If you set 'full_audit:success = pwrite write rename' (for instance), then all operations will be logged (rename has been replaced with renameat). Jeremy's comment on a recent mailing list post: We should probably just log a debug message about the unknown name and then ignore the unknown name instead of going full "ALL" on the audit.
Created attachment 17356 [details] git-am fix for master. Raw patch so I don't lose it. Now we need a test..
Created attachment 17365 [details] git-am fix for master. Added tests and man page update. Now to run through gitlab-ci.
This bug was referenced in samba master: fe78d3c014d1756fe628175baeaa08c58e3e2f02 ec91a583708c57d0da28da7b70e6366153129c64 69bb8853f61212074a7095055fb3570660a1cc27
Created attachment 17369 [details] git-am fix for 4.16.next, 4.15.next. Cherry-picked from master.
closing as fixed