Bug 15076 - logging dsdb audit to specific files does not work
Summary: logging dsdb audit to specific files does not work
Status: RESOLVED FIXED
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Other (show other bugs)
Version: 4.15.6
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Jule Anger
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2022-05-25 04:51 UTC by Douglas Bagnall
Modified: 2022-07-18 11:18 UTC (History)
3 users (show)

See Also:

Attachments
Patch for 4.15 and 4.16 (2.38 KB, patch)
2022-06-14 23:27 UTC, Douglas Bagnall 		abartlet: review+
Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Douglas Bagnall 2022-05-25 04:51:21 UTC 
Following the fix for bug 14897, an smb.conf line like

     log level = 1 dsdb_group_json_audit:5@somewhere.log

no longer works properly; the '5' for dsdb_group_json_audit is effective, turning on the logging, but the '@somewhere.log' does nothing and the JSON logs end up in the main log file.

I am able to get 4.15.6 working by running setup_logging() again after the lpcfg_load():


--- a/lib/cmdline/cmdline_s4.c
+++ b/lib/cmdline/cmdline_s4.c
@@ -58,20 +58,33 @@ static bool _samba_cmdline_load_config_s4(void)
        default:
                break;
        }
 
        config_file = get_dyn_CONFIGFILE();
        ok = lpcfg_load(lp_ctx, config_file);
        if (!ok) {
                fprintf(stderr,
                        "Can't load %s - run testparm to debug it\n",
                        config_file);
 
                if (_require_smbconf) {
                        return false;
                }
        }
+       switch (_config_type) {
+       case SAMBA_CMDLINE_CONFIG_SERVER: {
+               /* 
+                * We need to setup_logging *again* to ensure multi-file
+                * logging is set up as specified in smb.conf.
+                */
+               setup_logging(getprogname(), DEBUG_FILE);
+               break;
+       }
+       default:
+               break;
+       }
 
        return true;
 }


but I am not sure whether it also still needs to be there *before* the lpcfg_load(). Ralph, Andreas, was there a specific reason for that order?
Comment 1 Andreas Schneider 2022-05-25 14:46:16 UTC 
You want to write to the log file as early as possible to not miss anything. I think you're right that we need to call setup_logging() after loading the config again.

Shouldn't we disable logging to files in interactive mode?
Comment 2 Douglas Bagnall 2022-05-26 05:45:12 UTC 
(In reply to Andreas Schneider from comment #1)
> Shouldn't we disable logging to files in interactive mode?

Yes. The patch I actually used had DEBUG_DEFAULT_STDERR there, which I think *maybe* we want to do in all cases, but until I resolve that maybe, there is:

https://gitlab.com/samba-team/samba/-/merge_requests/2548
Comment 3 Samba QA Contact 2022-05-30 11:04:03 UTC 
This bug was referenced in samba master:

9537ac723cfdc43e718fdd08dc28883e7057a372
Comment 4 Douglas Bagnall 2022-06-14 23:27:00 UTC 
Created attachment 17350 [details]
Patch for 4.15 and 4.16
Comment 5 Andrew Bartlett 2022-06-17 02:13:56 UTC 
Please apply for 4.15.next and 4.16.next
Comment 6 Jule Anger 2022-06-18 08:40:35 UTC 
Pushed to autobuild-v4-{16,15}-test.
Comment 7 Samba QA Contact 2022-06-18 09:47:11 UTC 
This bug was referenced in samba v4-15-test:

a1bb535cfb37f7e0534a0bcdd0ea2bf918a0ac42
Comment 8 Samba QA Contact 2022-06-18 09:56:19 UTC 
This bug was referenced in samba v4-16-test:

edd5a851273cdbece6aba3d22241e469e58bed9a
Comment 9 Jule Anger 2022-06-18 09:59:40 UTC 
Closing out bug report.

Thanks!
Comment 10 Samba QA Contact 2022-06-28 06:51:36 UTC 
This bug was referenced in samba v4-15-stable (Release samba-4.15.8):

a1bb535cfb37f7e0534a0bcdd0ea2bf918a0ac42
Comment 11 Samba QA Contact 2022-07-18 11:18:16 UTC 
This bug was referenced in samba v4-16-stable (Release samba-4.16.3):

edd5a851273cdbece6aba3d22241e469e58bed9a