On Wed, Dec 09, 2009 at 06:13:35PM -0500, Lennart Sorensen wrote: > On Wed, Dec 09, 2009 at 11:33:46PM +0100, Volker Lendecke wrote: > > On Wed, Dec 09, 2009 at 12:29:21PM -0500, Lennart Sorensen wrote: > > > On Wed, Dec 09, 2009 at 05:47:18PM +0100, Tomasz Przewlucki wrote: > > > > I had implemented on one of my shares vfs full_audit module. It was > > > > working with Samba 3.0.x without any problems. > > > > > > > > After migration to Samba 3.4.3 this function doesn't work anymore - > > > > when > > > > it's enabled then share isn't accessible from users (it's visible but > > > > getting error when trying to connect to it). > > > > Audit and extd_audit vfs's are working fine, but they doesn't meet my > > > > requirements. > > > > > > > > I've tried full_audit on shares with and without extended attributes > > > > (ext3 with xattr), getting same results. > > > > > > Well it broke everything for me too when I enabled it. I did not try > > > it before though so I have no idea that it used to work. I had to turn > > > it off right away. It sure seems like tha full_audit is totally broken > > > at this time (well it logs lots of stuff, it just prevents users from > > > doing anything too). > > > > With a freshly compiled v3-4-test (not very far away from > > 3.4.3, I'm not aware of significant VFS changes), I set up a > > share tmp: > > > > [tmp] > > path = /tmp > > read only = No > > available = yes > > vfs objects = full_audit > > full_audit:prefix = %u|%I > > full_audit:success = mkdir rename rmdir write open > > full_audit:failure = none > > > > I could connect just fine and do things. What is your exact > > problem? Do you have logfiles, or an a bit more exact > > description how to reproduce your failure? > > I use posix acl's on ext3 filesystem. I get failures in the log about > getxattr calls. The user can't read any files, but they can browse > directories just fine. The unix permissions alone prevent access, > while the posix acl's are giving access to the users in this case. > > The only thing needed to break it is adding 'vfs objects = full_audit'. > Without that, it works fine. It seems at least in my case that the > full_audit breaks posix acl support at least. > > What kind of logs would be useful?
The error I see in the audit log is: Dec 3 16:41:50 rceng01 smbd_audit: <username>|<userip>|getxattr|fail (Operation not supported)|<QA/Test-Procedures-Work/Proc-UCP/scripts/no-static-vlan.txt|user.SAMBA_PAI -- Len Sorensen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
