vfs_full_audit annoyances on major version upgrades
Andrew Walker
awalker at ixsystems.com
Fri Mar 26 12:38:04 UTC 2021
I've noticed that several users (including one in the samba lists just now)
got bitten by vfs_full_audit on major version upgrades. Due to VFS
modernization, user's full_audit:success / failure configuration strings
may be invalid post-upgrade. A concrete example is "full_audit:success =
unlink". What makes this particularly painful is that full_audit will
default to logging _everything_ if it encounters an unrecognized parameter.
What do you think of doing something like the following:
https://github.com/truenas/ports/blob/truenas/12.0-stable/net/samba/files/patch-source3__modules__vfs_full_audit.c
Basically:
1) expand table for vfs_op_names to include an "old" name to use for
lookups as well (so that "unlink" logs "unlinkat")
2) fail Tree Connect with a concrete error message printed at DBG_ERR if
logging parameters are invalid.
Andrew
More information about the samba-technical
mailing list