Hellrazorx
Dabbler
- Joined
- Apr 30, 2021
- Messages
- 29
Hi, I worked in a test environments with SMB audit to get all SMB operations on Gray Log (on a separate server.)
What I noticed when I wanted to apply in production is that the Auxiliary parameters are interfering with ACL..
When this set is applied:
vfs objects = full_audit
full_audit:prefix = %u|%I|%m|%S
full_audit:success = unlinkat renameat linkat pwrite mkdirat create_file
full_audit:failure = none
full_audit:facility = local7
full_audit:priority = NOTICE
No other user than the
user who controls the data set &
the group which controls the dataset can modify files.
The full (right) permission panel seems ignored.
___
Besides, I got an answer from Kris Moore ( from discord channel ) stating:
In general this is why recommend not setting Aux params. They do tend to have subtle breakages and aren't tested by us internally very much if at all. Your milage may vary here.
So how do I log/ audit / monitor file activity on my datasets if SMB audit is not the recommended way, which way is the good one??
THanks for ANY input at this point.
What I noticed when I wanted to apply in production is that the Auxiliary parameters are interfering with ACL..
When this set is applied:
vfs objects = full_audit
full_audit:prefix = %u|%I|%m|%S
full_audit:success = unlinkat renameat linkat pwrite mkdirat create_file
full_audit:failure = none
full_audit:facility = local7
full_audit:priority = NOTICE
No other user than the
user who controls the data set &
the group which controls the dataset can modify files.
The full (right) permission panel seems ignored.
___
Besides, I got an answer from Kris Moore ( from discord channel ) stating:
In general this is why recommend not setting Aux params. They do tend to have subtle breakages and aren't tested by us internally very much if at all. Your milage may vary here.
So how do I log/ audit / monitor file activity on my datasets if SMB audit is not the recommended way, which way is the good one??
THanks for ANY input at this point.