Samba vfs_full_audit reports everything
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
samba (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
We have Samba file sharing set up to log a number of operations using the VFS full audit capability. This is in hopes of stopping ransomware. See for example https:/
The configuration in smb.conf contains this:
# Anti-ransomware full audit to /var/log/
full_
full_
full_
full_
full_
vfs objects = full_audit
Before the update to 4.13.14+
Note that our CentOS machine just got 4.13 as well, and does not have this problem.
Maybe this is a testing parameter that was accidentally left in the build??
----------------
# lsb_release -rd
Description: Ubuntu 20.04.3 LTS
Release: 20.04
# dpkg-query -W samba\*
samba 2:4.13.
samba-common 2:4.13.
samba-common-bin 2:4.13.
samba-dsdb-
samba-libs:amd64 2:4.13.
samba-testsuite
samba-vfs-
Status changed to 'Confirmed' because the bug affects multiple users.