<simplelist>
<member>aio_force</member>
- <member>audit_file</member>
<member>brl_lock_windows</member>
<member>brl_unlock_windows</member>
<member>chdir</member>
return false;
}
-static NTSTATUS skel_audit_file(struct vfs_handle_struct *handle,
- struct smb_filename *file,
- struct security_acl *sacl,
- uint32_t access_requested,
- uint32_t access_denied)
-{
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
static NTSTATUS skel_durable_cookie(struct vfs_handle_struct *handle,
struct files_struct *fsp,
TALLOC_CTX *mem_ctx,
.parent_pathname_fn = skel_parent_pathname,
.fsctl_fn = skel_fsctl,
.freaddir_attr_fn = skel_freaddir_attr,
- .audit_file_fn = skel_audit_file,
/* DOS attributes. */
.get_dos_attributes_send_fn = skel_get_dos_attributes_send,
return SMB_VFS_NEXT_AIO_FORCE(handle, fsp);
}
-static NTSTATUS skel_audit_file(struct vfs_handle_struct *handle,
- struct smb_filename *file,
- struct security_acl *sacl,
- uint32_t access_requested,
- uint32_t access_denied)
-{
- return SMB_VFS_NEXT_AUDIT_FILE(handle,
- file,
- sacl,
- access_requested,
- access_denied);
-}
-
static NTSTATUS skel_durable_cookie(struct vfs_handle_struct *handle,
struct files_struct *fsp,
TALLOC_CTX *mem_ctx,
.parent_pathname_fn = skel_parent_pathname,
.fsctl_fn = skel_fsctl,
.freaddir_attr_fn = skel_freaddir_attr,
- .audit_file_fn = skel_audit_file,
/* DOS attributes. */
.get_dos_attributes_send_fn = skel_get_dos_attributes_send,
* Change to Version 52 - will ship with 4.24
* Version 52 - Add rename_stream
* Version 52 - Remove connectpath
+ * Version 52 - Remove audit_file
*/
#define SMB_VFS_INTERFACE_VERSION 51
uint32_t security_info_sent,
const struct security_descriptor *psd);
- NTSTATUS (*audit_file_fn)(struct vfs_handle_struct *handle,
- struct smb_filename *file,
- struct security_acl *sacl,
- uint32_t access_requested,
- uint32_t access_denied);
-
/* POSIX ACL operations. */
SMB_ACL_T (*sys_acl_get_fd_fn)(struct vfs_handle_struct *handle,
struct files_struct *fsp,
uint32_t security_info_sent,
const struct security_descriptor *psd);
-NTSTATUS smb_vfs_call_audit_file(struct vfs_handle_struct *handle,
- struct smb_filename *file,
- struct security_acl *sacl,
- uint32_t access_requested,
- uint32_t access_denied);
int smb_vfs_call_chmod_acl(struct vfs_handle_struct *handle,
const struct smb_filename *file,
mode_t mode);
int flags);
bool vfs_not_implemented_aio_force(struct vfs_handle_struct *handle,
struct files_struct *fsp);
-NTSTATUS vfs_not_implemented_audit_file(struct vfs_handle_struct *handle,
- struct smb_filename *file,
- struct security_acl *sacl,
- uint32_t access_requested,
- uint32_t access_denied);
NTSTATUS vfs_not_implemented_durable_cookie(struct vfs_handle_struct *handle,
struct files_struct *fsp,
TALLOC_CTX *mem_ctx,
#define SMB_VFS_NEXT_FGET_NT_ACL(handle, fsp, security_info, mem_ctx, ppdesc) \
smb_vfs_call_fget_nt_acl((handle)->next, (fsp), (security_info), (mem_ctx), (ppdesc))
-#define SMB_VFS_AUDIT_FILE(conn, name, sacl, access_requested, access_denied) \
- smb_vfs_call_audit_file((conn)->vfs_handles, (name), (sacl), (access_requested), (access_denied))
-#define SMB_VFS_NEXT_AUDIT_FILE(handle, name, sacl, access_requested, access_denied) \
- smb_vfs_call_audit_file((handle)->next, (name), (sacl), (access_requested), (access_denied))
-
#define SMB_VFS_FSET_NT_ACL(fsp, security_info_sent, psd) \
smb_vfs_call_fset_nt_acl((fsp)->conn->vfs_handles, (fsp), (security_info_sent), (psd))
#define SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, security_info_sent, psd) \
return result;
}
-static NTSTATUS vfswrap_audit_file(struct vfs_handle_struct *handle,
- struct smb_filename *file,
- struct security_acl *sacl,
- uint32_t access_requested,
- uint32_t access_denied)
-{
- return NT_STATUS_OK; /* Nothing to do here ... */
-}
-
static SMB_ACL_T vfswrap_sys_acl_get_fd(vfs_handle_struct *handle,
files_struct *fsp,
SMB_ACL_TYPE_T type,
.fget_nt_acl_fn = vfswrap_fget_nt_acl,
.fset_nt_acl_fn = vfswrap_fset_nt_acl,
- .audit_file_fn = vfswrap_audit_file,
/* POSIX ACL operations. */
SMB_VFS_OP_FGET_NT_ACL,
SMB_VFS_OP_FSET_NT_ACL,
- SMB_VFS_OP_AUDIT_FILE,
/* POSIX ACL operations. */
{ SMB_VFS_OP_FSET_DOS_ATTRIBUTES, "fset_dos_attributes" },
{ SMB_VFS_OP_FGET_NT_ACL, "fget_nt_acl" },
{ SMB_VFS_OP_FSET_NT_ACL, "fset_nt_acl" },
- { SMB_VFS_OP_AUDIT_FILE, "audit_file" },
{ SMB_VFS_OP_SYS_ACL_GET_FD, "sys_acl_get_fd" },
{ SMB_VFS_OP_SYS_ACL_BLOB_GET_FD, "sys_acl_blob_get_fd" },
{ SMB_VFS_OP_SYS_ACL_SET_FD, "sys_acl_set_fd" },
return result;
}
-static NTSTATUS smb_full_audit_audit_file(struct vfs_handle_struct *handle,
- struct smb_filename *file,
- struct security_acl *sacl,
- uint32_t access_requested,
- uint32_t access_denied)
-{
- NTSTATUS result;
-
- result = SMB_VFS_NEXT_AUDIT_FILE(handle,
- file,
- sacl,
- access_requested,
- access_denied);
-
- do_log(SMB_VFS_OP_AUDIT_FILE, NT_STATUS_IS_OK(result), handle,
- "%s",
- smb_fname_str_do_log(handle->conn, file));
-
- return result;
-}
-
static SMB_ACL_T smb_full_audit_sys_acl_get_fd(vfs_handle_struct *handle,
files_struct *fsp,
SMB_ACL_TYPE_T type,
.fset_dos_attributes_fn = smb_full_audit_fset_dos_attributes,
.fget_nt_acl_fn = smb_full_audit_fget_nt_acl,
.fset_nt_acl_fn = smb_full_audit_fset_nt_acl,
- .audit_file_fn = smb_full_audit_audit_file,
.sys_acl_get_fd_fn = smb_full_audit_sys_acl_get_fd,
.sys_acl_blob_get_fd_fn = smb_full_audit_sys_acl_blob_get_fd,
.sys_acl_set_fd_fn = smb_full_audit_sys_acl_set_fd,
/* NT ACL Operations */
.fget_nt_acl_fn = NULL,
.fset_nt_acl_fn = NULL,
- .audit_file_fn = NULL,
/* Posix ACL Operations */
.sys_acl_get_fd_fn = posixacl_xattr_acl_get_fd,
return false;
}
-_PUBLIC_
-NTSTATUS vfs_not_implemented_audit_file(struct vfs_handle_struct *handle,
- struct smb_filename *file,
- struct security_acl *sacl,
- uint32_t access_requested,
- uint32_t access_denied)
-{
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
_PUBLIC_
NTSTATUS vfs_not_implemented_durable_cookie(struct vfs_handle_struct *handle,
struct files_struct *fsp,
.parent_pathname_fn = vfs_not_implemented_parent_pathname,
.fsctl_fn = vfs_not_implemented_fsctl,
.freaddir_attr_fn = vfs_not_implemented_freaddir_attr,
- .audit_file_fn = vfs_not_implemented_audit_file,
/* DOS attributes. */
.get_dos_attributes_send_fn = vfs_not_implemented_get_dos_attributes_send,
return result;
}
-static NTSTATUS smb_time_audit_audit_file(struct vfs_handle_struct *handle,
- struct smb_filename *smb_fname,
- struct security_acl *sacl,
- uint32_t access_requested,
- uint32_t access_denied)
-{
- NTSTATUS result;
- struct timespec ts1,ts2;
- double timediff;
-
- clock_gettime_mono(&ts1);
- result = SMB_VFS_NEXT_AUDIT_FILE(handle,
- smb_fname,
- sacl,
- access_requested,
- access_denied);
- clock_gettime_mono(&ts2);
- timediff = nsec_time_diff(&ts2,&ts1)*1.0e-9;
-
- if (timediff > audit_timeout) {
- smb_time_audit_log_fname("audit_file",
- timediff,
- smb_fname->base_name);
- }
-
- return result;
-}
-
static SMB_ACL_T smb_time_audit_sys_acl_get_fd(vfs_handle_struct *handle,
files_struct *fsp,
SMB_ACL_TYPE_T type,
.fset_dos_attributes_fn = smb_time_fset_dos_attributes,
.fget_nt_acl_fn = smb_time_audit_fget_nt_acl,
.fset_nt_acl_fn = smb_time_audit_fset_nt_acl,
- .audit_file_fn = smb_time_audit_audit_file,
.sys_acl_get_fd_fn = smb_time_audit_sys_acl_get_fd,
.sys_acl_blob_get_fd_fn = smb_time_audit_sys_acl_blob_get_fd,
.sys_acl_set_fd_fn = smb_time_audit_sys_acl_set_fd,
psd);
}
-NTSTATUS smb_vfs_call_audit_file(struct vfs_handle_struct *handle,
- struct smb_filename *file,
- struct security_acl *sacl,
- uint32_t access_requested,
- uint32_t access_denied)
-{
- VFS_FIND(audit_file);
- return handle->fns->audit_file_fn(handle,
- file,
- sacl,
- access_requested,
- access_denied);
-}
-
SMB_ACL_T smb_vfs_call_sys_acl_get_fd(struct vfs_handle_struct *handle,
struct files_struct *fsp,
SMB_ACL_TYPE_T type,
projects / thirdparty / samba.git / commitdiff
