Bug 15076 - logging dsdb audit to specific files does not work
Summary: logging dsdb audit to specific files does not work
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Other (show other bugs)
Version: 4.15.6
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Jule Anger
QA Contact: Samba QA Contact
Depends on:
Reported: 2022-05-25 04:51 UTC by Douglas Bagnall
Modified: 2022-07-18 11:18 UTC (History)
3 users (show)

See Also:

Patch for 4.15 and 4.16 (2.38 KB, patch)
2022-06-14 23:27 UTC, Douglas Bagnall
abartlet: review+

Note You need to log in before you can comment on or make changes to this bug.
Description Douglas Bagnall 2022-05-25 04:51:21 UTC
Following the fix for bug 14897, an smb.conf line like

     log level = 1 dsdb_group_json_audit:5@somewhere.log

no longer works properly; the '5' for dsdb_group_json_audit is effective, turning on the logging, but the '@somewhere.log' does nothing and the JSON logs end up in the main log file.

I am able to get 4.15.6 working by running setup_logging() again after the lpcfg_load():

--- a/lib/cmdline/cmdline_s4.c
+++ b/lib/cmdline/cmdline_s4.c
@@ -58,20 +58,33 @@ static bool _samba_cmdline_load_config_s4(void)
        config_file = get_dyn_CONFIGFILE();
        ok = lpcfg_load(lp_ctx, config_file);
        if (!ok) {
                        "Can't load %s - run testparm to debug it\n",
                if (_require_smbconf) {
                        return false;
+       switch (_config_type) {
+               /* 
+                * We need to setup_logging *again* to ensure multi-file
+                * logging is set up as specified in smb.conf.
+                */
+               setup_logging(getprogname(), DEBUG_FILE);
+               break;
+       }
+       default:
+               break;
+       }
        return true;

but I am not sure whether it also still needs to be there *before* the lpcfg_load(). Ralph, Andreas, was there a specific reason for that order?
Comment 1 Andreas Schneider 2022-05-25 14:46:16 UTC
You want to write to the log file as early as possible to not miss anything. I think you're right that we need to call setup_logging() after loading the config again.

Shouldn't we disable logging to files in interactive mode?
Comment 2 Douglas Bagnall 2022-05-26 05:45:12 UTC
(In reply to Andreas Schneider from comment #1)
> Shouldn't we disable logging to files in interactive mode?

Yes. The patch I actually used had DEBUG_DEFAULT_STDERR there, which I think *maybe* we want to do in all cases, but until I resolve that maybe, there is:

Comment 3 Samba QA Contact 2022-05-30 11:04:03 UTC
This bug was referenced in samba master:

Comment 4 Douglas Bagnall 2022-06-14 23:27:00 UTC
Created attachment 17350 [details]
Patch for 4.15 and 4.16
Comment 5 Andrew Bartlett 2022-06-17 02:13:56 UTC
Please apply for 4.15.next and 4.16.next
Comment 6 Jule Anger 2022-06-18 08:40:35 UTC
Pushed to autobuild-v4-{16,15}-test.
Comment 7 Samba QA Contact 2022-06-18 09:47:11 UTC
This bug was referenced in samba v4-15-test:

Comment 8 Samba QA Contact 2022-06-18 09:56:19 UTC
This bug was referenced in samba v4-16-test:

Comment 9 Jule Anger 2022-06-18 09:59:40 UTC
Closing out bug report.

Comment 10 Samba QA Contact 2022-06-28 06:51:36 UTC
This bug was referenced in samba v4-15-stable (Release samba-4.15.8):

Comment 11 Samba QA Contact 2022-07-18 11:18:16 UTC
This bug was referenced in samba v4-16-stable (Release samba-4.16.3):