[Samba] Security Policy.

Wed Jul 15 13:52:46 MDT 2009

On Wed, Jul 15, 2009 at 8:38 AM, Agustin Eguia <agustin.eguia at gmail.com>wrote:

> Already did that,
>
> What I don't get is where do I enable the module, is it in smb.conf ? I
> suppose it will run with the smbd daemon, and that I can define wich share
> will be logged... but I really don't know where to configure this.
>
>
> Thanks,
>
>
> A.
>
>
> Le 15-juil.-09 à 14:33, Volker Lendecke a écrit :
>
>
>  On Wed, Jul 15, 2009 at 02:23:49PM +0200, Agustin Eguia wrote:
>>
>>> Can you be more explicit about this module ? I searched the net but
>>> found only confusing things about it. Can it log every file, folder
>>> read/write access on the share ? This is mostly for security purposes. I
>>> found that this is a samba module, but how do I use it, set it up, etc.
>>>
>>
>> Yes, it can log every file operation that Samba ever does.
>>
>> "man vfs_full_audit"
>>
>> contains an example of its use.
>>
>> Volker
>>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

Yes. Its on smb.conf and part of samba already. You dont need to enable
anything.

Use smb.conf directive  "vfs objects = ".

     [records]
                path = /data/records
                vfs objects = full_audit
                full_audit:prefix = %u|%I
                full_audit:success = open opendir
                full_audit:failure = all
                full_audit:facility = LOCAL7
                full_audit:priority = ALERT

If you have any questions, please RTFM again.