auditing

[Andy Bakun]

David Bear wrote:

> I don't allow users to log in interactively to the linux box.  Is there a
> way that samba can 'audit' file accesses?  We're concerned about tracking
> down possible 'unauthorized' erasures of files.  Can samba syslog file
> erase transactions?

Check out

http://www.reac.com/samba/samba-audit.html

Which does exactly that.  Recording deletions is the reason I wrote it, in
fact.