handle, conn, path);
-
- do_log(SMB_VFS_OP_RMDIR, (result >= 0), handle, "%s", path);
-
- return result;
-}
-
-static int audit_closedir(vfs_handle_struct *handle, connection_struct *conn,
- DIR *dirp)
-{
- int result;
-
- result = SMB_VFS_NEXT_CLOSEDIR(handle, conn, dirp);
-
- do_log(SMB_VFS_OP_CLOSEDIR, (result >= 0), handle, "");
-
- return result;
-}
-
-static int audit_open(vfs_handle_struct *handle, connection_struct *conn,
- const char *fname, int flags, mode_t mode)
-{
- int result;
-
- result = SMB_VFS_NEXT_OPEN(handle, conn, fname, flags, mode);
-
- do_log(SMB_VFS_OP_OPEN, (result >= 0), handle, "%s|%s",
- ((flags & O_WRONLY) || (flags & O_RDWR))?"w":"r",
- fname);
-
- return result;
-}
-
-static int audit_close(vfs_handle_struct *handle, files_struct *fsp, int fd)
-{
- int result;
-
- result = SMB_VFS_NEXT_CLOSE(handle, fsp, fd);
-
- do_log(SMB_VFS_OP_CLOSE, (result >= 0), handle, "%s", fsp->fsp_name);
-
- return result;
-}
-
-static ssize_t audit_read(vfs_handle_struct *handle, files_struct *fsp,
- int fd, void *data, size_t n)
-{
- ssize_t result;
-
- result = SMB_VFS_NEXT_READ(handle, fsp, fd, data, n);
-
- do_log(SMB_VFS_OP_READ, (result >= 0), handle, "%s", fsp->fsp_name);
-
- return result;
-}
-
-static ssize_t audit_pread(vfs_handle_struct *handle, files_struct *fsp,
- int fd, void *data, size_t n, SMB_OFF_T offset)
-{
- ssize_t result;
-
- result = SMB_VFS_NEXT_PREAD(handle, fsp, fd, data, n, offset);
-
- do_log(SMB_VFS_OP_PREAD, (result >= 0), handle, "%s", fsp->fsp_name);
-
- return result;
-}
-
-static ssize_t audit_write(vfs_handle_struct *handle, files_struct *fsp,
- int fd, const void *data, size_t n)
-{
- ssize_t result;
-
- result = SMB_VFS_NEXT_WRITE(handle, fsp, fd, data, n);
-
- do_log(SMB_VFS_OP_WRITE, (result >= 0), handle, "%s", fsp->fsp_name);
-
- return result;
-}
-
-static ssize_t audit_pwrite(vfs_handle_struct *handle, files_struct *fsp,
- int fd, const void *data, size_t n,
- SMB_OFF_T offset)
-{
- ssize_t result;
-
- result = SMB_VFS_NEXT_PWRITE(handle, fsp, fd, data, n, offset);
-
- do_log(SMB_VFS_OP_PWRITE, (result >= 0), handle, "%s", fsp->fsp_name);
-
- return result;
-}
-
-static SMB_OFF_T audit_lseek(vfs_handle_struct *handle, files_struct *fsp,
- int filedes, SMB_OFF_T offset, int whence)
-{
- ssize_t result;
-
- result = SMB_VFS_NEXT_LSEEK(handle, fsp, filedes, offset, whence);
-
- do_log(SMB_VFS_OP_LSEEK, (result != (ssize_t)-1), handle,
- "%s", fsp->fsp_name);
-
- return result;
-}
-
-static ssize_t audit_sendfile(vfs_handle_struct *handle, int tofd,
- files_struct *fsp, int fromfd,
- const DATA_BLOB *hdr, SMB_OFF_T offset,
- size_t n)
-{
- ssize_t result;
-
- result = SMB_VFS_NEXT_SENDFILE(handle, tofd, fsp, fromfd, hdr,
- offset, n);
-
- do_log(SMB_VFS_OP_SENDFILE, (result >= 0), handle,
- "%s", fsp->fsp_name);
-
- return result;
-}
-
-static int audit_rename(vfs_handle_struct *handle, connection_struct *conn,
- const char *old, const char *new)
-{
- int result;
-
- result = SMB_VFS_NEXT_RENAME(handle, conn, old, new);
-
- do_log(SMB_VFS_OP_RENAME, (result >= 0), handle, "%s|%s", old, new);
-
- return result;
-}
-
-static int audit_fsync(vfs_handle_struct *handle, files_struct *fsp, int fd)
-{
- int result;
-
- result = SMB_VFS_NEXT_FSYNC(handle, fsp, fd);
-
- do_log(SMB_VFS_OP_FSYNC, (result >= 0), handle, "%s", fsp->fsp_name);
-
- return result;
-}
-
-static int audit_stat(vfs_handle_struct *handle, connection_struct *conn,
- const char *fname, SMB_STRUCT_STAT *sbuf)
-{
- int result;
-
- result = SMB_VFS_NEXT_STAT(handle, conn, fname, sbuf);
-
- do_log(SMB_VFS_OP_STAT, (result >= 0), handle, "%s", fname);
-
- return result;
-}
-
-static int audit_fstat(vfs_handle_struct *handle, files_struct *fsp, int fd,
- SMB_STRUCT_STAT *sbuf)
-{
- int result;
-
- result = SMB_VFS_NEXT_FSTAT(handle, fsp, fd, sbuf);
-
- do_log(SMB_VFS_OP_FSTAT, (result >= 0), handle, "%s", fsp->fsp_name);
-
- return result;
-}
-
-static int audit_lstat(vfs_handle_struct *handle, connection_struct *conn,
- const char *path, SMB_STRUCT_STAT *sbuf)
-{
- int result;
-
- result = SMB_VFS_NEXT_LSTAT(handle, conn, path, sbuf);
-
- do_log(SMB_VFS_OP_LSTAT, (result >= 0), handle, "%s", path);
-
- return result;
-}
-
-static int audit_unlink(vfs_handle_struct *handle, connection_struct *conn,
- const char *path)
-{
- int result;
-
- result = SMB_VFS_NEXT_UNLINK(handle, conn, path);
-
- do_log(SMB_VFS_OP_UNLINK, (result >= 0), handle, "%s", path);
-
- return result;
-}
-
-static int audit_chmod(vfs_handle_struct *handle, connection_struct *conn,
- const char *path, mode_t mode)
-{
- int result;
-
- result = SMB_VFS_NEXT_CHMOD(handle, conn, path, mode);
-
- do_log(SMB_VFS_OP_CHMOD, (result >= 0), handle, "%s|%o", path, mode);
-
- return result;
-}
-
-static int audit_fchmod(vfs_handle_struct *handle, files_struct *fsp, int fd,
- mode_t mode)
-{
- int result;
-
- result = SMB_VFS_NEXT_FCHMOD(handle, fsp, fd, mode);
-
- do_log(SMB_VFS_OP_FCHMOD, (result >= 0), handle,
- "%s|%o", fsp->fsp_name, mode);
-
- return result;
-}
-
-static int audit_chown(vfs_handle_struct *handle, connection_struct *conn,
- const char *path, uid_t uid, gid_t gid)
-{
- int result;
-
- result = SMB_VFS_NEXT_CHOWN(handle, conn, path, uid, gid);
-
- do_log(SMB_VFS_OP_CHOWN, (result >= 0), handle, "%s|%ld|%ld",
- path, (long int)uid, (long int)gid);
-
- return result;
-}
-
-static int audit_fchown(vfs_handle_struct *handle, files_struct *fsp, int fd,
- uid_t uid, gid_t gid)
-{
- int result;
-
- result = SMB_VFS_NEXT_FCHOWN(handle, fsp, fd, uid, gid);
-
- do_log(SMB_VFS_OP_FCHOWN, (result >= 0), handle, "%s|%ld|%ld",
- fsp->fsp_name, (long int)uid, (long int)gid);
-
- return result;
-}
-
-static int audit_chdir(vfs_handle_struct *handle, connection_struct *conn,
- const char *path)
-{
- int result;
-
- result = SMB_VFS_NEXT_CHDIR(handle, conn, path);
-
- do_log(SMB_VFS_OP_CHDIR, (result >= 0), handle, "chdir|%s", path);
-
- return result;
-}
-
-static char *audit_getwd(vfs_handle_struct *handle, connection_struct *conn,
- char *path)
-{
- char *result;
-
- result = SMB_VFS_NEXT_GETWD(handle, conn, path);
-
- do_log(SMB_VFS_OP_GETWD, (result != NULL), handle, "%s", path);
-
- return result;
-}
-
-static int audit_utime(vfs_handle_struct *handle, connection_struct *conn,
- const char *path, struct utimbuf *times)
-{
- int result;
-
- result = SMB_VFS_NEXT_UTIME(handle, conn, path, times);
-
- do_log(SMB_VFS_OP_UTIME, (result >= 0), handle, "%s", path);
-
- return result;
-}
-
-static int audit_ftruncate(vfs_handle_struct *handle, files_struct *fsp,
- int fd, SMB_OFF_T len)
-{
- int result;
-
- result = SMB_VFS_NEXT_FTRUNCATE(handle, fsp, fd, len);
-
- do_log(SMB_VFS_OP_FTRUNCATE, (result >= 0), handle,
- "%s", fsp->fsp_name);
-
- return result;
-}
-
-static BOOL audit_lock(vfs_handle_struct *handle, files_struct *fsp, int fd,
- int op, SMB_OFF_T offset, SMB_OFF_T count, int type)
-{
- BOOL result;
-
- result = SMB_VFS_NEXT_LOCK(handle, fsp, fd, op, offset, count, type);
-
- do_log(SMB_VFS_OP_LOCK, (result >= 0), handle, "%s", fsp->fsp_name);
-
- return result;
-}
-
-static int audit_symlink(vfs_handle_struct *handle, connection_struct *conn,
- const char *oldpath, const char *newpath)
-{
- int result;
-
- result = SMB_VFS_NEXT_SYMLINK(handle, conn, oldpath, newpath);
-
- do_log(SMB_VFS_OP_SYMLINK, (result >= 0), handle,
- "%s|%s", oldpath, newpath);
-
- return result;
-}
-
-static int audit_readlink(vfs_handle_struct *handle, connection_struct *conn,
- const char *path, char *buf, size_t bufsiz)
-{
- int result;
-
- result = SMB_VFS_NEXT_READLINK(handle, conn, path, buf, bufsiz);
-
- do_log(SMB_VFS_OP_READLINK, (result >= 0), handle, "%s", path);
-
- return result;
-}
-
-static int audit_link(vfs_handle_struct *handle, connection_struct *conn,
- const char *oldpath, const char *newpath)
-{
- int result;
-
- result = SMB_VFS_NEXT_LINK(handle, conn, oldpath, newpath);
-
- do_log(SMB_VFS_OP_LINK, (result >= 0), handle,
- "%s|%s", oldpath, newpath);
-
- return result;
-}
-
-static int audit_mknod(vfs_handle_struct *handle, connection_struct *conn,
- const char *pathname, mode_t mode, SMB_DEV_T dev)
-{
- int result;
-
- result = SMB_VFS_NEXT_MKNOD(handle, conn, pathname, mode, dev);
-
- do_log(SMB_VFS_OP_MKNOD, (result >= 0), handle, "%s", pathname);
-
- return result;
-}
-
-static char *audit_realpath(vfs_handle_struct *handle, connection_struct *conn,
- const char *path, char *resolved_path)
-{
- char *result;
-
- result = SMB_VFS_NEXT_REALPATH(handle, conn, path, resolved_path);
-
- do_log(SMB_VFS_OP_REALPATH, (result != NULL), handle, "%s", path);
-
- return result;
-}
-
-static size_t audit_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
- int fd, uint32 security_info,
- SEC_DESC **ppdesc)
-{
- size_t result;
-
- result = SMB_VFS_NEXT_FGET_NT_ACL(handle, fsp, fd, security_info,
- ppdesc);
-
- do_log(SMB_VFS_OP_FGET_NT_ACL, (result > 0), handle,
- "%s", fsp->fsp_name);
-
- return result;
-}
-
-static size_t audit_get_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
- const char *name, uint32 security_info,
- SEC_DESC **ppdesc)
-{
- size_t result;
-
- result = SMB_VFS_NEXT_GET_NT_ACL(handle, fsp, name, security_info,
- ppdesc);
-
- do_log(SMB_VFS_OP_GET_NT_ACL, (result > 0), handle,
- "%s", fsp->fsp_name);
-
- return result;
-}
-
-static BOOL audit_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
- int fd, uint32 security_info_sent,
- SEC_DESC *psd)
-{
- BOOL result;
-
- result = SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, fd, security_info_sent,
- psd);
-
- do_log(SMB_VFS_OP_FSET_NT_ACL, result, handle, "%s", fsp->fsp_name);
-
- return result;
-}
-
-static BOOL audit_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
- const char *name, uint32 security_info_sent,
- SEC_DESC *psd)
-{
- BOOL result;
-
- result = SMB_VFS_NEXT_SET_NT_ACL(handle, fsp, name, security_info_sent,
- psd);
-
- do_log(SMB_VFS_OP_SET_NT_ACL, result, handle, "%s", fsp->fsp_name);
-
- return result;
-}
-
-static int audit_chmod_acl(vfs_handle_struct *handle, connection_struct *conn,
- const char *path, mode_t mode)
-{
- int result;
-
- result = SMB_VFS_NEXT_CHMOD_ACL(handle, conn, path, mode);
-
- do_log(SMB_VFS_OP_CHMOD_ACL, (result >= 0), handle,
- "%s|%o", path, mode);
-
- return result;
-}
-
-static int audit_fchmod_acl(vfs_handle_struct *handle, files_struct *fsp,
- int fd, mode_t mode)
-{
- int result;
-
- result = SMB_VFS_NEXT_FCHMOD_ACL(handle, fsp, fd, mode);
-
- do_log(SMB_VFS_OP_FCHMOD_ACL, (result >= 0), handle,
- "%s|%o", fsp->fsp_name, mode);
-
- return result;
-}
-
-static int audit_sys_acl_get_entry(vfs_handle_struct *handle,
- connection_struct *conn,
- SMB_ACL_T theacl, int entry_id,
- SMB_ACL_ENTRY_T *entry_p)
-{
- int result;
-
- result = SMB_VFS_NEXT_SYS_ACL_GET_ENTRY(handle, conn, theacl, entry_id,
- entry_p);
-
- do_log(SMB_VFS_OP_SYS_ACL_GET_ENTRY, (result >= 0), handle,
- "");
-
- return result;
-}
-
-static int audit_sys_acl_get_tag_type(vfs_handle_struct *handle,
- connection_struct *conn,
- SMB_ACL_ENTRY_T entry_d,
- SMB_ACL_TAG_T *tag_type_p)
-{
- int result;
-
- result = SMB_VFS_NEXT_SYS_ACL_GET_TAG_TYPE(handle, conn, entry_d,
- tag_type_p);
-
- do_log(SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE, (result >= 0), handle,
- "");
-
- return result;
-}
-
-static int audit_sys_acl_get_permset(vfs_handle_struct *handle,
- connection_struct *conn,
- SMB_ACL_ENTRY_T entry_d,
- SMB_ACL_PERMSET_T *permset_p)
-{
- int result;
-
- result = SMB_VFS_NEXT_SYS_ACL_GET_PERMSET(handle, conn, entry_d,
- permset_p);
-
- do_log(SMB_VFS_OP_SYS_ACL_GET_PERMSET, (result >= 0), handle,
- "");
-
- return result;
-}
-
-static void * audit_sys_acl_get_qualifier(vfs_handle_struct *handle,
- connection_struct *conn,
- SMB_ACL_ENTRY_T entry_d)
-{
- void *result;
-
- result = SMB_VFS_NEXT_SYS_ACL_GET_QUALIFIER(handle, conn, entry_d);
-
- do_log(SMB_VFS_OP_SYS_ACL_GET_QUALIFIER, (result != NULL), handle,
- "");
-
- return result;
-}
-
-static SMB_ACL_T audit_sys_acl_get_file(vfs_handle_struct *handle,
- connection_struct *conn,
- const char *path_p,
- SMB_ACL_TYPE_T type)
-{
- SMB_ACL_T result;
-
- result = SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, conn, path_p, type);
-
- do_log(SMB_VFS_OP_SYS_ACL_GET_FILE, (result != NULL), handle,
- "%s", path_p);
-
- return result;
-}
-
-static SMB_ACL_T audit_sys_acl_get_fd(vfs_handle_struct *handle,
- files_struct *fsp, int fd)
-{
- SMB_ACL_T result;
-
- result = SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp, fd);
-
- do_log(SMB_VFS_OP_SYS_ACL_GET_FD, (result != NULL), handle,
- "%s", fsp->fsp_name);
-
- return result;
-}
-
-static int audit_sys_acl_clear_perms(vfs_handle_struct *handle,
- connection_struct *conn,
- SMB_ACL_PERMSET_T permset)
-{
- int result;
-
- result = SMB_VFS_NEXT_SYS_ACL_CLEAR_PERMS(handle, conn, permset);
-
- do_log(SMB_VFS_OP_SYS_ACL_CLEAR_PERMS, (result >= 0), handle,
- "");
-
- return result;
-}
-
-static int audit_sys_acl_add_perm(vfs_handle_struct *handle,
- connection_struct *conn,
- SMB_ACL_PERMSET_T permset,
- SMB_ACL_PERM_T perm)
-{
- int result;
-
- result = SMB_VFS_NEXT_SYS_ACL_ADD_PERM(handle, conn, permset, perm);
-
- do_log(SMB_VFS_OP_SYS_ACL_ADD_PERM, (result >= 0), handle,
- "");
-
- return result;
-}
-
-static char * audit_sys_acl_to_text(vfs_handle_struct *handle,
- connection_struct *conn, SMB_ACL_T theacl,
- ssize_t *plen)
-{
- char * result;
-
- result = SMB_VFS_NEXT_SYS_ACL_TO_TEXT(handle, conn, theacl, plen);
-
- do_log(SMB_VFS_OP_SYS_ACL_TO_TEXT, (result != NULL), handle,
- "");
-
- return result;
-}
-
-static SMB_ACL_T audit_sys_acl_init(vfs_handle_struct *handle,
- connection_struct *conn,
- int count)
-{
- SMB_ACL_T result;
-
- result = SMB_VFS_NEXT_SYS_ACL_INIT(handle, conn, count);
-
- do_log(SMB_VFS_OP_SYS_ACL_INIT, (result != NULL), handle,
- "");
-
- return result;
-}
-
-static int audit_sys_acl_create_entry(vfs_handle_struct *handle,
- connection_struct *conn, SMB_ACL_T *pacl,
- SMB_ACL_ENTRY_T *pentry)
-{
- int result;
-
- result = SMB_VFS_NEXT_SYS_ACL_CREATE_ENTRY(handle, conn, pacl, pentry);
-
- do_log(SMB_VFS_OP_SYS_ACL_CREATE_ENTRY, (result >= 0), handle,
- "");
-
- return result;
-}
-
-static int audit_sys_acl_set_tag_type(vfs_handle_struct *handle,
- connection_struct *conn,
- SMB_ACL_ENTRY_T entry,
- SMB_ACL_TAG_T tagtype)
-{
- int result;
-
- result = SMB_VFS_NEXT_SYS_ACL_SET_TAG_TYPE(handle, conn, entry,
- tagtype);
-
- do_log(SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE, (result >= 0), handle,
- "");
-
- return result;
-}
-
-static int audit_sys_acl_set_qualifier(vfs_handle_struct *handle,
- connection_struct *conn,
- SMB_ACL_ENTRY_T entry,
- void *qual)
-{
- int result;
-
- result = SMB_VFS_NEXT_SYS_ACL_SET_QUALIFIER(handle, conn, entry, qual);
-
- do_log(SMB_VFS_OP_SYS_ACL_SET_QUALIFIER, (result >= 0), handle,
- "");
-
- return result;
-}
-
-static int audit_sys_acl_set_permset(vfs_handle_struct *handle,
- connection_struct *conn,
- SMB_ACL_ENTRY_T entry,
- SMB_ACL_PERMSET_T permset)
-{
- int result;
-
- result = SMB_VFS_NEXT_SYS_ACL_SET_PERMSET(handle, conn, entry, permset);
-
- do_log(SMB_VFS_OP_SYS_ACL_SET_PERMSET, (result >= 0), handle,
- "");
-
- return result;
-}
-
-static int audit_sys_acl_valid(vfs_handle_struct *handle,
- connection_struct *conn,
- SMB_ACL_T theacl )
-{
- int result;
-
- result = SMB_VFS_NEXT_SYS_ACL_VALID(handle, conn, theacl);
-
- do_log(SMB_VFS_OP_SYS_ACL_VALID, (result >= 0), handle,
- "");
-
- return result;
-}
-
-static int audit_sys_acl_set_file(vfs_handle_struct *handle,
- connection_struct *conn,
- const char *name, SMB_ACL_TYPE_T acltype,
- SMB_ACL_T theacl)
-{
- int result;
-
- result = SMB_VFS_NEXT_SYS_ACL_SET_FILE(handle, conn, name, acltype,
- theacl);
-
- do_log(SMB_VFS_OP_SYS_ACL_SET_FILE, (result >= 0), handle,
- "%s", name);
-
- return result;
-}
-
-static int audit_sys_acl_set_fd(vfs_handle_struct *handle, files_struct *fsp,
- int fd, SMB_ACL_T theacl)
-{
- int result;
-
- result = SMB_VFS_NEXT_SYS_ACL_SET_FD(handle, fsp, fd, theacl);
-
- do_log(SMB_VFS_OP_SYS_ACL_SET_FD, (result >= 0), handle,
- "%s", fsp->fsp_name);
-
- return result;
-}
-
-static int audit_sys_acl_delete_def_file(vfs_handle_struct *handle,
- connection_struct *conn,
- const char *path)
-{
- int result;
-
- result = SMB_VFS_NEXT_SYS_ACL_DELETE_DEF_FILE(handle, conn, path);
-
- do_log(SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE, (result >= 0), handle,
- "%s", path);
-
- return result;
-}
-
-static int audit_sys_acl_get_perm(vfs_handle_struct *handle,
- connection_struct *conn,
- SMB_ACL_PERMSET_T permset,
- SMB_ACL_PERM_T perm)
-{
- int result;
-
- result = SMB_VFS_NEXT_SYS_ACL_GET_PERM(handle, conn, permset, perm);
-
- do_log(SMB_VFS_OP_SYS_ACL_GET_PERM, (result >= 0), handle,
- "");
-
- return result;
-}
-
-static int audit_sys_acl_free_text(vfs_handle_struct *handle,
- connection_struct *conn,
- char *text)
-{
- int result;
-
- result = SMB_VFS_NEXT_SYS_ACL_FREE_TEXT(handle, conn, text);
-
- do_log(SMB_VFS_OP_SYS_ACL_FREE_TEXT, (result >= 0), handle,
- "");
-
- return result;
-}
-
-static int audit_sys_acl_free_acl(vfs_handle_struct *handle,
- connection_struct *conn,
- SMB_ACL_T posix_acl)
-{
- int result;
-
- result = SMB_VFS_NEXT_SYS_ACL_FREE_ACL(handle, conn, posix_acl);
-
- do_log(SMB_VFS_OP_SYS_ACL_FREE_ACL, (result >= 0), handle,
- "");
-
- return result;
-}
-
-static int audit_sys_acl_free_qualifier(vfs_handle_struct *handle,
- connection_struct *conn,
- void *qualifier,
- SMB_ACL_TAG_T tagtype)
-{
- int result;
-
- result = SMB_VFS_NEXT_SYS_ACL_FREE_QUALIFIER(handle, conn, qualifier,
- tagtype);
-
- do_log(SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER, (result >= 0), handle,
- "");
-
- return result;
-}
-
-static ssize_t audit_getxattr(struct vfs_handle_struct *handle,
- struct connection_struct *conn, const char *path,
- const char *name, void *value, size_t size)
-{
- ssize_t result;
-
- result = SMB_VFS_NEXT_GETXATTR(handle, conn, path, name, value, size);
-
- do_log(SMB_VFS_OP_GETXATTR, (result >= 0), handle,
- "%s|%s", path, name);
-
- return result;
-}
-
-static ssize_t audit_lgetxattr(struct vfs_handle_struct *handle,
- struct connection_struct *conn,
- const char *path, const char *name,
- void *value, size_t size)
-{
- ssize_t result;
-
- result = SMB_VFS_NEXT_LGETXATTR(handle, conn, path, name, value, size);
-
- do_log(SMB_VFS_OP_LGETXATTR, (result >= 0), handle,
- "%s|%s", path, name);
-
- return result;
-}
-
-static ssize_t audit_fgetxattr(struct vfs_handle_struct *handle,
- struct files_struct *fsp, int fd,
- const char *name, void *value, size_t size)
-{
- ssize_t result;
-
- result = SMB_VFS_NEXT_FGETXATTR(handle, fsp, fd, name, value, size);
-
- do_log(SMB_VFS_OP_FGETXATTR, (result >= 0), handle,
- "%s|%s", fsp->fsp_name, name);
-
- return result;
-}
-
-static ssize_t audit_listxattr(struct vfs_handle_struct *handle,
- struct connection_struct *conn,
- const char *path, char *list, size_t size)
-{
- ssize_t result;
-
- result = SMB_VFS_NEXT_LISTXATTR(handle, conn, path, list, size);
-
- do_log(SMB_VFS_OP_LISTXATTR, (result >= 0), handle, "%s", path);
-
- return result;
-}
-
-static ssize_t audit_llistxattr(struct vfs_handle_struct *handle,
- struct connection_struct *conn,
- const char *path, char *list, size_t size)
-{
- ssize_t result;
-
- result = SMB_VFS_NEXT_LLISTXATTR(handle, conn, path, list, size);
-
- do_log(SMB_VFS_OP_LLISTXATTR, (result >= 0), handle, "%s", path);
-
- return result;
-}
-
-static ssize_t audit_flistxattr(struct vfs_handle_struct *handle,
- struct files_struct *fsp, int fd, char *list,
- size_t size)
-{
- ssize_t result;
-
- result = SMB_VFS_NEXT_FLISTXATTR(handle, fsp, fd, list, size);
-
- do_log(SMB_VFS_OP_FLISTXATTR, (result >= 0), handle,
- "%s", fsp->fsp_name);
-
- return result;
-}
-
-static int audit_removexattr(struct vfs_handle_struct *handle,
- struct connection_struct *conn, const char *path,
- const char *name)
-{
- int result;
-
- result = SMB_VFS_NEXT_REMOVEXATTR(handle, conn, path, name);
-
- do_log(SMB_VFS_OP_REMOVEXATTR, (result >= 0), handle,
- "%s|%s", path, name);
-
- return result;
-}
-
-static int audit_lremovexattr(struct vfs_handle_struct *handle,
- struct connection_struct *conn, const char *path,
- const char *name)
-{
- int result;
-
- result = SMB_VFS_NEXT_LREMOVEXATTR(handle, conn, path, name);
-
- do_log(SMB_VFS_OP_LREMOVEXATTR, (result >= 0), handle,
- "%s|%s", path, name);
-
- return result;
-}
-
-static int audit_fremovexattr(struct vfs_handle_struct *handle,
- struct files_struct *fsp, int fd,
- const char *name)
-{
- int result;
-
- result = SMB_VFS_NEXT_FREMOVEXATTR(handle, fsp, fd, name);
-
- do_log(SMB_VFS_OP_FREMOVEXATTR, (result >= 0), handle,
- "%s|%s", fsp->fsp_name, name);
-
- return result;
-}
-
-static int audit_setxattr(struct vfs_handle_struct *handle,
- struct connection_struct *conn, const char *path,
- const char *name, const void *value, size_t size,
- int flags)
-{
- int result;
-
- result = SMB_VFS_NEXT_SETXATTR(handle, conn, path, name, value, size,
- flags);
-
- do_log(SMB_VFS_OP_SETXATTR, (result >= 0), handle,
- "%s|%s", path, name);
-
- return result;
-}
-
-static int audit_lsetxattr(struct vfs_handle_struct *handle,
- struct connection_struct *conn, const char *path,
- const char *name, const void *value, size_t size,
- int flags)
-{
- int result;
-
- result = SMB_VFS_NEXT_LSETXATTR(handle, conn, path, name, value, size,
- flags);
-
- do_log(SMB_VFS_OP_LSETXATTR, (result >= 0), handle,
- "%s|%s", path, name);
-
- return result;
-}
-
-static int audit_fsetxattr(struct vfs_handle_struct *handle,
- struct files_struct *fsp, int fd, const char *name,
- const void *value, size_t size, int flags)
-{
- int result;
-
- result = SMB_VFS_NEXT_FSETXATTR(handle, fsp, fd, name, value, size,
- flags);
-
- do_log(SMB_VFS_OP_FSETXATTR, (result >= 0), handle,
- "%s|%s", fsp->fsp_name, name);
-
- return result;
-}
-
-NTSTATUS vfs_full_audit_init(void)
-{
- NTSTATUS ret = smb_register_vfs(SMB_VFS_INTERFACE_VERSION,
- "full_audit", audit_op_tuples);
-
- if (!NT_STATUS_IS_OK(ret))
- return ret;
-
- vfs_full_audit_debug_level = debug_add_class("full_audit");
- if (vfs_full_audit_debug_level == -1) {
- vfs_full_audit_debug_level = DBGC_VFS;
- DEBUG(0, ("vfs_full_audit: Couldn't register custom debugging "
- "class!\n"));
- } else {
- DEBUG(10, ("vfs_full_audit: Debug class number of "
- "'full_audit': %d\n", vfs_full_audit_debug_level));
- }
-
- return ret;
-}
-
diff --git a/source/printing/notify.c b/source/printing/notify.c
index 7750239630c..26ef191f877 100644
--- a/source/printing/notify.c
+++ b/source/printing/notify.c
@@ -463,6 +463,15 @@ void notify_printer_sharename(int snum, char *share_name)
snum, strlen(share_name) + 1, share_name);
}
+void notify_printer_printername(int snum, char *printername)
+{
+ const char *printer_name = SERVICE(snum);
+
+ send_notify_field_buffer(
+ printer_name, PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_PRINTER_NAME,
+ snum, strlen(printername) + 1, printername);
+}
+
void notify_printer_port(int snum, char *port_name)
{
const char *printer_name = SERVICE(snum);
diff --git a/source/printing/printing.c b/source/printing/printing.c
index 2355dd14506..2274e2d5f45 100644
--- a/source/printing/printing.c
+++ b/source/printing/printing.c
@@ -971,7 +971,7 @@ static void check_job_changed(int snum, TDB_DATA data, uint32 jobid)
Update the internal database from the system print queue for a queue.
****************************************************************************/
-static void print_queue_update(int snum)
+static void print_queue_update_internal(int snum)
{
int i, qcount;
print_queue_struct *queue = NULL;
@@ -1151,6 +1151,73 @@ static void print_queue_update(int snum)
}
/****************************************************************************
+this is the receive function of the background lpq updater
+****************************************************************************/
+static void print_queue_receive(int msg_type, pid_t src, void *buf, size_t len)
+{
+ int snum;
+ snum=*((int *)buf);
+ print_queue_update_internal(snum);
+}
+
+static pid_t background_lpq_updater_pid = -1;
+
+/****************************************************************************
+main thread of the background lpq updater
+****************************************************************************/
+void start_background_queue(void)
+{
+ DEBUG(3,("start_background_queue: Starting background LPQ thread\n"));
+ background_lpq_updater_pid = sys_fork();
+
+ if (background_lpq_updater_pid == -1) {
+ DEBUG(5,("start_background_queue: background LPQ thread failed to start. %s\n", strerror(errno) ));
+ exit(1);
+ }
+
+ if(background_lpq_updater_pid == 0) {
+ /* Child. */
+ DEBUG(5,("start_background_queue: background LPQ thread started\n"));
+
+ claim_connection( NULL, "smbd lpq backend", 0, False,
+ FLAG_MSG_GENERAL|FLAG_MSG_SMBD|FLAG_MSG_PRINTING );
+
+ if (!locking_init(0)) {
+ exit(1);
+ }
+
+ if (!print_backend_init()) {
+ exit(1);
+ }
+
+ message_register(MSG_PRINTER_UPDATE, print_queue_receive);
+
+ DEBUG(5,("start_background_queue: background LPQ thread waiting for messages\n"));
+ while (1) {
+ pause();
+ DEBUG(10,("start_background_queue: background LPQ thread got a message\n"));
+ message_dispatch();
+ }
+ }
+}
+
+/****************************************************************************
+update the internal database from the system print queue for a queue
+****************************************************************************/
+static void print_queue_update(int snum)
+{
+ /*
+ * Make sure that the backgroup queueu process exists.
+ * Otherwise just do the update ourselves
+ */
+
+ if ( background_lpq_updater_pid != -1 )
+ message_send_pid(background_lpq_updater_pid, MSG_PRINTER_UPDATE, &snum, sizeof(snum), False);
+ else
+ print_queue_update_internal( snum );
+}
+
+/****************************************************************************
Create/Update an entry in the print tdb that will allow us to send notify
updates only to interested smbd's.
****************************************************************************/
diff --git a/source/rpc_server/srv_spoolss_nt.c b/source/rpc_server/srv_spoolss_nt.c
index 3b1bb5ede5d..65d5517da45 100644
--- a/source/rpc_server/srv_spoolss_nt.c
+++ b/source/rpc_server/srv_spoolss_nt.c
@@ -473,9 +473,11 @@ static BOOL set_printer_hnd_name(Printer_entry *Printer, char *handlename)
{
int snum;
int n_services=lp_numservices();
- char *aprinter;
+ char *aprinter, *printername;
fstring sname;
BOOL found=False;
+ NT_PRINTER_INFO_LEVEL *printer;
+ WERROR result;
DEBUG(4,("Setting printer name=%s (len=%lu)\n", handlename, (unsigned long)strlen(handlename)));
@@ -496,16 +498,9 @@ static BOOL set_printer_hnd_name(Printer_entry *Printer, char *handlename)
aprinter=handlename;
}
- DEBUGADD(5,("searching for [%s] (len=%lu)\n", aprinter, (unsigned long)strlen(aprinter)));
+ DEBUGADD(5, ("searching for [%s] (len=%lu)\n", aprinter, (unsigned long)strlen(aprinter)));
- /*
- * The original code allowed smbd to store a printer name that
- * was different from the share name. This is not possible
- * anymore, so I've simplified this loop greatly. Here
- * we are just verifying that the printer name is a valid
- * printer service defined in smb.conf
- * --jerry [Fri Feb 15 11:17:46 CST 2002]
- */
+ /* have to search on sharename and PRINTER_INFO2->printername */
for (snum=0; snum<n_services; snum++) {
@@ -514,13 +509,45 @@ static BOOL set_printer_hnd_name(Printer_entry *Printer, char *handlename)
fstrcpy(sname, lp_servicename(snum));
- DEBUGADD(5,("share:%s\n",sname));
+ DEBUGADD(10, ("share: %s\n",sname));
- if (! StrCaseCmp(sname, aprinter)) {
+ /* sharename */
+ if ( strequal(sname, aprinter) ) {
found = True;
break;
}
-
+
+ /* printername */
+ printer = NULL;
+ result = get_a_printer( NULL, &printer, 2, sname );
+ if ( !W_ERROR_IS_OK(result) ) {
+ DEBUG(0,("set_printer_hnd_name: failed to lookup printer [%s] -- result [%s]\n",
+ sname, dos_errstr(result)));
+ continue;
+ }
+
+ /* printername is always returned as \\server\printername */
+ if ( !(printername = strchr_m(&printer->info_2->printername[2], '\\')) ) {
+ DEBUG(0,("set_printer_hnd_name: info2->printername in wrong format! [%s]\n",
+ printer->info_2->printername));
+ free_a_printer( &printer, 2);
+ continue;
+ }
+
+ /* FIXME!! not mb safe here */
+ printername++;
+
+ /* sharename */
+ if ( strequal(printername, aprinter) ) {
+ found = True;
+ }
+
+ DEBUGADD(10, ("printername: %s\n", printername));
+
+ free_a_printer( &printer, 2);
+
+ if ( found )
+ break;
}
@@ -5854,14 +5881,28 @@ static WERROR update_printer_sec(POLICY_HND *handle, uint32 level,
static BOOL check_printer_ok(NT_PRINTER_INFO_LEVEL_2 *info, int snum)
{
+ fstring printername;
+ const char *p;
+
DEBUG(5,("check_printer_ok: servername=%s printername=%s sharename=%s portname=%s drivername=%s comment=%s location=%s\n",
info->servername, info->printername, info->sharename, info->portname, info->drivername, info->comment, info->location));
/* we force some elements to "correct" values */
slprintf(info->servername, sizeof(info->servername)-1, "\\\\%s", get_called_name());
fstrcpy(info->sharename, lp_servicename(snum));
+
+ /* make sure printername is in \\server\printername format */
+
+ fstrcpy( printername, info->printername );
+ p = printername;
+ if ( printername[0] == '\\' && printername[1] == '\\' ) {
+ if ( (p = strchr_m( &printername[2], '\\' )) != NULL )
+ p++;
+ }
+
slprintf(info->printername, sizeof(info->printername)-1, "\\\\%s\\%s",
- get_called_name(), info->sharename);
+ get_called_name(), p );
+
info->attributes = PRINTER_ATTRIBUTE_SAMBA;
@@ -6057,14 +6098,28 @@ static WERROR update_printer(pipes_struct *p, POLICY_HND *handle, uint32 level,
if (!strequal(printer->info_2->sharename, old_printer->info_2->sharename)) {
init_unistr2( &buffer, printer->info_2->sharename, UNI_STR_TERMINATE);
- set_printer_dataex( printer, SPOOL_DSSPOOLER_KEY, "printerName",
- REG_SZ, (uint8*)buffer.buffer, buffer.uni_str_len*2 );
set_printer_dataex( printer, SPOOL_DSSPOOLER_KEY, "shareName",
REG_SZ, (uint8*)buffer.buffer, buffer.uni_str_len*2 );
notify_printer_sharename(snum, printer->info_2->sharename);
}
+ if (!strequal(printer->info_2->printername, old_printer->info_2->printername)) {
+ char *pname;
+
+ if ( (pname = strchr_m( printer->info_2->printername+2, '\\' )) != NULL )
+ pname++;
+ else
+ pname = printer->info_2->printername;
+
+
+ init_unistr2( &buffer, pname, UNI_STR_TERMINATE);
+ set_printer_dataex( printer, SPOOL_DSSPOOLER_KEY, "printerName",
+ REG_SZ, (uint8*)buffer.buffer, buffer.uni_str_len*2 );
+
+ notify_printer_printername( snum, pname );
+ }
+
if (!strequal(printer->info_2->portname, old_printer->info_2->portname)) {
init_unistr2( &buffer, printer->info_2->portname, UNI_STR_TERMINATE);
set_printer_dataex( printer, SPOOL_DSSPOOLER_KEY, "portName",
@@ -8750,19 +8805,19 @@ WERROR _spoolss_setprinterdataex(pipes_struct *p, SPOOL_Q_SETPRINTERDATAEX *q_u,
{
/* save the OID if one was specified */
if ( oid_string ) {
- fstrcat( keyname, "\\" );
- fstrcat( keyname, SPOOL_OID_KEY );
+ fstrcat( keyname, "\\" );
+ fstrcat( keyname, SPOOL_OID_KEY );
- /*
- * I'm not checking the status here on purpose. Don't know
- * if this is right, but I'm returning the status from the
- * previous set_printer_dataex() call. I have no idea if
- * this is right. --jerry
- */
+ /*
+ * I'm not checking the status here on purpose. Don't know
+ * if this is right, but I'm returning the status from the
+ * previous set_printer_dataex() call. I have no idea if
+ * this is right. --jerry
+ */
- set_printer_dataex( printer, keyname, valuename,
- REG_SZ, (void*)oid_string, strlen(oid_string)+1 );
- }
+ set_printer_dataex( printer, keyname, valuename,
+ REG_SZ, (void*)oid_string, strlen(oid_string)+1 );
+ }
status = mod_a_printer(*printer, 2);
}
diff --git a/source/smbd/server.c b/source/smbd/server.c
index f25d42711db..343a835be8a 100644
--- a/source/smbd/server.c
+++ b/source/smbd/server.c
@@ -849,12 +849,13 @@ void build_options(BOOL screen);
/* Setup the main smbd so that we can get messages. */
claim_connection(NULL,"",0,True,FLAG_MSG_GENERAL|FLAG_MSG_SMBD);
- /*
- DO NOT ENABLE THIS TILL YOU COPE WITH KILLING THESE TASKS AND INETD
- THIS *killed* LOTS OF BUILD FARM MACHINES. IT CREATED HUNDREDS OF
- smbd PROCESSES THAT NEVER DIE
- start_background_queue();
- */
+ /* only start the background queue daemon if we are
+ running as a daemon -- bad things will happen if
+ smbd is launched via inetd and we fork a copy of
+ ourselves here */
+
+ if ( is_daemon )
+ start_background_queue();
if (!open_sockets_smbd(is_daemon, interactive, ports))
exit(1);
View Lorry Controller Status