Re: [Samba] Security Policy.
Quoting Agustin Eguia : I already readed the manual and found the information given there somewhat confusing at least for people who hasn't been working with samba for a long time. I edited my smb.conf file and added the following lines : [records] vfs objects = full_audit path = /shared/records full_audit:prefix = %u|%I|%T|%M|%m full_audit:success = open opendir read readdir rmdir sendfile write chmod chmod_acl chown connect disconnect mkdir full_audit:failure = all I restarted the smb service but there are no log files to be found at the path I gave, am I missing something ? Also I don't know in the following line "full_audit:facility = LOCAL7" what LOCAL7 stands for. I tryed opening various files on the shares from another computer and nothing happened Samba requires a certain level of familiarity with Unix. You need to learn this stuff. In the case of the audit facility, while I haven't used it nor read up on it I recognize LOCAL7 as a syslog logging facility. Please go read "man rsyslogd" or "man syslogd" if you have an older system. You'll then need to edit the configuration file for your logging system, for example /etc/rsyslog.conf on my system, and indicate where you'd like the data logged. The log files are not stored at the path, the path is the directory you are exporting to other machines. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Security Policy.
I don't think that saying RTFM is the best approach... but anyway... I already readed the manual and found the information given there somewhat confusing at least for people who hasn't been working with samba for a long time. I edited my smb.conf file and added the following lines : [records] vfs objects = full_audit path = /shared/records full_audit:prefix = %u|%I|%T|%M|%m full_audit:success = open opendir read readdir rmdir sendfile write chmod chmod_acl chown connect disconnect mkdir full_audit:failure = all I restarted the smb service but there are no log files to be found at the path I gave, am I missing something ? Also I don't know in the following line "full_audit:facility = LOCAL7" what LOCAL7 stands for. I tryed opening various files on the shares from another computer and nothing happened Thanks, A. Le 15-juil.-09 à 21:52, Linux Addict a écrit : On Wed, Jul 15, 2009 at 8:38 AM, Agustin Eguia > wrote: Already did that, What I don't get is where do I enable the module, is it in smb.conf ? I suppose it will run with the smbd daemon, and that I can define wich share will be logged... but I really don't know where to configure this. Thanks, A. Le 15-juil.-09 à 14:33, Volker Lendecke a écrit : On Wed, Jul 15, 2009 at 02:23:49PM +0200, Agustin Eguia wrote: Can you be more explicit about this module ? I searched the net but found only confusing things about it. Can it log every file, folder read/write access on the share ? This is mostly for security purposes. I found that this is a samba module, but how do I use it, set it up, etc. Yes, it can log every file operation that Samba ever does. "man vfs_full_audit" contains an example of its use. Volker -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba Yes. Its on smb.conf and part of samba already. You dont need to enable anything. Use smb.conf directive "vfs objects = ". [records] path = /data/records vfs objects = full_audit full_audit:prefix = %u|%I full_audit:success = open opendir full_audit:failure = all full_audit:facility = LOCAL7 full_audit:priority = ALERT If you have any questions, please RTFM again. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Security Policy.
On Wed, Jul 15, 2009 at 8:38 AM, Agustin Eguia wrote: > Already did that, > > What I don't get is where do I enable the module, is it in smb.conf ? I > suppose it will run with the smbd daemon, and that I can define wich share > will be logged... but I really don't know where to configure this. > > > Thanks, > > > A. > > > Le 15-juil.-09 à 14:33, Volker Lendecke a écrit : > > > On Wed, Jul 15, 2009 at 02:23:49PM +0200, Agustin Eguia wrote: >> >>> Can you be more explicit about this module ? I searched the net but >>> found only confusing things about it. Can it log every file, folder >>> read/write access on the share ? This is mostly for security purposes. I >>> found that this is a samba module, but how do I use it, set it up, etc. >>> >> >> Yes, it can log every file operation that Samba ever does. >> >> "man vfs_full_audit" >> >> contains an example of its use. >> >> Volker >> > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > Yes. Its on smb.conf and part of samba already. You dont need to enable anything. Use smb.conf directive "vfs objects = ". [records] path = /data/records vfs objects = full_audit full_audit:prefix = %u|%I full_audit:success = open opendir full_audit:failure = all full_audit:facility = LOCAL7 full_audit:priority = ALERT If you have any questions, please RTFM again. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Security Policy.
Already did that, What I don't get is where do I enable the module, is it in smb.conf ? I suppose it will run with the smbd daemon, and that I can define wich share will be logged... but I really don't know where to configure this. Thanks, A. Le 15-juil.-09 à 14:33, Volker Lendecke a écrit : On Wed, Jul 15, 2009 at 02:23:49PM +0200, Agustin Eguia wrote: Can you be more explicit about this module ? I searched the net but found only confusing things about it. Can it log every file, folder read/write access on the share ? This is mostly for security purposes. I found that this is a samba module, but how do I use it, set it up, etc. Yes, it can log every file operation that Samba ever does. "man vfs_full_audit" contains an example of its use. Volker -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Security Policy.
On Wed, Jul 15, 2009 at 02:23:49PM +0200, Agustin Eguia wrote: > Can you be more explicit about this module ? I searched the net but > found only confusing things about it. Can it log every file, folder > read/write access on the share ? This is mostly for security purposes. I > found that this is a samba module, but how do I use it, set it up, etc. Yes, it can log every file operation that Samba ever does. "man vfs_full_audit" contains an example of its use. Volker signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Security Policy.
Hello Volker, Can you be more explicit about this module ? I searched the net but found only confusing things about it. Can it log every file, folder read/write access on the share ? This is mostly for security purposes. I found that this is a samba module, but how do I use it, set it up, etc. Thanks, A. Le 15-juil.-09 à 11:57, Volker Lendecke a écrit : On Wed, Jul 15, 2009 at 11:51:52AM +0200, Agustin Eguia wrote: I'm actually sharing using samba three folders with some important content inside of it. I would like to know if it's possible to log every file read, write, delete, etc. I've been looking on the web and found that SELinux maybe is the answer, I've already installed everything but I have no clue on how to work with this. Does anybody alreay have experience with this ? Look at the full_audit VFS module. Volker -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Security Policy.
On Wed, Jul 15, 2009 at 11:51:52AM +0200, Agustin Eguia wrote: > I'm actually sharing using samba three folders with some important > content inside of it. I would like to know if it's possible to log every > file read, write, delete, etc. I've been looking on the web and found > that SELinux maybe is the answer, I've already installed everything but I > have no clue on how to work with this. Does anybody alreay have > experience with this ? Look at the full_audit VFS module. Volker signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Security Policy.
Hello everyone, I'm actually sharing using samba three folders with some important content inside of it. I would like to know if it's possible to log every file read, write, delete, etc. I've been looking on the web and found that SELinux maybe is the answer, I've already installed everything but I have no clue on how to work with this. Does anybody alreay have experience with this ? Thanks a lot, A. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba security policy editor for XP client
Dear all I have setup of samba 3.x with XP pro client machine now i want to implement policy of desktop control or start menu hide or something like that i have read about it on google and i have find pedit tool but i didnt got any that type of tool for XP machine. I am not expert on MS envirmnet to anybody can help me how to edit policy or create policy i dont know how to create NTConfig.POL file give me suggestion for XP enverment. $ cat ~/satish/url.txt http://www.linuxbug.org _ - Flying to Bangalore or Bhopal? Search for tickets here. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba