Re: [Samba] Security Policy.

[Agustin Eguia]

I don't think that saying RTFM is the best approach... but anyway...

I already readed the manual and found the information given there  
somewhat confusing at least for people who hasn't been working with  
samba for a long time. I edited my smb.conf file and added the  
following lines :


[records]
vfs objects = full_audit
path = /shared/records
full_audit:prefix = %u|%I|%T|%M|%m
full_audit:success = open opendir read readdir rmdir sendfile  
write chmod chmod_acl chown connect disconnect mkdir

full_audit:failure = all

I restarted the smb service but there are no log files to be found at  
the path I gave, am I missing something ? Also I don't know in the  
following line full_audit:facility = LOCAL7 what LOCAL7 stands for.  
I tryed opening various files on the shares from another computer and  
nothing happened



Thanks,


A.


Le 15-juil.-09 à 21:52, Linux Addict a écrit :




On Wed, Jul 15, 2009 at 8:38 AM, Agustin Eguia agustin.eg...@gmail.com 
 wrote:

Already did that,

What I don't get is where do I enable the module, is it in  
smb.conf ? I suppose it will run with the smbd daemon, and that I  
can define wich share will be logged... but I really don't know  
where to configure this.



Thanks,


A.


Le 15-juil.-09 à 14:33, Volker Lendecke a écrit :


On Wed, Jul 15, 2009 at 02:23:49PM +0200, Agustin Eguia wrote:
Can you be more explicit about this module ? I searched the net but
found only confusing things about it. Can it log every file, folder
read/write access on the share ? This is mostly for security  
purposes. I
found that this is a samba module, but how do I use it, set it up,  
etc.


Yes, it can log every file operation that Samba ever does.

man vfs_full_audit

contains an example of its use.

Volker

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Yes. Its on smb.conf and part of samba already. You dont need to  
enable anything.


Use smb.conf directive  vfs objects = .

 [records]
path = /data/records
vfs objects = full_audit
full_audit:prefix = %u|%I
full_audit:success = open opendir
full_audit:failure = all
full_audit:facility = LOCAL7
full_audit:priority = ALERT

If you have any questions, please RTFM again.



--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Security Policy.

[Agustin Eguia]

Hello everyone,

I'm actually sharing using samba three folders with some important  
content inside of it. I would like to know if it's possible to log  
every file read, write, delete, etc. I've been looking on the web and  
found that SELinux maybe is the answer, I've already installed  
everything but I have no clue on how to work with this. Does anybody  
alreay have experience with this ?



Thanks a lot,



A.
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Security Policy.

[Agustin Eguia]

Hello Volker,

Can you be more explicit about this module ? I searched the net but  
found only confusing things about it. Can it log every file, folder  
read/write access on the share ? This is mostly for security purposes.  
I found that this is a samba module, but how do I use it, set it up,  
etc.



Thanks,


A.


Le 15-juil.-09 à 11:57, Volker Lendecke a écrit :


On Wed, Jul 15, 2009 at 11:51:52AM +0200, Agustin Eguia wrote:

I'm actually sharing using samba three folders with some important
content inside of it. I would like to know if it's possible to log  
every

file read, write, delete, etc. I've been looking on the web and found
that SELinux maybe is the answer, I've already installed everything  
but I

have no clue on how to work with this. Does anybody alreay have
experience with this ?


Look at the full_audit VFS module.

Volker


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Security Policy.

[Agustin Eguia]

Already did that,

What I don't get is where do I enable the module, is it in smb.conf ?  
I suppose it will run with the smbd daemon, and that I can define wich  
share will be logged... but I really don't know where to configure this.



Thanks,


A.


Le 15-juil.-09 à 14:33, Volker Lendecke a écrit :


On Wed, Jul 15, 2009 at 02:23:49PM +0200, Agustin Eguia wrote:

Can you be more explicit about this module ? I searched the net but
found only confusing things about it. Can it log every file, folder
read/write access on the share ? This is mostly for security  
purposes. I
found that this is a samba module, but how do I use it, set it up,  
etc.


Yes, it can log every file operation that Samba ever does.

man vfs_full_audit

contains an example of its use.

Volker


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Samba + RAID + High speed...

[Agustin Eguia]

Hello everyone,

I have some questions regarding RAID5 + XFS + Samba + High speed 
network. I have configured a server with an Areca Controler (SATA) with 
10 x 1 TB HDs. The controle is configured with two RAID5, one of 5 TB 
the other 3 TB. The machine also has 8Gb of ram, the OS runs on a SDD 
drive (no mechanical parts), and has two dual quadcore Opterons.


I formated the partitions with XFS to have the best speed. The two RAID 
partitions are mounted over specific folders that are shared via Samba 
to the network.


Since a lot of data will be moved I created a bonding over 6 Intel Gbit 
ports connected to the switch (the switch is also configured with the 
proper LAG).


I still feel this configuration could be running faster, anyone has 
any idea where I could optimize it ? (the XFS format paramaters, Areca 
setup, bonding parameters, etc).


I know this is not specialy Samba related, but it's the first time I 
drop on the network a linux server for high speed storage by myself, so 
I'm sure there are a lot of things that can be tuned.




Thanks,



A.
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Samba + LDAP problem

[Agustin Eguia]

Hello everyone, I have a question here that has been giving me troubles :

I installed my PDC with samba + LDAP... everything seems to work just 
fine (user creation, population, groups, users and machines connecting 
to the domain)... but one thing keeps not working : net getlocalsid... I 
keep getting this message : Can't fetch domain SID for name: MACHINENAME



I searched the internet like crazy even asked in IRC channels but no 
luck... can anyone enlight me on this one ?



Thanks,


A.
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Samba + LDAP problem

[Agustin Eguia]

Hello everyone, I have a question here that has been giving me troubles :

I installed my PDC with samba + LDAP... everything seems to work just 
fine (user creation, population, groups, users and machines connecting 
to the domain)... but one thing keeps not working : net getlocalsid... I 
keep getting this message : Can't fetch domain SID for name: MACHINENAME



I searched the internet like crazy even asked in IRC channels but no 
luck... can anyone enlight me on this one ?



Thanks,


A.
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba