We have a Linux server which is Ext4 and another Linux Server which has an ISCSI where Windows clients have shared folders.I need to
- Allow users to modify files and not delete them. A user has permission to modify content, but cannot delete the files itself.
- Audit all file add/delete/modify operations in a English like log
format. - Send alerts if attempts are bieng made to delete
- Audit all file add/delete/modify operations in a English like log
Best Answer
If windows clients are mounting Samba/CIFS shares then you should check out full_audit.so module for Samba.
Samba: Logging User Activity
Samba - file audit log with full_audit
Google Search - samba full_audit