2014-04-25 05:56:49 +00:00
|
|
|
.\" Copyright (C) 2013, Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
|
|
.\"
|
|
|
|
.\" %%%LICENSE_START(VERBATIM)
|
|
|
|
.\" Permission is granted to make and distribute verbatim copies of this
|
|
|
|
.\" manual provided the copyright notice and this permission notice are
|
|
|
|
.\" preserved on all copies.
|
|
|
|
.\"
|
|
|
|
.\" Permission is granted to copy and distribute modified versions of
|
|
|
|
.\" this manual under the conditions for verbatim copying, provided that
|
|
|
|
.\" the entire resulting derived work is distributed under the terms of
|
|
|
|
.\" a permission notice identical to this one.
|
|
|
|
.\"
|
|
|
|
.\" Since the Linux kernel and libraries are constantly changing, this
|
|
|
|
.\" manual page may be incorrect or out-of-date. The author(s) assume.
|
|
|
|
.\" no responsibility for errors or omissions, or for damages resulting.
|
|
|
|
.\" from the use of the information contained herein. The author(s) may.
|
|
|
|
.\" not have taken the same level of care in the production of this.
|
|
|
|
.\" manual, which is licensed free of charge, as they might when working.
|
|
|
|
.\" professionally.
|
|
|
|
.\"
|
|
|
|
.\" Formatted or processed versions of this manual, if unaccompanied by
|
|
|
|
.\" the source, must acknowledge the copyright and authors of this work.
|
|
|
|
.\" %%%LICENSE_END
|
memusage.1, memusagestat.1, pldd.1, accept.2, adjtimex.2, arch_prctl.2, bdflush.2, bpf.2, close.2, epoll_ctl.2, epoll_wait.2, execve.2, execveat.2, fanotify_init.2, fanotify_mark.2, fcntl.2, fsync.2, get_kernel_syms.2, getdomainname.2, getgroups.2, gethostname.2, getrandom.2, getrlimit.2, getrusage.2, getsid.2, getunwind.2, io_getevents.2, ioctl_fat.2, kexec_load.2, killpg.2, listxattr.2, lseek.2, madvise.2, memfd_create.2, mknod.2, mlock.2, modify_ldt.2, msgctl.2, msgget.2, msgop.2, readlink.2, readv.2, reboot.2, recvmmsg.2, rename.2, request_key.2, restart_syscall.2, sched_setaffinity.2, sched_setattr.2, sched_setparam.2, seccomp.2, select_tut.2, semctl.2, semget.2, semop.2, set_thread_area.2, seteuid.2, setgid.2, setpgid.2, setresuid.2, setreuid.2, setsid.2, setuid.2, shmctl.2, shmget.2, shmop.2, sigaction.2, sigprocmask.2, stat.2, symlink.2, syscall.2, sysctl.2, unlink.2, bindresvport.3, byteorder.3, dlopen.3, endian.3, error.3, ffs.3, fmemopen.3, getcwd.3, getlogin.3, getnetent.3, getprotoent.3, getservent.3, getumask.3, getutent.3, glob.3, isalpha.3, lio_listio.3, login.3, mbsinit.3, mbstowcs.3, mbtowc.3, mkstemp.3, nextup.3, ntp_gettime.3, posix_fallocate.3, posix_spawn.3, pthread_join.3, pthread_rwlockattr_setkind_np.3, random.3, rcmd.3, realpath.3, resolver.3, setjmp.3, setnetgrent.3, sigvec.3, strerror.3, strverscmp.3, system.3, toupper.3, towlower.3, towupper.3, wcstombs.3, wordexp.3, cciss.4, loop.4, mouse.4, random.4, core.5, group.5, hosts.5, resolv.conf.5, ascii.7, environ.7, epoll.7, glob.7, ip.7, mq_overview.7, packet.7, pipe.7, raw.7, sched.7, signal.7, socket.7, symlink.7, ld.so.8, sln.8: tstamp
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-10-08 10:53:47 +00:00
|
|
|
.TH FANOTIFY_MARK 2 2016-10-08 "Linux" "Linux Programmer's Manual"
|
2014-04-25 05:56:49 +00:00
|
|
|
.SH NAME
|
|
|
|
fanotify_mark \- add, remove, or modify an fanotify mark on a filesystem
|
|
|
|
object
|
|
|
|
.SH SYNOPSIS
|
|
|
|
.nf
|
|
|
|
.B #include <sys/fanotify.h>
|
|
|
|
.sp
|
|
|
|
.BI "int fanotify_mark(int " fanotify_fd ", unsigned int " flags ,
|
2014-04-25 10:28:37 +00:00
|
|
|
.BI " uint64_t " mask ", int " dirfd \
|
|
|
|
", const char *" pathname );
|
2014-04-25 05:56:49 +00:00
|
|
|
.fi
|
|
|
|
.SH DESCRIPTION
|
|
|
|
For an overview of the fanotify API, see
|
|
|
|
.BR fanotify (7).
|
|
|
|
.PP
|
arch_prctl.2, execveat.2, fanotify_mark.2, fcntl.2, fork.2, madvise.2, mknod.2, mmap.2, modify_ldt.2, mount.2, open.2, prctl.2, ptrace.2, restart_syscall.2, seccomp.2, semop.2, set_thread_area.2, symlink.2, umount.2, unlink.2, error.3, getnetent.3, getprotoent.3, getservent.3, getutent.3, glob.3, login.3, setjmp.3, setnetgrent.3, wordexp.3, epoll.7: Remove section number from page self reference
Fix places where pages refer to the function that they describe
and include a section number in that reference. Such references
cause some HTML-rendering tools to create self-references in the
page.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-08-07 16:40:35 +00:00
|
|
|
.BR fanotify_mark ()
|
2014-04-25 10:14:35 +00:00
|
|
|
adds, removes, or modifies an fanotify mark on a filesystem object.
|
2014-05-05 09:45:37 +00:00
|
|
|
The caller must have read permission on the filesystem object that
|
|
|
|
is to be marked.
|
2014-04-25 05:56:49 +00:00
|
|
|
.PP
|
|
|
|
The
|
|
|
|
.I fanotify_fd
|
2014-04-25 10:14:55 +00:00
|
|
|
argument is a file descriptor returned by
|
2014-04-25 05:56:49 +00:00
|
|
|
.BR fanotify_init (2).
|
|
|
|
.PP
|
|
|
|
.I flags
|
|
|
|
is a bit mask describing the modification to perform.
|
|
|
|
It must include exactly one of the following values:
|
|
|
|
.TP
|
|
|
|
.B FAN_MARK_ADD
|
|
|
|
The events in
|
|
|
|
.I mask
|
|
|
|
will be added to the mark mask (or to the ignore mask).
|
|
|
|
.I mask
|
|
|
|
must be nonempty or the error
|
|
|
|
.B EINVAL
|
|
|
|
will occur.
|
|
|
|
.TP
|
|
|
|
.B FAN_MARK_REMOVE
|
|
|
|
The events in argument
|
|
|
|
.I mask
|
|
|
|
will be removed from the mark mask (or from the ignore mask).
|
|
|
|
.I mask
|
|
|
|
must be nonempty or the error
|
|
|
|
.B EINVAL
|
|
|
|
will occur.
|
|
|
|
.TP
|
|
|
|
.B FAN_MARK_FLUSH
|
2014-05-07 07:14:06 +00:00
|
|
|
Remove either all mount or all non-mount marks from the fanotify group.
|
2014-04-25 05:56:49 +00:00
|
|
|
If
|
2015-01-21 20:40:07 +00:00
|
|
|
.I flags
|
2014-04-25 05:56:49 +00:00
|
|
|
contains
|
|
|
|
.BR FAN_MARK_MOUNT ,
|
|
|
|
all marks for mounts are removed from the group.
|
|
|
|
Otherwise, all marks for directories and files are removed.
|
2014-04-25 10:16:25 +00:00
|
|
|
No flag other than
|
2014-04-25 05:56:49 +00:00
|
|
|
.B FAN_MARK_MOUNT
|
|
|
|
can be used in conjunction with
|
|
|
|
.BR FAN_MARK_FLUSH .
|
|
|
|
.I mask
|
|
|
|
is ignored.
|
|
|
|
.PP
|
2014-05-05 09:45:37 +00:00
|
|
|
If none of the values above is specified, or more than one is specified,
|
|
|
|
the call fails with the error
|
2014-04-25 05:56:49 +00:00
|
|
|
.BR EINVAL .
|
|
|
|
.PP
|
|
|
|
In addition,
|
2014-05-07 07:14:06 +00:00
|
|
|
zero or more of the following values may be ORed into
|
|
|
|
.IR flags :
|
2014-04-25 05:56:49 +00:00
|
|
|
.TP
|
|
|
|
.B FAN_MARK_DONT_FOLLOW
|
|
|
|
If
|
|
|
|
.I pathname
|
|
|
|
is a symbolic link, mark the link itself, rather than the file to which it
|
|
|
|
refers.
|
|
|
|
(By default,
|
|
|
|
.BR fanotify_mark ()
|
|
|
|
dereferences
|
|
|
|
.I pathname
|
|
|
|
if it is a symbolic link.)
|
|
|
|
.TP
|
|
|
|
.B FAN_MARK_ONLYDIR
|
|
|
|
If the filesystem object to be marked is not a directory, the error
|
|
|
|
.B ENOTDIR
|
|
|
|
shall be raised.
|
|
|
|
.TP
|
|
|
|
.B FAN_MARK_MOUNT
|
2014-04-25 10:19:19 +00:00
|
|
|
Mark the mount point specified by
|
|
|
|
.IR pathname .
|
|
|
|
If
|
|
|
|
.I pathname
|
|
|
|
is not itself a mount point, the mount point containing
|
2014-04-25 05:56:49 +00:00
|
|
|
.I pathname
|
|
|
|
will be marked.
|
|
|
|
All directories, subdirectories, and the contained files of the mount point
|
|
|
|
will be monitored.
|
|
|
|
.TP
|
|
|
|
.B FAN_MARK_IGNORED_MASK
|
|
|
|
The events in
|
|
|
|
.I mask
|
|
|
|
shall be added to or removed from the ignore mask.
|
|
|
|
.TP
|
|
|
|
.B FAN_MARK_IGNORED_SURV_MODIFY
|
|
|
|
The ignore mask shall survive modify events.
|
2014-05-05 09:45:37 +00:00
|
|
|
If this flag is not set,
|
|
|
|
the ignore mask is cleared when a modify event occurs
|
2014-04-25 05:56:49 +00:00
|
|
|
for the ignored file or directory.
|
|
|
|
.PP
|
|
|
|
.I mask
|
2014-05-07 07:14:06 +00:00
|
|
|
defines which events shall be listened for (or which shall be ignored).
|
2014-04-25 05:56:49 +00:00
|
|
|
It is a bit mask composed of the following values:
|
|
|
|
.TP
|
|
|
|
.B FAN_ACCESS
|
|
|
|
Create an event when a file or directory (but see BUGS) is accessed (read).
|
|
|
|
.TP
|
|
|
|
.B FAN_MODIFY
|
|
|
|
Create an event when a file is modified (write).
|
|
|
|
.TP
|
|
|
|
.B FAN_CLOSE_WRITE
|
|
|
|
Create an event when a writable file is closed.
|
|
|
|
.TP
|
|
|
|
.B FAN_CLOSE_NOWRITE
|
|
|
|
Create an event when a read-only file or directory is closed.
|
|
|
|
.TP
|
|
|
|
.B FAN_OPEN
|
|
|
|
Create an event when a file or directory is opened.
|
|
|
|
.TP
|
2016-11-08 22:13:38 +00:00
|
|
|
.B FAN_Q_OVERFLOW
|
|
|
|
Create an event when an overflow of the event queue occurs.
|
|
|
|
The size of the event queue is limited to 16384 entries if
|
|
|
|
.B FAN_UNLIMITED_QUEUE
|
|
|
|
is not set in
|
|
|
|
.BR fanotify_init (2).
|
|
|
|
.TP
|
2014-04-25 05:56:49 +00:00
|
|
|
.B FAN_OPEN_PERM
|
|
|
|
Create an event when a permission to open a file or directory is requested.
|
|
|
|
An fanotify file descriptor created with
|
|
|
|
.B FAN_CLASS_PRE_CONTENT
|
|
|
|
or
|
|
|
|
.B FAN_CLASS_CONTENT
|
|
|
|
is required.
|
|
|
|
.TP
|
|
|
|
.B FAN_ACCESS_PERM
|
|
|
|
Create an event when a permission to read a file or directory is requested.
|
|
|
|
An fanotify file descriptor created with
|
|
|
|
.B FAN_CLASS_PRE_CONTENT
|
|
|
|
or
|
|
|
|
.B FAN_CLASS_CONTENT
|
|
|
|
is required.
|
|
|
|
.TP
|
|
|
|
.B FAN_ONDIR
|
2014-05-07 07:14:06 +00:00
|
|
|
Create events for directories\(emfor example, when
|
2014-10-03 06:40:08 +00:00
|
|
|
.BR opendir (3),
|
|
|
|
.BR readdir (3)
|
2014-04-25 05:56:49 +00:00
|
|
|
(but see BUGS), and
|
2014-10-03 06:40:08 +00:00
|
|
|
.BR closedir (3)
|
2014-04-25 05:56:49 +00:00
|
|
|
are called.
|
2014-04-25 10:20:59 +00:00
|
|
|
Without this flag, only events for files are created.
|
2014-04-25 05:56:49 +00:00
|
|
|
.TP
|
|
|
|
.B FAN_EVENT_ON_CHILD
|
|
|
|
Events for the immediate children of marked directories shall be created.
|
|
|
|
The flag has no effect when marking mounts.
|
|
|
|
Note that events are not generated for children of the subdirectories
|
|
|
|
of marked directories.
|
|
|
|
To monitor complete directory trees it is necessary to mark the relevant
|
|
|
|
mount.
|
|
|
|
.PP
|
|
|
|
The following composed value is defined:
|
|
|
|
.TP
|
|
|
|
.B FAN_CLOSE
|
|
|
|
A file is closed
|
|
|
|
.RB ( FAN_CLOSE_WRITE | FAN_CLOSE_NOWRITE ).
|
|
|
|
.PP
|
|
|
|
The filesystem object to be marked is determined by the file descriptor
|
|
|
|
.I dirfd
|
|
|
|
and the pathname specified in
|
|
|
|
.IR pathname :
|
|
|
|
.IP * 3
|
|
|
|
If
|
|
|
|
.I pathname
|
|
|
|
is NULL,
|
|
|
|
.I dirfd
|
|
|
|
defines the filesystem object to be marked.
|
|
|
|
.IP *
|
|
|
|
If
|
|
|
|
.I pathname
|
|
|
|
is NULL, and
|
|
|
|
.I dirfd
|
|
|
|
takes the special value
|
|
|
|
.BR AT_FDCWD ,
|
|
|
|
the current working directory is to be marked.
|
|
|
|
.IP *
|
|
|
|
If
|
|
|
|
.I pathname
|
|
|
|
is absolute, it defines the filesystem object to be marked, and
|
|
|
|
.I dirfd
|
|
|
|
is ignored.
|
|
|
|
.IP *
|
|
|
|
If
|
|
|
|
.I pathname
|
|
|
|
is relative, and
|
|
|
|
.I dirfd
|
|
|
|
does not have the value
|
|
|
|
.BR AT_FDCWD ,
|
|
|
|
then the filesystem object to be marked is determined by interpreting
|
|
|
|
.I pathname
|
|
|
|
relative the directory referred to by
|
|
|
|
.IR dirfd .
|
|
|
|
.IP *
|
|
|
|
If
|
|
|
|
.I pathname
|
|
|
|
is relative, and
|
|
|
|
.I dirfd
|
|
|
|
has the value
|
2014-07-12 16:19:58 +00:00
|
|
|
.BR AT_FDCWD ,
|
2014-04-25 05:56:49 +00:00
|
|
|
then the filesystem object to be marked is determined by interpreting
|
|
|
|
.I pathname
|
|
|
|
relative the current working directory.
|
|
|
|
.SH RETURN VALUE
|
|
|
|
On success,
|
|
|
|
.BR fanotify_mark ()
|
|
|
|
returns 0.
|
2014-04-25 10:27:41 +00:00
|
|
|
On error, \-1 is returned, and
|
2014-04-25 05:56:49 +00:00
|
|
|
.I errno
|
|
|
|
is set to indicate the error.
|
|
|
|
.SH ERRORS
|
|
|
|
.TP
|
|
|
|
.B EBADF
|
|
|
|
An invalid file descriptor was passed in
|
|
|
|
.IR fanotify_fd .
|
|
|
|
.TP
|
|
|
|
.B EINVAL
|
|
|
|
An invalid value was passed in
|
|
|
|
.IR flags
|
|
|
|
or
|
|
|
|
.IR mask ,
|
|
|
|
or
|
|
|
|
.I fanotify_fd
|
|
|
|
was not an fanotify file descriptor.
|
|
|
|
.TP
|
|
|
|
.B EINVAL
|
|
|
|
The fanotify file descriptor was opened with
|
|
|
|
.B FAN_CLASS_NOTIF
|
|
|
|
and mask contains a flag for permission events
|
|
|
|
.RB ( FAN_OPEN_PERM
|
|
|
|
or
|
|
|
|
.BR FAN_ACCESS_PERM ).
|
|
|
|
.TP
|
|
|
|
.B ENOENT
|
|
|
|
The filesystem object indicated by
|
|
|
|
.IR dirfd
|
|
|
|
and
|
|
|
|
.IR pathname
|
|
|
|
does not exist.
|
2014-05-05 09:45:37 +00:00
|
|
|
This error also occurs when trying to remove a mark from an object
|
|
|
|
which is not marked.
|
2014-04-25 05:56:49 +00:00
|
|
|
.TP
|
|
|
|
.B ENOMEM
|
|
|
|
The necessary memory could not be allocated.
|
|
|
|
.TP
|
|
|
|
.B ENOSPC
|
2014-05-07 07:14:06 +00:00
|
|
|
The number of marks exceeds the limit of 8192 and the
|
2014-04-25 05:56:49 +00:00
|
|
|
.B FAN_UNLIMITED_MARKS
|
2014-05-07 07:14:06 +00:00
|
|
|
flag was not specified when the fanotify file descriptor was created with
|
2014-04-25 05:56:49 +00:00
|
|
|
.BR fanotify_init (2).
|
|
|
|
.TP
|
2014-05-01 05:48:40 +00:00
|
|
|
.B ENOSYS
|
|
|
|
This kernel does not implement
|
2014-05-08 09:04:30 +00:00
|
|
|
.BR fanotify_mark ().
|
2014-05-07 07:14:06 +00:00
|
|
|
The fanotify API is available only if the kernel was configured with
|
|
|
|
.BR CONFIG_FANOTIFY .
|
2014-05-01 05:48:40 +00:00
|
|
|
.TP
|
2014-04-25 05:56:49 +00:00
|
|
|
.B ENOTDIR
|
|
|
|
.I flags
|
|
|
|
contains
|
|
|
|
.BR FAN_MARK_ONLYDIR ,
|
|
|
|
and
|
|
|
|
.I dirfd
|
|
|
|
and
|
|
|
|
.I pathname
|
|
|
|
do not specify a directory.
|
|
|
|
.SH VERSIONS
|
|
|
|
.BR fanotify_mark ()
|
|
|
|
was introduced in version 2.6.36 of the Linux kernel and enabled in version
|
|
|
|
2.6.37.
|
|
|
|
.SH CONFORMING TO
|
|
|
|
This system call is Linux-specific.
|
|
|
|
.SH BUGS
|
2014-09-29 14:20:59 +00:00
|
|
|
The following bugs were present in Linux kernels before version 3.16:
|
2014-04-25 05:56:49 +00:00
|
|
|
.IP * 3
|
2014-09-29 14:20:59 +00:00
|
|
|
.\" Fixed by commit 0a8dd2db579f7a0ac7033d6b857c3d5dbaa77563
|
2014-04-25 05:56:49 +00:00
|
|
|
If
|
|
|
|
.I flags
|
|
|
|
contains
|
|
|
|
.BR FAN_MARK_FLUSH ,
|
2014-05-01 20:05:38 +00:00
|
|
|
.I dirfd
|
2014-04-25 05:56:49 +00:00
|
|
|
and
|
|
|
|
.I pathname
|
2014-05-01 20:06:14 +00:00
|
|
|
must specify a valid filesystem object, even though this object is not used.
|
2014-04-25 05:56:49 +00:00
|
|
|
.IP *
|
2014-09-29 14:20:59 +00:00
|
|
|
.\" Fixed by commit d4c7cf6cffb1bc711a833b5e304ba5bcfe76398b
|
2014-04-25 05:56:49 +00:00
|
|
|
.BR readdir (2)
|
2014-05-01 20:06:40 +00:00
|
|
|
does not generate a
|
2014-04-25 05:56:49 +00:00
|
|
|
.B FAN_ACCESS
|
|
|
|
event.
|
|
|
|
.IP *
|
2014-09-29 14:20:59 +00:00
|
|
|
.\" Fixed by commit cc299a98eb13a9853675a9cbb90b30b4011e1406
|
2014-04-25 05:56:49 +00:00
|
|
|
If
|
arch_prctl.2, execveat.2, fanotify_mark.2, fcntl.2, fork.2, madvise.2, mknod.2, mmap.2, modify_ldt.2, mount.2, open.2, prctl.2, ptrace.2, restart_syscall.2, seccomp.2, semop.2, set_thread_area.2, symlink.2, umount.2, unlink.2, error.3, getnetent.3, getprotoent.3, getservent.3, getutent.3, glob.3, login.3, setjmp.3, setnetgrent.3, wordexp.3, epoll.7: Remove section number from page self reference
Fix places where pages refer to the function that they describe
and include a section number in that reference. Such references
cause some HTML-rendering tools to create self-references in the
page.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-08-07 16:40:35 +00:00
|
|
|
.BR fanotify_mark ()
|
2014-04-25 05:56:49 +00:00
|
|
|
is called with
|
2014-06-08 14:47:51 +00:00
|
|
|
.BR FAN_MARK_FLUSH ,
|
2014-04-25 05:56:49 +00:00
|
|
|
.I flags
|
|
|
|
is not checked for invalid values.
|
|
|
|
.SH SEE ALSO
|
|
|
|
.BR fanotify_init (2),
|
|
|
|
.BR fanotify (7)
|