Bug 15076 - logging dsdb audit to specific files does not work
Summary: logging dsdb audit to specific files does not work
Status: RESOLVED FIXED
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Other (show other bugs)
Version: 4.15.6
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Jule Anger
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2022-05-25 04:51 UTC by Douglas Bagnall
Modified: 2022-06-28 06:51 UTC (History)
3 users (show)

See Also:


Attachments
Patch for 4.15 and 4.16 (2.38 KB, patch)
2022-06-14 23:27 UTC, Douglas Bagnall
abartlet: review+
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Douglas Bagnall 2022-05-25 04:51:21 UTC
Following the fix for bug 14897, an smb.conf line like

     log level = 1 dsdb_group_json_audit:5@somewhere.log

no longer works properly; the '5' for dsdb_group_json_audit is effective, turning on the logging, but the '@somewhere.log' does nothing and the JSON logs end up in the main log file.

I am able to get 4.15.6 working by running setup_logging() again after the lpcfg_load():


--- a/lib/cmdline/cmdline_s4.c
+++ b/lib/cmdline/cmdline_s4.c
@@ -58,20 +58,33 @@ static bool _samba_cmdline_load_config_s4(void)
        default:
                break;
        }
 
        config_file = get_dyn_CONFIGFILE();
        ok = lpcfg_load(lp_ctx, config_file);
        if (!ok) {
                fprintf(stderr,
                        "Can't load %s - run testparm to debug it\n",
                        config_file);
 
                if (_require_smbconf) {
                        return false;
                }
        }
+       switch (_config_type) {
+       case SAMBA_CMDLINE_CONFIG_SERVER: {
+               /* 
+                * We need to setup_logging *again* to ensure multi-file
+                * logging is set up as specified in smb.conf.
+                */
+               setup_logging(getprogname(), DEBUG_FILE);
+               break;
+       }
+       default:
+               break;
+       }
 
        return true;
 }


but I am not sure whether it also still needs to be there *before* the lpcfg_load(). Ralph, Andreas, was there a specific reason for that order?
Comment 1 Andreas Schneider 2022-05-25 14:46:16 UTC
You want to write to the log file as early as possible to not miss anything. I think you're right that we need to call setup_logging() after loading the config again.

Shouldn't we disable logging to files in interactive mode?
Comment 2 Douglas Bagnall 2022-05-26 05:45:12 UTC
(In reply to Andreas Schneider from comment #1)
> Shouldn't we disable logging to files in interactive mode?

Yes. The patch I actually used had DEBUG_DEFAULT_STDERR there, which I think *maybe* we want to do in all cases, but until I resolve that maybe, there is:

https://gitlab.com/samba-team/samba/-/merge_requests/2548
Comment 3 Samba QA Contact 2022-05-30 11:04:03 UTC
This bug was referenced in samba master:

9537ac723cfdc43e718fdd08dc28883e7057a372
Comment 4 Douglas Bagnall 2022-06-14 23:27:00 UTC
Created attachment 17350 [details]
Patch for 4.15 and 4.16
Comment 5 Andrew Bartlett 2022-06-17 02:13:56 UTC
Please apply for 4.15.next and 4.16.next
Comment 6 Jule Anger 2022-06-18 08:40:35 UTC
Pushed to autobuild-v4-{16,15}-test.
Comment 7 Samba QA Contact 2022-06-18 09:47:11 UTC
This bug was referenced in samba v4-15-test:

a1bb535cfb37f7e0534a0bcdd0ea2bf918a0ac42
Comment 8 Samba QA Contact 2022-06-18 09:56:19 UTC
This bug was referenced in samba v4-16-test:

edd5a851273cdbece6aba3d22241e469e58bed9a
Comment 9 Jule Anger 2022-06-18 09:59:40 UTC
Closing out bug report.

Thanks!
Comment 10 Samba QA Contact 2022-06-28 06:51:36 UTC
This bug was referenced in samba v4-15-stable (Release samba-4.15.8):

a1bb535cfb37f7e0534a0bcdd0ea2bf918a0ac42