Feature #1963
SambaAudit: add samba audit support
| Status: | CLOSED | Start date: | ||
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | - | % Done: | 100% | |
| Category: | nethserver-samba-audit | |||
| Target version: | v6.4-beta2 | |||
| Resolution: | NEEDINFO: | No |
Description
Add samba audit support.
The audit should be enable/disabled on each ibay using the web ui.
All audit should also be browsable using a simple web interface.
Related issues
Associated revisions
First import. Refs #1963
smbauditdbupdate.pl: fix database name. Refs #1963
smbaudit.log: add empty smbaudit.log file. Refs #1963
spec: mark smbaudit.log as config file. Refs #1963
createlinks: force rsyslog restart (reload is not implemented). Refs #1963
smbauditdbupdate.pl: change query accordingly to new table. Refs #1963
nethserver-samba-audit-conf, smbaudit.conf template: move random generation to nethserver-samba-audit-conf action. Refs #1963
spec: add nethserver-mysql and nethserver-samba dependencies. Refs #1963
createlinks: move nethserver-samba-audit-conf action before expand-template. Refs #1963
Relocated /usr/local/bin in /usr/bin, fixing permissions. Refs #1963
History
#1
Updated by Giacomo Sanchietti about 8 years ago
- Status changed from NEW to ON_DEV
- % Done changed from 0 to 30
#2
Updated by Giacomo Sanchietti about 8 years ago
- Status changed from ON_DEV to ON_QA
- % Done changed from 30 to 80
#3
Updated by Giacomo Sanchietti about 8 years ago
- Assignee set to Giacomo Sanchietti
Needs documentation.
#4
Updated by Giacomo Sanchietti about 8 years ago
- Status changed from ON_QA to ON_DEV
- % Done changed from 80 to 30
Needs documentation.
#5
Updated by Giacomo Sanchietti about 8 years ago
- Status changed from ON_DEV to MODIFIED
- % Done changed from 30 to 70
#6
Updated by Giacomo Sanchietti about 8 years ago
- Status changed from MODIFIED to ON_QA
- % Done changed from 70 to 80
Package in nethserver-testing: nethserver-samba-audit-1.0.0
Test and install:- yum --enablerepo=nethserver-testing install nethserver-samba-audit
- Create and i-bay and enable Samba Audit on it
- Do some requests to the i-bay with a client
- Enter the web ui from Dashboard, click on Reload button and check new entry in the ui
#7
Updated by Davide Principi about 8 years ago
- Assignee changed from Giacomo Sanchietti to Davide Principi
#8
Updated by Davide Principi about 8 years ago
I had some problems during nethserver-mysql installation: it requires deeper investigations...
Some things to check:- nethserver-samba and nethserver-mysql RPM dependencies must be added
- After installation, the web UI complains about a missing /var/log/smbaudit.log file: why not adding a placeholder, marked as "configuration" file in the RPM?
- Syslog messages from smbd were directed to /var/log/messages. After rsyslogd restart went to /var/log/smbaudit.log (and the previous problem disappears)
- In source:nethserver-samba-audit|root/usr/local/bin/smbauditdbupdate.pl@feba78a7#L9 the dbi string uses
smbdas database name, but I foundsmbauditdatabase in mysql. From the web UI:DBI connect('smbd:localhost','root',...) failed: Unknown database 'smbd' at /usr/local/bin/smbauditdbupdate.pl line 10 \ Cannot connect to database: Unknown database 'smbd' at /usr/local/bin/smbauditdbupdate.pl line 10. error: error running \ non-shared prerotate script for /var/log/smbaudit.log of '/var/log/smbaudit.log '
#9
Updated by Davide Principi about 8 years ago
- Status changed from ON_QA to ON_DEV
- Assignee deleted (
Davide Principi) - % Done changed from 80 to 30
#10
Updated by Giacomo Sanchietti about 8 years ago
- Status changed from ON_DEV to MODIFIED
- Assignee set to Giacomo Sanchietti
- % Done changed from 30 to 60
- restart rsyslog on nethserver-samba-audit-update event
- fix /usr/local/bin/smbauditdbupdate.pl
- move random hash generation to nethserver-samba-audit-conf
- FHS compliant #2065
#11
Updated by Giacomo Sanchietti about 8 years ago
- Status changed from MODIFIED to ON_QA
- Assignee deleted (
Giacomo Sanchietti) - % Done changed from 60 to 70
#12
Updated by Alessio Fattorini about 8 years ago
- Status changed from ON_QA to ON_DEV
- Assignee set to Alessio Fattorini
- % Done changed from 70 to 30
Installed nethserver-samba-audit-1.0.1-1.ns6.noarch
When i try to access form dashboard i have this error:
Forbidden You don't have permission to access / on this server. Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
And on error.log i have this:
[Sat Jul 27 07:52:25 2013] [error] [client 192.168.5.19] Directory index forbidden by Options directive: /usr/share/smbaudit [Sat Jul 27 07:52:25 2013] [error] [client 192.168.5.19] File does not exist: /usr/share/smbauditerror [Sat Jul 27 07:52:25 2013] [error] [client 192.168.5.19] File does not exist: /usr/share/smbauditfavicon.ico
#13
Updated by Giacomo Sanchietti about 8 years ago
- Assignee changed from Alessio Fattorini to Giacomo Sanchietti
This is because nethserver-samba has been installed after nethserver-samba-audit.
I will add a direct dependency.
#14
Updated by Giacomo Sanchietti about 8 years ago
- Status changed from ON_DEV to MODIFIED
- % Done changed from 30 to 60
- move nethserver-samba-audit-conf action before expand-template
- add nethserver-mysql and nethserver-samba dependencies
#15
Updated by Giacomo Sanchietti about 8 years ago
- Status changed from MODIFIED to ON_QA
- Assignee deleted (
Giacomo Sanchietti) - % Done changed from 60 to 70
- nethserver-samba-audit-1.0.2-1
- nethserver-base.noarch-1.4.0-1
- nethserver-lib.noarch-1.3.0-1
- nethserver-yum.noarch-1.1.1-1
List of nethserver packages after installation:
[root@test ~]# rpm -qa | grep nethserver nethserver-php-1.1.0-1.ns6.noarch nethserver-smartd-1.0.0-1.ns6.noarch nethserver-ntp-1.0.4-1.ns6.noarch nethserver-yum-1.1.1-1.ns6.noarch nethserver-nethgui-1.2.2-1.ns6.noarch nethserver-httpd-2.2.1-1.ns6.noarch nethserver-mysql-1.0.4-1.ns6.noarch nethserver-directory-1.2.2-1.ns6.noarch nethserver-ibays-2.0.0-1.ns6.noarch nethserver-httpd-admin-1.0.4-1.ns6.noarch nethserver-grub-1.0.1-1.ns6.noarch nethserver-openssh-1.0.2-1.ns6.noarch nethserver-release-6.4-beta1.noarch nethserver-lib-1.3.0-1.ns6.noarch nethserver-base-1.4.0-1.ns6.noarch nethserver-samba-1.3.6-1.ns6.noarch nethserver-samba-audit-1.0.2-1.ns6.noarch
After creating a valid user (giacomo) and a share (share1):
[root@test ~]# smbclient //localhost/share1 -U giacomo Enter giacomo's password: Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.6.9-151.el6] smb: \> put anaconda-ks.cfg putting file anaconda-ks.cfg as \anaconda-ks.cfg (20.6 kb/s) (average 20.6 kb/s) smb: \> exit [root@test ~]# cat /var/log/smbaudit.log Jul 4 14:53:45 test smbd[16952]: smbauditlog|2013/07/04 14:53:45|giacomo|127.0.0.1|share1|giacomo|open|ok|w|anaconda-ks.cfg
After web ui access, hit the "Reload" link, the entry in /var/log/smbaudit.log shoud be moved inside the db.
#16
Updated by Davide Principi about 8 years ago
- Assignee set to Davide Principi
#17
Updated by Davide Principi about 8 years ago
- Status changed from ON_QA to VERIFIED
- Assignee deleted (
Davide Principi) - % Done changed from 70 to 90
In nethserver-testing:
nethserver-samba-audit-1.0.3-1.ns6.noarch.rpm
#18
Updated by Davide Principi about 8 years ago
- Status changed from VERIFIED to CLOSED
- % Done changed from 90 to 100
Moved to nethserver-updates repository