[Samba] Security Policy.

Jonathon Doran jon at doransw.com
Thu Jul 16 07:18:49 MDT 2009

Quoting Agustin Eguia <agustin.eguia at gmail.com>:

> I already readed the manual and found the information given there
> somewhat confusing at least for people who hasn't been working with
> samba for a long time. I edited my smb.conf file and added the
> following lines :
> [records]
>         vfs objects = full_audit
>         path = /shared/records
>         full_audit:prefix = %u|%I|%T|%M|%m
>         full_audit:success = open opendir read readdir rmdir sendfile
> write chmod chmod_acl chown connect disconnect mkdir
>         full_audit:failure = all
> I restarted the smb service but there are no log files to be found at
> the path I gave, am I missing something ? Also I don't know in the
> following line "full_audit:facility = LOCAL7" what LOCAL7 stands for. I
> tryed opening various files on the shares from another computer and
> nothing happened

Samba requires a certain level of familiarity with Unix.  You need to
learn this stuff.  In the case of the audit facility, while I haven't
used it nor read up on it I recognize LOCAL7 as a syslog logging facility.
Please go read "man rsyslogd" or "man syslogd" if you have an older system.
You'll then need to edit the configuration file for your logging system,
for example /etc/rsyslog.conf on my system, and indicate where you'd like the
data logged.

The log files are not stored at the path, the path is the directory  
you are exporting to other machines.

More information about the samba mailing list