[Samba] VFS full_audit problem

Tomasz Przewlucki tomasz.przewlucki at obram.pl
Wed Dec 9 09:47:18 MST 2009 

Hi all,

I had implemented on one of my shares vfs full_audit module. It was 
working with Samba 3.0.x without any problems.

After migration to Samba 3.4.3 this function doesn't work anymore - when 
it's enabled then share isn't accessible from users (it's visible but 
getting error when trying to connect to it).
Audit and extd_audit vfs's are working fine, but they doesn't meet my 
requirements.

I've tried full_audit on shares with and without extended attributes 
(ext3 with xattr), getting same results.

In samba debug:10 log i couldn't see anything strange, so i want first 
to ask if there is anybody with working vfs full_audit on samba 3.4.3  ?

My smb.conf:

# Global parameters
[global]
workgroup = OBRAM
netbios name = PASSAT
server string = OBRAM_PDC
security = user
interfaces = 192.168.0.13 10.0.0.113
smb ports = 139 445
time server = Yes
#
encrypt passwords = yes
enable privileges = yes
obey pam restrictions = No
username map = /etc/samba/smbusers
#
msdfs root = yes
#
log level = 1 vfs:1
#log level = 10
syslog = 3
log file = /var/log/samba/log.%m
max log size = 10000
#
mangling method = hash2
dos charset = 852
Unix charset = UTF-8
display charset = UTF-8
#
logon script = "%G.bat"
logon drive = H:
logon home =
logon path =
lanman auth = no
ntlm auth = no
client ntlmv2 auth = yes
#
nt acl support = yes
#
map hidden = no
map system = no
map archive = no
ea support = yes
map acl inherit = yes
store dos attributes = yes
#
domain logons = Yes
oslevel = 65
preferred master = Yes
domain master = Yes
wins support = Yes
local master = yes
#
passdb backend = ldapsam:"ldap://127.0.0.1 ldap://192.168.0.40"
#
ldapsam:trusted = yes
ldapsam:editposix = yes
#
ldap admin dn = cn=samba,ou=DSA,dc=obram
ldap suffix = dc=obram
ldap user suffix = ou=Users
ldap group suffix = ou=Groups
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=Idmap
#ldap ssl = start tls
ldap ssl = no
ldap delete dn = Yes
ldap passwd sync = Yes
#
idmap uid = 111000-120000
idmap gid = 111000-120000
idmap backend = ldap:"ldap://127.0.0.1 ldap://192.168.0.40"
idmap alloc backend = ldap
idmap alloc config:ldap_base_dn = ou=Idmap,dc=obram
idmap alloc config:ldap_user_dn = cn=samba,ou=DSA,dc=obram
idmap alloc config:ldap_url = ldap://localhost
idmap alloc config:range = 111000-120000
#
template homedir = /home/samba/users/%U
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
#
create mask = 0640
directory mask = 0750
deadtime = 10
guest account = nobody
map to guest = Bad User
dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd
#
preserve case = yes
short preserve case = yes
case sensitive = auto
load printers = Yes
printing = cups
printcap name = cups
show add printer wizard = yes
#
kernel oplocks = no
#
veto oplock files = /*.mdb/*.MDB/*.pst/*.PST/
#
# NEW Samba 3.4
max open files = 10000
max stat cache size = 1024
registry shares = no

#and this unworking with full_audit share:
[temp]
     comment = katalog kasowany co noc
     path = /home/samba/temp/
     browseable = Yes
     guest ok = Yes
     read only = No
     directory mask = 0755
     create mask = 0644
     vfs objects = full_audit
     full_audit:prefix = %u|%I
     full_audit:success = mkdir rename rmdir write open
     full_audit:failure = none
     csc policy = disable
     hide files = /desktop.ini/recycled/RECYCLER/autorun.inf/explorer.exe/

Best regards,
Tomasz Przewlucki

More information about the samba mailing list