I don't think that saying RTFM is the best approach... but anyway...
I already readed the manual and found the information given there
somewhat confusing at least for people who hasn't been working with
samba for a long time. I edited my smb.conf file and added the
following lines :
[records]
vfs objects = full_audit
path = /shared/records
full_audit:prefix = %u|%I|%T|%M|%m
full_audit:success = open opendir read readdir rmdir sendfile
write chmod chmod_acl chown connect disconnect mkdir
full_audit:failure = all
I restarted the smb service but there are no log files to be found at
the path I gave, am I missing something ? Also I don't know in the
following line "full_audit:facility = LOCAL7" what LOCAL7 stands for.
I tryed opening various files on the shares from another computer and
nothing happened
Thanks,
A.
Le 15-juil.-09 à 21:52, Linux Addict a écrit :
On Wed, Jul 15, 2009 at 8:38 AM, Agustin Eguia <agustin.eg...@gmail.com
> wrote:
Already did that,
What I don't get is where do I enable the module, is it in
smb.conf ? I suppose it will run with the smbd daemon, and that I
can define wich share will be logged... but I really don't know
where to configure this.
Thanks,
A.
Le 15-juil.-09 à 14:33, Volker Lendecke a écrit :
On Wed, Jul 15, 2009 at 02:23:49PM +0200, Agustin Eguia wrote:
Can you be more explicit about this module ? I searched the net but
found only confusing things about it. Can it log every file, folder
read/write access on the share ? This is mostly for security
purposes. I
found that this is a samba module, but how do I use it, set it up,
etc.
Yes, it can log every file operation that Samba ever does.
"man vfs_full_audit"
contains an example of its use.
Volker
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Yes. Its on smb.conf and part of samba already. You dont need to
enable anything.
Use smb.conf directive "vfs objects = ".
[records]
path = /data/records
vfs objects = full_audit
full_audit:prefix = %u|%I
full_audit:success = open opendir
full_audit:failure = all
full_audit:facility = LOCAL7
full_audit:priority = ALERT
If you have any questions, please RTFM again.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba