2014-04-25 05:56:02 +00:00
|
|
|
.\" Copyright (C) 2013, Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
|
|
.\"
|
|
|
|
.\" %%%LICENSE_START(VERBATIM)
|
|
|
|
.\" Permission is granted to make and distribute verbatim copies of this
|
|
|
|
.\" manual provided the copyright notice and this permission notice are
|
|
|
|
.\" preserved on all copies.
|
|
|
|
.\"
|
|
|
|
.\" Permission is granted to copy and distribute modified versions of
|
|
|
|
.\" this manual under the conditions for verbatim copying, provided that
|
|
|
|
.\" the entire resulting derived work is distributed under the terms of
|
|
|
|
.\" a permission notice identical to this one.
|
|
|
|
.\"
|
|
|
|
.\" Since the Linux kernel and libraries are constantly changing, this
|
|
|
|
.\" manual page may be incorrect or out-of-date. The author(s) assume.
|
|
|
|
.\" no responsibility for errors or omissions, or for damages resulting.
|
|
|
|
.\" from the use of the information contained herein. The author(s) may.
|
|
|
|
.\" not have taken the same level of care in the production of this.
|
|
|
|
.\" manual, which is licensed free of charge, as they might when working.
|
|
|
|
.\" professionally.
|
|
|
|
.\"
|
|
|
|
.\" Formatted or processed versions of this manual, if unaccompanied by
|
|
|
|
.\" the source, must acknowledge the copyright and authors of this work.
|
|
|
|
.\" %%%LICENSE_END
|
memusage.1, memusagestat.1, pldd.1, accept.2, adjtimex.2, arch_prctl.2, bdflush.2, bpf.2, close.2, epoll_ctl.2, epoll_wait.2, execve.2, execveat.2, fanotify_init.2, fanotify_mark.2, fcntl.2, fsync.2, get_kernel_syms.2, getdomainname.2, getgroups.2, gethostname.2, getrandom.2, getrlimit.2, getrusage.2, getsid.2, getunwind.2, io_getevents.2, ioctl_fat.2, kexec_load.2, killpg.2, listxattr.2, lseek.2, madvise.2, memfd_create.2, mknod.2, mlock.2, modify_ldt.2, msgctl.2, msgget.2, msgop.2, readlink.2, readv.2, reboot.2, recvmmsg.2, rename.2, request_key.2, restart_syscall.2, sched_setaffinity.2, sched_setattr.2, sched_setparam.2, seccomp.2, select_tut.2, semctl.2, semget.2, semop.2, set_thread_area.2, seteuid.2, setgid.2, setpgid.2, setresuid.2, setreuid.2, setsid.2, setuid.2, shmctl.2, shmget.2, shmop.2, sigaction.2, sigprocmask.2, stat.2, symlink.2, syscall.2, sysctl.2, unlink.2, bindresvport.3, byteorder.3, dlopen.3, endian.3, error.3, ffs.3, fmemopen.3, getcwd.3, getlogin.3, getnetent.3, getprotoent.3, getservent.3, getumask.3, getutent.3, glob.3, isalpha.3, lio_listio.3, login.3, mbsinit.3, mbstowcs.3, mbtowc.3, mkstemp.3, nextup.3, ntp_gettime.3, posix_fallocate.3, posix_spawn.3, pthread_join.3, pthread_rwlockattr_setkind_np.3, random.3, rcmd.3, realpath.3, resolver.3, setjmp.3, setnetgrent.3, sigvec.3, strerror.3, strverscmp.3, system.3, toupper.3, towlower.3, towupper.3, wcstombs.3, wordexp.3, cciss.4, loop.4, mouse.4, random.4, core.5, group.5, hosts.5, resolv.conf.5, ascii.7, environ.7, epoll.7, glob.7, ip.7, mq_overview.7, packet.7, pipe.7, raw.7, sched.7, signal.7, socket.7, symlink.7, ld.so.8, sln.8: tstamp
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-10-08 10:53:47 +00:00
|
|
|
.TH FANOTIFY_INIT 2 2016-10-08 "Linux" "Linux Programmer's Manual"
|
2014-04-25 05:56:02 +00:00
|
|
|
.SH NAME
|
|
|
|
fanotify_init \- create and initialize fanotify group
|
|
|
|
.SH SYNOPSIS
|
|
|
|
.B #include <fcntl.h>
|
|
|
|
.br
|
|
|
|
.B #include <sys/fanotify.h>
|
|
|
|
.sp
|
|
|
|
.BI "int fanotify_init(unsigned int " flags ", unsigned int " event_f_flags );
|
|
|
|
.SH DESCRIPTION
|
|
|
|
For an overview of the fanotify API, see
|
|
|
|
.BR fanotify (7).
|
|
|
|
.PP
|
|
|
|
.BR fanotify_init ()
|
|
|
|
initializes a new fanotify group and returns a file descriptor for the event
|
|
|
|
queue associated with the group.
|
|
|
|
.PP
|
|
|
|
The file descriptor is used in calls to
|
|
|
|
.BR fanotify_mark (2)
|
2014-05-05 09:45:37 +00:00
|
|
|
to specify the files, directories, and mounts for which fanotify events
|
|
|
|
shall be created.
|
2014-04-25 05:56:02 +00:00
|
|
|
These events are received by reading from the file descriptor.
|
|
|
|
Some events are only informative, indicating that a file has been accessed.
|
2014-04-25 10:01:06 +00:00
|
|
|
Other events can be used to determine whether
|
|
|
|
another application is permitted to access a file or directory.
|
2014-04-25 05:56:02 +00:00
|
|
|
Permission to access filesystem objects is granted by writing to the file
|
|
|
|
descriptor.
|
|
|
|
.PP
|
|
|
|
Multiple programs may be using the fanotify interface at the same time to
|
|
|
|
monitor the same files.
|
|
|
|
.PP
|
|
|
|
In the current implementation, the number of fanotify groups per user is
|
|
|
|
limited to 128.
|
|
|
|
This limit cannot be overridden.
|
|
|
|
.PP
|
|
|
|
Calling
|
|
|
|
.BR fanotify_init ()
|
|
|
|
requires the
|
|
|
|
.B CAP_SYS_ADMIN
|
|
|
|
capability.
|
|
|
|
This constraint might be relaxed in future versions of the API.
|
2014-04-25 10:02:32 +00:00
|
|
|
Therefore, certain additional capability checks have been implemented as
|
2014-04-25 05:56:02 +00:00
|
|
|
indicated below.
|
|
|
|
.PP
|
|
|
|
The
|
|
|
|
.I flags
|
|
|
|
argument contains a multi-bit field defining the notification class of the
|
2014-05-05 09:45:37 +00:00
|
|
|
listening application and further single bit fields specifying the behavior
|
|
|
|
of the file descriptor.
|
2014-04-25 05:56:02 +00:00
|
|
|
.PP
|
2014-05-05 09:45:37 +00:00
|
|
|
If multiple listeners for permission events exist,
|
|
|
|
the notification class is used to establish the sequence
|
|
|
|
in which the listeners receive the events.
|
2014-04-25 05:56:02 +00:00
|
|
|
.PP
|
2014-04-25 10:03:11 +00:00
|
|
|
Only one of the following notification classes may be specified in
|
|
|
|
.IR flags :
|
2014-04-25 05:56:02 +00:00
|
|
|
.TP
|
|
|
|
.B FAN_CLASS_PRE_CONTENT
|
|
|
|
This value allows the receipt of events notifying that a file has been
|
|
|
|
accessed and events for permission decisions if a file may be accessed.
|
|
|
|
It is intended for event listeners that need to access files before they
|
|
|
|
contain their final data.
|
2014-05-05 09:45:37 +00:00
|
|
|
This notification class might be used by hierarchical storage managers,
|
|
|
|
for example.
|
2014-04-25 05:56:02 +00:00
|
|
|
.TP
|
|
|
|
.B FAN_CLASS_CONTENT
|
|
|
|
This value allows the receipt of events notifying that a file has been
|
|
|
|
accessed and events for permission decisions if a file may be accessed.
|
2014-05-05 09:45:37 +00:00
|
|
|
It is intended for event listeners that need to access files when they
|
|
|
|
already contain their final content.
|
2014-04-25 05:56:02 +00:00
|
|
|
This notification class might be used by malware detection programs, for
|
|
|
|
example.
|
|
|
|
.TP
|
|
|
|
.B FAN_CLASS_NOTIF
|
|
|
|
This is the default value.
|
|
|
|
It does not need to be specified.
|
|
|
|
This value only allows the receipt of events notifying that a file has been
|
|
|
|
accessed.
|
|
|
|
Permission decisions before the file is accessed are not possible.
|
|
|
|
.PP
|
|
|
|
Listeners with different notification classes will receive events in the
|
2014-04-25 10:04:49 +00:00
|
|
|
order
|
2014-04-25 05:56:02 +00:00
|
|
|
.BR FAN_CLASS_PRE_CONTENT ,
|
|
|
|
.BR FAN_CLASS_CONTENT ,
|
|
|
|
.BR FAN_CLASS_NOTIF .
|
2014-05-07 06:55:36 +00:00
|
|
|
The order of notification for listeners in the same notification class
|
|
|
|
is undefined.
|
2014-04-25 05:56:02 +00:00
|
|
|
.PP
|
2014-05-07 06:55:36 +00:00
|
|
|
The following bits can additionally be set in
|
2014-04-25 05:56:02 +00:00
|
|
|
.IR flags :
|
|
|
|
.TP
|
|
|
|
.B FAN_CLOEXEC
|
2014-05-07 06:55:36 +00:00
|
|
|
Set the close-on-exec flag
|
2014-04-25 05:56:02 +00:00
|
|
|
.RB ( FD_CLOEXEC )
|
|
|
|
on the new file descriptor.
|
|
|
|
See the description of the
|
|
|
|
.B O_CLOEXEC
|
|
|
|
flag in
|
|
|
|
.BR open (2).
|
|
|
|
.TP
|
|
|
|
.B FAN_NONBLOCK
|
2014-05-07 06:55:36 +00:00
|
|
|
Enable the nonblocking flag
|
2014-04-25 05:56:02 +00:00
|
|
|
.RB ( O_NONBLOCK )
|
|
|
|
for the file descriptor.
|
|
|
|
Reading from the file descriptor will not block.
|
2014-04-25 10:05:48 +00:00
|
|
|
Instead, if no data is available,
|
2014-04-25 05:56:02 +00:00
|
|
|
.BR read (2)
|
2014-04-25 10:05:48 +00:00
|
|
|
will fail with the error
|
|
|
|
.BR EAGAIN .
|
2014-04-25 05:56:02 +00:00
|
|
|
.TP
|
|
|
|
.B FAN_UNLIMITED_QUEUE
|
2014-05-07 06:55:36 +00:00
|
|
|
Remove the limit of 16384 events for the event queue.
|
|
|
|
Use of this flag requires the
|
2014-04-25 05:56:02 +00:00
|
|
|
.B CAP_SYS_ADMIN
|
|
|
|
capability.
|
|
|
|
.TP
|
|
|
|
.B FAN_UNLIMITED_MARKS
|
2014-05-07 06:55:36 +00:00
|
|
|
Remove the limit of 8192 marks.
|
|
|
|
Use of this flag requires the
|
2014-04-25 05:56:02 +00:00
|
|
|
.B CAP_SYS_ADMIN
|
|
|
|
capability.
|
|
|
|
.PP
|
2014-05-07 06:55:36 +00:00
|
|
|
The
|
2014-04-25 05:56:02 +00:00
|
|
|
.I event_f_flags
|
2014-05-07 06:55:36 +00:00
|
|
|
argument
|
|
|
|
defines the file status flags that will be set on the open file descriptions
|
|
|
|
that are created for fanotify events.
|
|
|
|
For details of these flags, see the description of the
|
2014-04-25 05:56:02 +00:00
|
|
|
.I flags
|
2014-05-07 06:55:36 +00:00
|
|
|
values in
|
|
|
|
.BR open (2).
|
2014-05-15 17:35:44 +00:00
|
|
|
.I event_f_flags
|
2014-05-18 07:46:30 +00:00
|
|
|
includes a multi-bit field for the access mode.
|
2014-05-15 17:35:44 +00:00
|
|
|
This field can take the following values:
|
2014-04-25 05:56:02 +00:00
|
|
|
.TP
|
|
|
|
.B O_RDONLY
|
|
|
|
This value allows only read access.
|
|
|
|
.TP
|
|
|
|
.B O_WRONLY
|
|
|
|
This value allows only write access.
|
|
|
|
.TP
|
|
|
|
.B O_RDWR
|
|
|
|
This value allows read and write access.
|
2014-05-15 17:35:44 +00:00
|
|
|
.PP
|
|
|
|
Additional bits can be set in
|
|
|
|
.IR event_f_flags .
|
|
|
|
The most useful values are:
|
2014-04-25 05:56:02 +00:00
|
|
|
.TP
|
|
|
|
.B O_LARGEFILE
|
2014-05-07 06:55:36 +00:00
|
|
|
Enable support for files exceeding 2 GB.
|
2014-04-25 05:56:02 +00:00
|
|
|
Failing to set this flag will result in an
|
|
|
|
.B EOVERFLOW
|
2014-05-05 09:45:37 +00:00
|
|
|
error when trying to open a large file which is monitored by
|
|
|
|
an fanotify group on a 32-bit system.
|
2014-05-15 17:35:44 +00:00
|
|
|
.TP
|
2016-02-06 15:50:35 +00:00
|
|
|
.BR O_CLOEXEC " (since Linux 3.18)"
|
|
|
|
.\" commit 0b37e097a648aa71d4db1ad108001e95b69a2da4
|
2014-05-15 17:35:44 +00:00
|
|
|
Enable the close-on-exec flag for the file descriptor.
|
2014-05-18 07:46:30 +00:00
|
|
|
See the description of the
|
|
|
|
.B O_CLOEXEC
|
|
|
|
flag in
|
|
|
|
.BR open (2)
|
|
|
|
for reasons why this may be useful.
|
2014-05-15 17:35:44 +00:00
|
|
|
.PP
|
|
|
|
The following are also allowable:
|
|
|
|
.BR O_APPEND ,
|
|
|
|
.BR O_DSYNC ,
|
|
|
|
.BR O_NOATIME ,
|
|
|
|
.BR O_NONBLOCK ,
|
|
|
|
and
|
|
|
|
.BR O_SYNC .
|
2014-05-18 07:46:30 +00:00
|
|
|
Specifying any other flag in
|
|
|
|
.I event_f_flags
|
|
|
|
yields the error
|
2014-05-15 17:35:44 +00:00
|
|
|
.B EINVAL
|
|
|
|
(but see BUGS).
|
2014-04-25 05:56:02 +00:00
|
|
|
.SH RETURN VALUE
|
|
|
|
On success,
|
|
|
|
.BR fanotify_init ()
|
|
|
|
returns a new file descriptor.
|
2014-04-25 10:11:08 +00:00
|
|
|
On error, \-1 is returned, and
|
2014-04-25 05:56:02 +00:00
|
|
|
.I errno
|
|
|
|
is set to indicate the error.
|
|
|
|
.SH ERRORS
|
|
|
|
.TP
|
|
|
|
.B EINVAL
|
|
|
|
An invalid value was passed in
|
2014-05-15 17:35:44 +00:00
|
|
|
.I flags
|
|
|
|
or
|
|
|
|
.IR event_f_flags .
|
2014-04-25 05:56:02 +00:00
|
|
|
.B FAN_ALL_INIT_FLAGS
|
2014-05-15 17:35:44 +00:00
|
|
|
defines all allowable bits for
|
|
|
|
.IR flags .
|
2014-04-25 05:56:02 +00:00
|
|
|
.TP
|
|
|
|
.B EMFILE
|
2014-05-07 06:55:36 +00:00
|
|
|
The number of fanotify groups for this user exceeds 128.
|
2014-04-25 05:56:02 +00:00
|
|
|
.TP
|
2015-12-27 15:26:07 +00:00
|
|
|
.B
|
|
|
|
The per-process limit on the number of open file descriptors has been reached.
|
|
|
|
.TP
|
2014-04-25 05:56:02 +00:00
|
|
|
.B ENOMEM
|
|
|
|
The allocation of memory for the notification group failed.
|
|
|
|
.TP
|
2014-05-01 05:47:11 +00:00
|
|
|
.B ENOSYS
|
|
|
|
This kernel does not implement
|
|
|
|
.BR fanotify_init ().
|
2014-05-07 06:55:36 +00:00
|
|
|
The fanotify API is available only if the kernel was configured with
|
|
|
|
.BR CONFIG_FANOTIFY .
|
2014-05-01 05:47:11 +00:00
|
|
|
.TP
|
2014-04-25 05:56:02 +00:00
|
|
|
.B EPERM
|
|
|
|
The operation is not permitted because the caller lacks the
|
|
|
|
.B CAP_SYS_ADMIN
|
|
|
|
capability.
|
|
|
|
.SH VERSIONS
|
|
|
|
.BR fanotify_init ()
|
|
|
|
was introduced in version 2.6.36 of the Linux kernel and enabled in version
|
|
|
|
2.6.37.
|
iconv.1, localedef.1, access.2, execveat.2, fanotify_init.2, futex.2, ioctl_fat.2, mount.2, ftw.3, sd.4, tty_ioctl.4, fanotify.7, futex.7, posixoptions.7, iconvconfig.8: srcfix: Remove useless quotes from .SS and .SH sections
Signed-off-by: Stéphane Aulery <saulery@free.fr>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-03-08 02:03:52 +00:00
|
|
|
.SH CONFORMING TO
|
2014-04-25 05:56:02 +00:00
|
|
|
This system call is Linux-specific.
|
2014-05-01 14:47:39 +00:00
|
|
|
.SH BUGS
|
2016-08-21 10:43:08 +00:00
|
|
|
The following bug was present in Linux kernels before version 3.18:
|
2014-09-29 14:25:53 +00:00
|
|
|
.IP * 3
|
2016-08-21 10:43:08 +00:00
|
|
|
.\" Fixed by commit 0b37e097a648aa71d4db1ad108001e95b69a2da4
|
2014-09-29 14:27:06 +00:00
|
|
|
The
|
2014-09-29 14:25:53 +00:00
|
|
|
.B O_CLOEXEC
|
2014-09-29 14:27:06 +00:00
|
|
|
is ignored when passed in
|
|
|
|
.IR event_f_flags .
|
2014-09-29 14:25:53 +00:00
|
|
|
.PP
|
2014-09-29 14:32:23 +00:00
|
|
|
The following bug was present in Linux kernels before version 3.14:
|
2014-05-01 14:47:39 +00:00
|
|
|
.IP * 3
|
2014-09-29 14:32:23 +00:00
|
|
|
.\" Fixed by commit 48149e9d3a7e924010a0daab30a6197b7d7b6580
|
2014-05-01 20:01:46 +00:00
|
|
|
The
|
2014-05-01 14:47:39 +00:00
|
|
|
.I event_f_flags
|
2014-05-01 20:13:35 +00:00
|
|
|
argument is not checked for invalid flags.
|
2014-05-01 20:01:46 +00:00
|
|
|
Flags that are intended only for internal use,
|
|
|
|
such as
|
2014-05-01 14:47:39 +00:00
|
|
|
.BR FMODE_EXEC ,
|
2014-05-01 20:01:46 +00:00
|
|
|
can be set, and will consequently be set for the file descriptors
|
|
|
|
returned when reading from the fanotify file descriptor.
|
iconv.1, localedef.1, access.2, execveat.2, fanotify_init.2, futex.2, ioctl_fat.2, mount.2, ftw.3, sd.4, tty_ioctl.4, fanotify.7, futex.7, posixoptions.7, iconvconfig.8: srcfix: Remove useless quotes from .SS and .SH sections
Signed-off-by: Stéphane Aulery <saulery@free.fr>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-03-08 02:03:52 +00:00
|
|
|
.SH SEE ALSO
|
2014-04-25 05:56:02 +00:00
|
|
|
.BR fanotify_mark (2),
|
|
|
|
.BR fanotify (7)
|