2020-08-25 11:40:55 +00:00
|
|
|
\" Copyright (C) 2013, Heinrich Schuchardt <xypron.glpk@gmx.de>
|
2014-04-25 05:56:02 +00:00
|
|
|
.\"
|
|
|
|
.\" %%%LICENSE_START(VERBATIM)
|
|
|
|
.\" Permission is granted to make and distribute verbatim copies of this
|
|
|
|
.\" manual provided the copyright notice and this permission notice are
|
|
|
|
.\" preserved on all copies.
|
|
|
|
.\"
|
|
|
|
.\" Permission is granted to copy and distribute modified versions of
|
|
|
|
.\" this manual under the conditions for verbatim copying, provided that
|
|
|
|
.\" the entire resulting derived work is distributed under the terms of
|
|
|
|
.\" a permission notice identical to this one.
|
|
|
|
.\"
|
|
|
|
.\" Since the Linux kernel and libraries are constantly changing, this
|
|
|
|
.\" manual page may be incorrect or out-of-date. The author(s) assume.
|
|
|
|
.\" no responsibility for errors or omissions, or for damages resulting.
|
|
|
|
.\" from the use of the information contained herein. The author(s) may.
|
|
|
|
.\" not have taken the same level of care in the production of this.
|
|
|
|
.\" manual, which is licensed free of charge, as they might when working.
|
|
|
|
.\" professionally.
|
|
|
|
.\"
|
|
|
|
.\" Formatted or processed versions of this manual, if unaccompanied by
|
|
|
|
.\" the source, must acknowledge the copyright and authors of this work.
|
|
|
|
.\" %%%LICENSE_END
|
getent.1, ldd.1, locale.1, localedef.1, memusage.1, memusagestat.1, mtrace.1, _exit.2, _syscall.2, accept.2, access.2, acct.2, add_key.2, adjtimex.2, alloc_hugepages.2, arch_prctl.2, bdflush.2, bind.2, bpf.2, brk.2, cacheflush.2, capget.2, chdir.2, chmod.2, chown.2, chroot.2, clock_getres.2, clock_nanosleep.2, clone.2, close.2, close_range.2, connect.2, copy_file_range.2, create_module.2, delete_module.2, dup.2, epoll_create.2, epoll_ctl.2, epoll_wait.2, eventfd.2, execve.2, execveat.2, fanotify_init.2, fanotify_mark.2, fcntl.2, flock.2, fork.2, fsync.2, futex.2, get_kernel_syms.2, get_mempolicy.2, get_robust_list.2, getcpu.2, getdents.2, getdomainname.2, getgid.2, getgroups.2, gethostname.2, getitimer.2, getpagesize.2, getpeername.2, getpid.2, getpriority.2, getrandom.2, getresuid.2, getrlimit.2, getrusage.2, getsid.2, getsockname.2, getsockopt.2, gettid.2, gettimeofday.2, getuid.2, getunwind.2, getxattr.2, idle.2, init_module.2, inotify_add_watch.2, inotify_rm_watch.2, io_cancel.2, io_destroy.2, io_getevents.2, io_setup.2, io_submit.2, ioctl.2, ioctl_console.2, ioctl_fat.2, ioctl_ficlonerange.2, ioctl_fideduperange.2, ioctl_fslabel.2, ioctl_getfsmap.2, ioctl_ns.2, ioctl_tty.2, ioctl_userfaultfd.2, ioperm.2, iopl.2, ipc.2, kcmp.2, kexec_load.2, keyctl.2, kill.2, link.2, listen.2, listxattr.2, llseek.2, lookup_dcookie.2, lseek.2, madvise.2, mbind.2, membarrier.2, memfd_create.2, migrate_pages.2, mincore.2, mkdir.2, mknod.2, mlock.2, mmap.2, mmap2.2, modify_ldt.2, mount.2, move_pages.2, mprotect.2, mq_getsetattr.2, mremap.2, msgctl.2, msgget.2, msgop.2, msync.2, nanosleep.2, nfsservctl.2, nice.2, open.2, open_by_handle_at.2, openat2.2, pause.2, pciconfig_read.2, perf_event_open.2, perfmonctl.2, personality.2, pidfd_getfd.2, pidfd_open.2, pidfd_send_signal.2, pipe.2, pivot_root.2, pkey_alloc.2, poll.2, posix_fadvise.2, prctl.2, pread.2, process_vm_readv.2, ptrace.2, query_module.2, quotactl.2, read.2, readahead.2, readdir.2, readlink.2, readv.2, reboot.2, recv.2, remap_file_pages.2, removexattr.2, rename.2, request_key.2, restart_syscall.2, rmdir.2, rt_sigqueueinfo.2, s390_guarded_storage.2, s390_pci_mmio_write.2, s390_runtime_instr.2, s390_sthyi.2, sched_get_priority_max.2, sched_rr_get_interval.2, sched_setaffinity.2, sched_setattr.2, sched_setparam.2, sched_setscheduler.2, sched_yield.2, seccomp.2, select.2, select_tut.2, semctl.2, semget.2, semop.2, send.2, sendfile.2, set_thread_area.2, seteuid.2, setfsgid.2, setfsuid.2, setgid.2, setpgid.2, setresuid.2, setreuid.2, setsid.2, setuid.2, setup.2, setxattr.2, sgetmask.2, shmctl.2, shmget.2, shmop.2, shutdown.2, sigaction.2, sigaltstack.2, signal.2, signalfd.2, sigpending.2, sigprocmask.2, sigreturn.2, sigsuspend.2, sigwaitinfo.2, socket.2, socketcall.2, socketpair.2, splice.2, spu_create.2, spu_run.2, stat.2, statfs.2, statx.2, stime.2, subpage_prot.2, swapon.2, symlink.2, sync.2, sync_file_range.2, syscall.2, syscalls.2, sysctl.2, sysfs.2, sysinfo.2, syslog.2, time.2, timer_create.2, timer_delete.2, timer_getoverrun.2, timer_settime.2, timerfd_create.2, times.2, tkill.2, truncate.2, umask.2, umount.2, uname.2, unimplemented.2, unlink.2, unshare.2, uselib.2, userfaultfd.2, ustat.2, utime.2, utimensat.2, vfork.2, vhangup.2, vm86.2, vmsplice.2, wait.2, wait4.2, write.2, CPU_SET.3, __ppc_get_timebase.3, __ppc_set_ppr_med.3, __ppc_yield.3, __setfpucw.3, a64l.3, abort.3, abs.3, acos.3, acosh.3, addseverity.3, adjtime.3, aio_cancel.3, aio_error.3, aio_fsync.3, aio_read.3, aio_return.3, aio_suspend.3, aio_write.3, alloca.3, argz_add.3, asin.3, asinh.3, asprintf.3, assert.3, assert_perror.3, atan.3, atan2.3, atanh.3, atexit.3, atof.3, atoi.3, backtrace.3, basename.3, bcmp.3, bcopy.3, bindresvport.3, bsd_signal.3, bsearch.3, bstring.3, btowc.3, byteorder.3, bzero.3, cabs.3, cacos.3, cacosh.3, canonicalize_file_name.3, carg.3, casin.3, casinh.3, catan.3, catanh.3, catgets.3, catopen.3, cbrt.3, ccos.3, ccosh.3, ceil.3, cexp.3, cexp2.3, cfree.3, cimag.3, circleq.3, clearenv.3, clock.3, clock_getcpuclockid.3, clog.3, clog10.3, clog2.3, closedir.3, cmsg.3, confstr.3, conj.3, copysign.3, cos.3, cosh.3, cpow.3, cproj.3, creal.3, crypt.3, csin.3, csinh.3, csqrt.3, ctan.3, ctanh.3, ctermid.3, ctime.3, daemon.3, des_crypt.3, difftime.3, dirfd.3, div.3, dl_iterate_phdr.3, dladdr.3, dlerror.3, dlinfo.3, dlopen.3, dlsym.3, drand48.3, drand48_r.3, duplocale.3, dysize.3, ecvt.3, ecvt_r.3, encrypt.3, endian.3, envz_add.3, erf.3, erfc.3, err.3, errno.3, error.3, ether_aton.3, euidaccess.3, exec.3, exit.3, exp.3, exp10.3, exp2.3, expm1.3, fabs.3, fclose.3, fcloseall.3, fdim.3, fenv.3, ferror.3, fexecve.3, fflush.3, ffs.3, fgetc.3, fgetgrent.3, fgetpwent.3, fgetwc.3, fgetws.3, fileno.3, finite.3, flockfile.3, floor.3, fma.3, fmax.3, fmemopen.3, fmin.3, fmod.3, fmtmsg.3, fnmatch.3, fopen.3, fopencookie.3, fpathconf.3, fpclassify.3, fpurge.3, fputwc.3, fputws.3, fread.3, frexp.3, fseek.3, fseeko.3, ftime.3, ftok.3, fts.3, ftw.3, futimes.3, fwide.3, gamma.3, gcvt.3, get_nprocs_conf.3, get_phys_pages.3, getaddrinfo.3, getaddrinfo_a.3, getauxval.3, getcontext.3, getcwd.3, getdate.3, getdirentries.3, getdtablesize.3, getentropy.3, getenv.3, getfsent.3, getgrent.3, getgrent_r.3, getgrnam.3, getgrouplist.3, gethostbyname.3, gethostid.3, getifaddrs.3, getipnodebyname.3, getline.3, getloadavg.3, getlogin.3, getmntent.3, getnameinfo.3, getnetent.3, getnetent_r.3, getopt.3, getpass.3, getprotoent.3, getprotoent_r.3, getpt.3, getpw.3, getpwent.3, getpwent_r.3, getpwnam.3, getrpcent.3, getrpcent_r.3, getrpcport.3, gets.3, getservent.3, getservent_r.3, getspnam.3, getsubopt.3, getttyent.3, getumask.3, getusershell.3, getutent.3, getutmp.3, getw.3, getwchar.3, glob.3, gnu_get_libc_version.3, grantpt.3, group_member.3, gsignal.3, hsearch.3, hypot.3, iconv.3, iconv_close.3, iconv_open.3, if_nameindex.3, if_nametoindex.3, ilogb.3, index.3, inet.3, inet_net_pton.3, inet_ntop.3, inet_pton.3, initgroups.3, insque.3, isalpha.3, isatty.3, isfdtype.3, isgreater.3, iswalnum.3, iswalpha.3, iswblank.3, iswcntrl.3, iswctype.3, iswdigit.3, iswgraph.3, iswlower.3, iswprint.3, iswpunct.3, iswspace.3, iswupper.3, iswxdigit.3, j0.3, key_setsecret.3, killpg.3, ldexp.3, lgamma.3, lio_listio.3, list.3, localeconv.3, lockf.3, log.3, log10.3, log1p.3, log2.3, logb.3, login.3, lrint.3, lround.3, lsearch.3, lseek64.3, makecontext.3, makedev.3, mallinfo.3, malloc.3, malloc_get_state.3, malloc_hook.3, malloc_info.3, malloc_stats.3, malloc_trim.3, malloc_usable_size.3, mallopt.3, matherr.3, mblen.3, mbrlen.3, mbrtowc.3, mbsinit.3, mbsnrtowcs.3, mbsrtowcs.3, mbstowcs.3, mbtowc.3, mcheck.3, memccpy.3, memchr.3, memcmp.3, memcpy.3, memfrob.3, memmem.3, memmove.3, mempcpy.3, memset.3, mkdtemp.3, mkfifo.3, mkstemp.3, mktemp.3, modf.3, mpool.3, mq_close.3, mq_getattr.3, mq_notify.3, mq_open.3, mq_receive.3, mq_send.3, mq_unlink.3, mtrace.3, nan.3, newlocale.3, nextafter.3, nextup.3, nl_langinfo.3, ntp_gettime.3, on_exit.3, open_memstream.3, opendir.3, openpty.3, perror.3, popen.3, posix_fallocate.3, posix_madvise.3, posix_memalign.3, posix_openpt.3, posix_spawn.3, pow.3, pow10.3, printf.3, profil.3, psignal.3, pthread_attr_init.3, pthread_attr_setaffinity_np.3, pthread_attr_setdetachstate.3, pthread_attr_setguardsize.3, pthread_attr_setinheritsched.3, pthread_attr_setschedparam.3, pthread_attr_setschedpolicy.3, pthread_attr_setscope.3, pthread_attr_setsigmask_np.3, pthread_attr_setstack.3, pthread_attr_setstackaddr.3, pthread_attr_setstacksize.3, pthread_cancel.3, pthread_cleanup_push.3, pthread_cleanup_push_defer_np.3, pthread_create.3, pthread_detach.3, pthread_equal.3, pthread_exit.3, pthread_getattr_default_np.3, pthread_getattr_np.3, pthread_getcpuclockid.3, pthread_join.3, pthread_kill.3, pthread_kill_other_threads_np.3, pthread_mutex_consistent.3, pthread_mutexattr_getpshared.3, pthread_mutexattr_setrobust.3, pthread_rwlockattr_setkind_np.3, pthread_self.3, pthread_setaffinity_np.3, pthread_setcancelstate.3, pthread_setconcurrency.3, pthread_setname_np.3, pthread_setschedparam.3, pthread_setschedprio.3, pthread_sigmask.3, pthread_sigqueue.3, pthread_spin_init.3, pthread_spin_lock.3, pthread_testcancel.3, pthread_tryjoin_np.3, pthread_yield.3, ptsname.3, putenv.3, putgrent.3, putpwent.3, puts.3, putwchar.3, qecvt.3, qsort.3, raise.3, rand.3, random.3, random_r.3, rcmd.3, re_comp.3, readdir.3, readdir_r.3, realpath.3, regex.3, remainder.3, remove.3, remquo.3, resolver.3, rewinddir.3, rexec.3, rint.3, round.3, rpc.3, rpmatch.3, rtime.3, rtnetlink.3, scalb.3, scalbln.3, scandir.3, scanf.3, sched_getcpu.3, seekdir.3, sem_close.3, sem_destroy.3, sem_getvalue.3, sem_init.3, sem_open.3, sem_post.3, sem_unlink.3, sem_wait.3, setaliasent.3, setbuf.3, setenv.3, setjmp.3, setlocale.3, setlogmask.3, setnetgrent.3, shm_open.3, siginterrupt.3, signbit.3, significand.3, sigpause.3, sigqueue.3, sigset.3, sigsetops.3, sigvec.3, sigwait.3, sin.3, sincos.3, sinh.3, sleep.3, slist.3, sockatmark.3, sqrt.3, stailq.3, statvfs.3, stdarg.3, stdio.3, stdio_ext.3, stpcpy.3, stpncpy.3, strcasecmp.3, strcat.3, strchr.3, strcmp.3, strcoll.3, strcpy.3, strdup.3, strerror.3, strfmon.3, strfromd.3, strfry.3, strftime.3, string.3, strlen.3, strnlen.3, strpbrk.3, strptime.3, strsep.3, strsignal.3, strspn.3, strstr.3, strtod.3, strtoimax.3, strtok.3, strtol.3, strtoul.3, strverscmp.3, strxfrm.3, swab.3, sysconf.3, syslog.3, system.3, sysv_signal.3, tailq.3, tan.3, tanh.3, tcgetpgrp.3, tcgetsid.3, telldir.3, tempnam.3, termios.3, tgamma.3, timegm.3, timeradd.3, tmpfile.3, tmpnam.3, toascii.3, toupper.3, towctrans.3, towlower.3, towupper.3, trunc.3, tsearch.3, ttyname.3, ttyslot.3, tzset.3, ualarm.3, ulimit.3, undocumented.3, ungetwc.3, unlocked_stdio.3, unlockpt.3, updwtmp.3, uselocale.3, usleep.3, wcpcpy.3, wcpncpy.3, wcrtomb.3, wcscasecmp.3, wcscat.3, wcschr.3, wcscmp.3, wcscpy.3, wcscspn.3, wcsdup.3, wcslen.3, wcsncasecmp.3, wcsncat.3, wcsncmp.3, wcsncpy.3, wcsnlen.3, wcsnrtombs.3, wcspbrk.3, wcsrchr.3, wcsrtombs.3, wcsspn.3, wcsstr.3, wcstoimax.3, wcstok.3, wcstombs.3, wcswidth.3, wctob.3, wctomb.3, wctrans.3, wctype.3, wcwidth.3, wmemchr.3, wmemcmp.3, wmemcpy.3, wmemmove.3, wmemset.3, wordexp.3, wprintf.3, xcrypt.3, xdr.3, y0.3, cciss.4, console_codes.4, dsp56k.4, hpsa.4, initrd.4, loop.4, lp.4, msr.4, random.4, rtc.4, smartpqi.4, veth.4, wavelan.4, acct.5, core.5, elf.5, hosts.5, locale.5, proc.5, resolv.conf.5, rpc.5, slabinfo.5, sysfs.5, tmpfs.5, utmp.5, address_families.7, aio.7, attributes.7, bootparam.7, capabilities.7, cgroups.7, complex.7, ddp.7, environ.7, epoll.7, fanotify.7, feature_test_macros.7, hier.7, inode.7, inotify.7, ip.7, ipv6.7, keyrings.7, locale.7, man-pages.7, man.7, math_error.7, mount_namespaces.7, namespaces.7, netdevice.7, netlink.7, numa.7, packet.7, pkeys.7, pthreads.7, queue.7, raw.7, rtnetlink.7, sched.7, session-keyring.7, shm_overview.7, sigevent.7, signal-safety.7, signal.7, sock_diag.7, socket.7, spufs.7, symlink.7, system_data_types.7, tcp.7, time_namespaces.7, udp.7, udplite.7, unicode.7, unix.7, uri.7, user_namespaces.7, vdso.7, vsock.7, x25.7, iconvconfig.8, ld.so.8, ldconfig.8, sln.8, tzselect.8: tstamp
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2021-03-21 23:15:34 +00:00
|
|
|
.TH FANOTIFY_INIT 2 2021-03-22 "Linux" "Linux Programmer's Manual"
|
2014-04-25 05:56:02 +00:00
|
|
|
.SH NAME
|
|
|
|
fanotify_init \- create and initialize fanotify group
|
|
|
|
.SH SYNOPSIS
|
2021-01-03 11:49:03 +00:00
|
|
|
.nf
|
2021-04-04 11:58:30 +00:00
|
|
|
.BR "#include <fcntl.h>" " /* Definition of " O_* " constants */"
|
2014-04-25 05:56:02 +00:00
|
|
|
.B #include <sys/fanotify.h>
|
2017-08-15 14:42:13 +00:00
|
|
|
.PP
|
2014-04-25 05:56:02 +00:00
|
|
|
.BI "int fanotify_init(unsigned int " flags ", unsigned int " event_f_flags );
|
2021-01-03 11:49:03 +00:00
|
|
|
.fi
|
2014-04-25 05:56:02 +00:00
|
|
|
.SH DESCRIPTION
|
|
|
|
For an overview of the fanotify API, see
|
|
|
|
.BR fanotify (7).
|
|
|
|
.PP
|
|
|
|
.BR fanotify_init ()
|
|
|
|
initializes a new fanotify group and returns a file descriptor for the event
|
|
|
|
queue associated with the group.
|
|
|
|
.PP
|
|
|
|
The file descriptor is used in calls to
|
|
|
|
.BR fanotify_mark (2)
|
2021-01-09 10:14:08 +00:00
|
|
|
to specify the files, directories, mounts, or filesystems for which fanotify
|
2019-06-06 09:48:02 +00:00
|
|
|
events shall be created.
|
2014-04-25 05:56:02 +00:00
|
|
|
These events are received by reading from the file descriptor.
|
|
|
|
Some events are only informative, indicating that a file has been accessed.
|
2014-04-25 10:01:06 +00:00
|
|
|
Other events can be used to determine whether
|
|
|
|
another application is permitted to access a file or directory.
|
2014-04-25 05:56:02 +00:00
|
|
|
Permission to access filesystem objects is granted by writing to the file
|
|
|
|
descriptor.
|
|
|
|
.PP
|
|
|
|
Multiple programs may be using the fanotify interface at the same time to
|
|
|
|
monitor the same files.
|
|
|
|
.PP
|
|
|
|
In the current implementation, the number of fanotify groups per user is
|
|
|
|
limited to 128.
|
|
|
|
This limit cannot be overridden.
|
|
|
|
.PP
|
|
|
|
Calling
|
|
|
|
.BR fanotify_init ()
|
|
|
|
requires the
|
|
|
|
.B CAP_SYS_ADMIN
|
|
|
|
capability.
|
|
|
|
This constraint might be relaxed in future versions of the API.
|
2014-04-25 10:02:32 +00:00
|
|
|
Therefore, certain additional capability checks have been implemented as
|
2014-04-25 05:56:02 +00:00
|
|
|
indicated below.
|
|
|
|
.PP
|
|
|
|
The
|
|
|
|
.I flags
|
|
|
|
argument contains a multi-bit field defining the notification class of the
|
2014-05-05 09:45:37 +00:00
|
|
|
listening application and further single bit fields specifying the behavior
|
|
|
|
of the file descriptor.
|
2014-04-25 05:56:02 +00:00
|
|
|
.PP
|
2014-05-05 09:45:37 +00:00
|
|
|
If multiple listeners for permission events exist,
|
|
|
|
the notification class is used to establish the sequence
|
|
|
|
in which the listeners receive the events.
|
2014-04-25 05:56:02 +00:00
|
|
|
.PP
|
2014-04-25 10:03:11 +00:00
|
|
|
Only one of the following notification classes may be specified in
|
|
|
|
.IR flags :
|
2014-04-25 05:56:02 +00:00
|
|
|
.TP
|
|
|
|
.B FAN_CLASS_PRE_CONTENT
|
|
|
|
This value allows the receipt of events notifying that a file has been
|
|
|
|
accessed and events for permission decisions if a file may be accessed.
|
|
|
|
It is intended for event listeners that need to access files before they
|
|
|
|
contain their final data.
|
2014-05-05 09:45:37 +00:00
|
|
|
This notification class might be used by hierarchical storage managers,
|
|
|
|
for example.
|
2014-04-25 05:56:02 +00:00
|
|
|
.TP
|
|
|
|
.B FAN_CLASS_CONTENT
|
|
|
|
This value allows the receipt of events notifying that a file has been
|
|
|
|
accessed and events for permission decisions if a file may be accessed.
|
2014-05-05 09:45:37 +00:00
|
|
|
It is intended for event listeners that need to access files when they
|
|
|
|
already contain their final content.
|
2014-04-25 05:56:02 +00:00
|
|
|
This notification class might be used by malware detection programs, for
|
|
|
|
example.
|
|
|
|
.TP
|
|
|
|
.B FAN_CLASS_NOTIF
|
|
|
|
This is the default value.
|
|
|
|
It does not need to be specified.
|
|
|
|
This value only allows the receipt of events notifying that a file has been
|
|
|
|
accessed.
|
|
|
|
Permission decisions before the file is accessed are not possible.
|
|
|
|
.PP
|
|
|
|
Listeners with different notification classes will receive events in the
|
2014-04-25 10:04:49 +00:00
|
|
|
order
|
2014-04-25 05:56:02 +00:00
|
|
|
.BR FAN_CLASS_PRE_CONTENT ,
|
|
|
|
.BR FAN_CLASS_CONTENT ,
|
|
|
|
.BR FAN_CLASS_NOTIF .
|
2014-05-07 06:55:36 +00:00
|
|
|
The order of notification for listeners in the same notification class
|
|
|
|
is undefined.
|
2014-04-25 05:56:02 +00:00
|
|
|
.PP
|
2014-05-07 06:55:36 +00:00
|
|
|
The following bits can additionally be set in
|
2014-04-25 05:56:02 +00:00
|
|
|
.IR flags :
|
|
|
|
.TP
|
|
|
|
.B FAN_CLOEXEC
|
2014-05-07 06:55:36 +00:00
|
|
|
Set the close-on-exec flag
|
2014-04-25 05:56:02 +00:00
|
|
|
.RB ( FD_CLOEXEC )
|
|
|
|
on the new file descriptor.
|
|
|
|
See the description of the
|
|
|
|
.B O_CLOEXEC
|
|
|
|
flag in
|
|
|
|
.BR open (2).
|
|
|
|
.TP
|
|
|
|
.B FAN_NONBLOCK
|
2014-05-07 06:55:36 +00:00
|
|
|
Enable the nonblocking flag
|
2014-04-25 05:56:02 +00:00
|
|
|
.RB ( O_NONBLOCK )
|
|
|
|
for the file descriptor.
|
|
|
|
Reading from the file descriptor will not block.
|
2014-04-25 10:05:48 +00:00
|
|
|
Instead, if no data is available,
|
2014-04-25 05:56:02 +00:00
|
|
|
.BR read (2)
|
capget.2, fanotify_init.2, fcntl.2, ioctl_tty.2, madvise.2, mbind.2, prctl.2, sched_setaffinity.2, hash.3, isgreater.3, posix_fallocate.3, sigvec.3, full.4, sd.4, wavelan.4, core.5, host.conf.5, epoll.7, signal.7, unix.7, user_namespaces.7: wfix (will fail --> fail/fails)
Reported-by: Pedro Alves <palves@redhat.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-10-20 10:36:42 +00:00
|
|
|
fails with the error
|
2014-04-25 10:05:48 +00:00
|
|
|
.BR EAGAIN .
|
2014-04-25 05:56:02 +00:00
|
|
|
.TP
|
|
|
|
.B FAN_UNLIMITED_QUEUE
|
2014-05-07 06:55:36 +00:00
|
|
|
Remove the limit of 16384 events for the event queue.
|
|
|
|
Use of this flag requires the
|
2014-04-25 05:56:02 +00:00
|
|
|
.B CAP_SYS_ADMIN
|
|
|
|
capability.
|
|
|
|
.TP
|
|
|
|
.B FAN_UNLIMITED_MARKS
|
2014-05-07 06:55:36 +00:00
|
|
|
Remove the limit of 8192 marks.
|
|
|
|
Use of this flag requires the
|
2014-04-25 05:56:02 +00:00
|
|
|
.B CAP_SYS_ADMIN
|
|
|
|
capability.
|
2018-11-17 16:32:10 +00:00
|
|
|
.TP
|
|
|
|
.BR FAN_REPORT_TID " (since Linux 4.20)"
|
|
|
|
.\" commit d0a6a87e40da49cfc7954c491d3065a25a641b29
|
2019-02-26 16:25:36 +00:00
|
|
|
Report thread ID (TID) instead of process ID (PID)
|
|
|
|
in the
|
|
|
|
.I pid
|
|
|
|
field of the
|
|
|
|
.I "struct fanotify_event_metadata"
|
|
|
|
supplied to
|
|
|
|
.BR read (2)
|
|
|
|
(see
|
|
|
|
.BR fanotify (7)).
|
2020-05-29 09:25:29 +00:00
|
|
|
.TP
|
2020-12-02 15:43:54 +00:00
|
|
|
.BR FAN_ENABLE_AUDIT " (since Linux 4.15)"
|
|
|
|
.\" commit de8cd83e91bc3ee212b3e6ec6e4283af9e4ab269
|
|
|
|
Enable generation of audit log records about access mediation performed by
|
2021-01-04 13:26:08 +00:00
|
|
|
permission events.
|
|
|
|
The permission event response has to be marked with the
|
2020-12-02 15:43:54 +00:00
|
|
|
.B FAN_AUDIT
|
2021-01-04 13:26:08 +00:00
|
|
|
flag for an audit log record to be generated.
|
2020-12-02 15:43:54 +00:00
|
|
|
.TP
|
2020-05-29 09:25:29 +00:00
|
|
|
.BR FAN_REPORT_FID " (since Linux 5.1)"
|
|
|
|
.\" commit a8b13aa20afb69161b5123b4f1acc7ea0a03d360
|
|
|
|
This value allows the receipt of events which contain additional information
|
|
|
|
about the underlying filesystem object correlated to an event.
|
2020-08-25 11:40:54 +00:00
|
|
|
An additional record of type
|
|
|
|
.BR FAN_EVENT_INFO_TYPE_FID
|
|
|
|
encapsulates the information about the object and is included alongside the
|
|
|
|
generic event metadata structure.
|
2020-05-29 09:25:29 +00:00
|
|
|
The file descriptor that is used to represent the object correlated to an
|
|
|
|
event is instead substituted with a file handle.
|
|
|
|
It is intended for applications that may find the use of a file handle to
|
|
|
|
identify an object more suitable than a file descriptor.
|
2020-08-25 11:40:54 +00:00
|
|
|
Additionally, it may be used for applications monitoring a directory or a
|
|
|
|
filesystem that are interested in the directory entry modification events
|
2020-05-29 09:25:29 +00:00
|
|
|
.BR FAN_CREATE ,
|
2020-08-25 11:40:54 +00:00
|
|
|
.BR FAN_DELETE ,
|
|
|
|
and
|
2020-05-29 09:25:29 +00:00
|
|
|
.BR FAN_MOVE ,
|
2020-08-25 11:40:54 +00:00
|
|
|
or in events such as
|
|
|
|
.BR FAN_ATTRIB ,
|
|
|
|
.BR FAN_DELETE_SELF ,
|
2020-05-29 09:25:29 +00:00
|
|
|
and
|
2020-08-25 11:40:54 +00:00
|
|
|
.BR FAN_MOVE_SELF .
|
|
|
|
All the events above require an fanotify group that identifies filesystem
|
|
|
|
objects by file handles.
|
|
|
|
Note that for the directory entry modification events the reported file handle
|
|
|
|
identifies the modified directory and not the created/deleted/moved child
|
|
|
|
object.
|
2020-05-29 09:25:29 +00:00
|
|
|
The use of
|
|
|
|
.BR FAN_CLASS_CONTENT
|
|
|
|
or
|
|
|
|
.BR FAN_CLASS_PRE_CONTENT
|
|
|
|
is not permitted with this flag and will result in the error
|
|
|
|
.BR EINVAL .
|
|
|
|
See
|
|
|
|
.BR fanotify (7)
|
2020-08-25 11:40:55 +00:00
|
|
|
for additional details.
|
|
|
|
.TP
|
|
|
|
.BR FAN_REPORT_DIR_FID " (since Linux 5.9)"
|
|
|
|
Events for fanotify groups initialized with this flag will contain
|
|
|
|
(see exceptions below) additional information about a directory object
|
|
|
|
correlated to an event.
|
|
|
|
An additional record of type
|
|
|
|
.BR FAN_EVENT_INFO_TYPE_DFID
|
|
|
|
encapsulates the information about the directory object and is included
|
|
|
|
alongside the generic event metadata structure.
|
|
|
|
For events that occur on a non-directory object, the additional structure
|
|
|
|
includes a file handle that identifies the parent directory filesystem object.
|
|
|
|
Note that there is no guarantee that the directory filesystem object will be
|
|
|
|
found at the location described by the file handle information at the time
|
|
|
|
the event is received.
|
|
|
|
When combined with the flag
|
|
|
|
.BR FAN_REPORT_FID ,
|
|
|
|
two records may be reported with events that occur on a non-directory object,
|
|
|
|
one to identify the non-directory object itself and one to identify the parent
|
|
|
|
directory object.
|
|
|
|
Note that in some cases, a filesystem object does not have a parent,
|
|
|
|
for example, when an event occurs on an unlinked but open file.
|
|
|
|
In that case, with the
|
|
|
|
.BR FAN_REPORT_FID
|
|
|
|
flag, the event will be reported with only one record to identify the
|
|
|
|
non-directory object itself, because there is no directory associated with
|
2020-08-28 12:18:05 +00:00
|
|
|
the event.
|
|
|
|
Without the
|
2020-08-25 11:40:55 +00:00
|
|
|
.BR FAN_REPORT_FID
|
|
|
|
flag, no event will be reported.
|
|
|
|
See
|
|
|
|
.BR fanotify (7)
|
|
|
|
for additional details.
|
2020-08-25 11:40:56 +00:00
|
|
|
.TP
|
|
|
|
.BR FAN_REPORT_NAME " (since Linux 5.9)"
|
|
|
|
Events for fanotify groups initialized with this flag will contain additional
|
|
|
|
information about the name of the directory entry correlated to an event.
|
|
|
|
This flag must be provided in conjunction with the flag
|
|
|
|
.BR FAN_REPORT_DIR_FID .
|
|
|
|
Providing this flag value without
|
|
|
|
.BR FAN_REPORT_DIR_FID
|
|
|
|
will result in the error
|
|
|
|
.BR EINVAL .
|
|
|
|
This flag may be combined with the flag
|
|
|
|
.BR FAN_REPORT_FID .
|
|
|
|
An additional record of type
|
|
|
|
.BR FAN_EVENT_INFO_TYPE_DFID_NAME ,
|
2020-08-28 12:26:12 +00:00
|
|
|
which encapsulates the information about the directory entry, is included
|
2020-08-25 11:40:56 +00:00
|
|
|
alongside the generic event metadata structure and substitutes the additional
|
|
|
|
information record of type
|
|
|
|
.BR FAN_EVENT_INFO_TYPE_DFID .
|
|
|
|
The additional record includes a file handle that identifies a directory
|
|
|
|
filesystem object followed by a name that identifies an entry in that
|
|
|
|
directory.
|
|
|
|
For the directory entry modification events
|
|
|
|
.BR FAN_CREATE ,
|
|
|
|
.BR FAN_DELETE ,
|
|
|
|
and
|
|
|
|
.BR FAN_MOVE ,
|
|
|
|
the reported name is that of the created/deleted/moved directory entry.
|
|
|
|
For other events that occur on a directory object, the reported file handle
|
|
|
|
is that of the directory object itself and the reported name is '.'.
|
|
|
|
For other events that occur on a non-directory object, the reported file handle
|
|
|
|
is that of the parent directory object and the reported name is the name of a
|
|
|
|
directory entry where the object was located at the time of the event.
|
|
|
|
The rationale behind this logic is that the reported directory file handle can
|
|
|
|
be passed to
|
|
|
|
.BR open_by_handle_at (2)
|
|
|
|
to get an open directory file descriptor and that file descriptor along with
|
|
|
|
the reported name can be used to call
|
|
|
|
.BR fstatat (2).
|
|
|
|
The same rule that applies to record type
|
|
|
|
.BR FAN_EVENT_INFO_TYPE_DFID
|
|
|
|
also applies to record type
|
2020-08-28 12:26:12 +00:00
|
|
|
.BR FAN_EVENT_INFO_TYPE_DFID_NAME :
|
2020-08-25 11:40:56 +00:00
|
|
|
if a non-directory object has no parent, either the event will not be reported
|
|
|
|
or it will be reported without the directory entry information.
|
|
|
|
Note that there is no guarantee that the filesystem object will be found at the
|
|
|
|
location described by the directory entry information at the time the event is
|
|
|
|
received.
|
|
|
|
See
|
|
|
|
.BR fanotify (7)
|
|
|
|
for additional details.
|
|
|
|
.TP
|
|
|
|
.B FAN_REPORT_DFID_NAME
|
|
|
|
This is a synonym for
|
|
|
|
.RB ( FAN_REPORT_DIR_FID | FAN_REPORT_NAME ).
|
2014-04-25 05:56:02 +00:00
|
|
|
.PP
|
2014-05-07 06:55:36 +00:00
|
|
|
The
|
2014-04-25 05:56:02 +00:00
|
|
|
.I event_f_flags
|
2014-05-07 06:55:36 +00:00
|
|
|
argument
|
|
|
|
defines the file status flags that will be set on the open file descriptions
|
|
|
|
that are created for fanotify events.
|
|
|
|
For details of these flags, see the description of the
|
2014-04-25 05:56:02 +00:00
|
|
|
.I flags
|
2014-05-07 06:55:36 +00:00
|
|
|
values in
|
|
|
|
.BR open (2).
|
2014-05-15 17:35:44 +00:00
|
|
|
.I event_f_flags
|
2014-05-18 07:46:30 +00:00
|
|
|
includes a multi-bit field for the access mode.
|
2014-05-15 17:35:44 +00:00
|
|
|
This field can take the following values:
|
2014-04-25 05:56:02 +00:00
|
|
|
.TP
|
|
|
|
.B O_RDONLY
|
|
|
|
This value allows only read access.
|
|
|
|
.TP
|
|
|
|
.B O_WRONLY
|
|
|
|
This value allows only write access.
|
|
|
|
.TP
|
|
|
|
.B O_RDWR
|
|
|
|
This value allows read and write access.
|
2014-05-15 17:35:44 +00:00
|
|
|
.PP
|
|
|
|
Additional bits can be set in
|
|
|
|
.IR event_f_flags .
|
|
|
|
The most useful values are:
|
2014-04-25 05:56:02 +00:00
|
|
|
.TP
|
|
|
|
.B O_LARGEFILE
|
add_key.2, alloc_hugepages.2, execve.2, fanotify_init.2, getrlimit.2, listxattr.2, mmap.2, shmget.2, malloc.3, random.4, st.4, bootparam.7, epoll.7, keyrings.7, pipe.7, xattr.7: Use non-breaking space for measurement units
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-08-18 10:28:20 +00:00
|
|
|
Enable support for files exceeding 2\ GB.
|
2014-04-25 05:56:02 +00:00
|
|
|
Failing to set this flag will result in an
|
|
|
|
.B EOVERFLOW
|
2014-05-05 09:45:37 +00:00
|
|
|
error when trying to open a large file which is monitored by
|
|
|
|
an fanotify group on a 32-bit system.
|
2014-05-15 17:35:44 +00:00
|
|
|
.TP
|
2016-02-06 15:50:35 +00:00
|
|
|
.BR O_CLOEXEC " (since Linux 3.18)"
|
|
|
|
.\" commit 0b37e097a648aa71d4db1ad108001e95b69a2da4
|
2014-05-15 17:35:44 +00:00
|
|
|
Enable the close-on-exec flag for the file descriptor.
|
2014-05-18 07:46:30 +00:00
|
|
|
See the description of the
|
|
|
|
.B O_CLOEXEC
|
|
|
|
flag in
|
|
|
|
.BR open (2)
|
|
|
|
for reasons why this may be useful.
|
2014-05-15 17:35:44 +00:00
|
|
|
.PP
|
|
|
|
The following are also allowable:
|
|
|
|
.BR O_APPEND ,
|
|
|
|
.BR O_DSYNC ,
|
|
|
|
.BR O_NOATIME ,
|
|
|
|
.BR O_NONBLOCK ,
|
|
|
|
and
|
|
|
|
.BR O_SYNC .
|
2014-05-18 07:46:30 +00:00
|
|
|
Specifying any other flag in
|
|
|
|
.I event_f_flags
|
|
|
|
yields the error
|
2014-05-15 17:35:44 +00:00
|
|
|
.B EINVAL
|
|
|
|
(but see BUGS).
|
2014-04-25 05:56:02 +00:00
|
|
|
.SH RETURN VALUE
|
|
|
|
On success,
|
|
|
|
.BR fanotify_init ()
|
|
|
|
returns a new file descriptor.
|
2014-04-25 10:11:08 +00:00
|
|
|
On error, \-1 is returned, and
|
2014-04-25 05:56:02 +00:00
|
|
|
.I errno
|
|
|
|
is set to indicate the error.
|
|
|
|
.SH ERRORS
|
|
|
|
.TP
|
|
|
|
.B EINVAL
|
|
|
|
An invalid value was passed in
|
2014-05-15 17:35:44 +00:00
|
|
|
.I flags
|
|
|
|
or
|
|
|
|
.IR event_f_flags .
|
2014-04-25 05:56:02 +00:00
|
|
|
.B FAN_ALL_INIT_FLAGS
|
2019-06-06 09:48:02 +00:00
|
|
|
(deprecated since Linux kernel version 4.20)
|
|
|
|
.\" commit 23c9deeb3285d34fd243abb3d6b9f07db60c3cf4
|
2014-05-15 17:35:44 +00:00
|
|
|
defines all allowable bits for
|
|
|
|
.IR flags .
|
2014-04-25 05:56:02 +00:00
|
|
|
.TP
|
|
|
|
.B EMFILE
|
2014-05-07 06:55:36 +00:00
|
|
|
The number of fanotify groups for this user exceeds 128.
|
2014-04-25 05:56:02 +00:00
|
|
|
.TP
|
2017-11-09 09:15:51 +00:00
|
|
|
.B EMFILE
|
2015-12-27 15:26:07 +00:00
|
|
|
The per-process limit on the number of open file descriptors has been reached.
|
|
|
|
.TP
|
2014-04-25 05:56:02 +00:00
|
|
|
.B ENOMEM
|
|
|
|
The allocation of memory for the notification group failed.
|
|
|
|
.TP
|
2014-05-01 05:47:11 +00:00
|
|
|
.B ENOSYS
|
|
|
|
This kernel does not implement
|
|
|
|
.BR fanotify_init ().
|
2014-05-07 06:55:36 +00:00
|
|
|
The fanotify API is available only if the kernel was configured with
|
|
|
|
.BR CONFIG_FANOTIFY .
|
2014-05-01 05:47:11 +00:00
|
|
|
.TP
|
2014-04-25 05:56:02 +00:00
|
|
|
.B EPERM
|
|
|
|
The operation is not permitted because the caller lacks the
|
|
|
|
.B CAP_SYS_ADMIN
|
|
|
|
capability.
|
|
|
|
.SH VERSIONS
|
|
|
|
.BR fanotify_init ()
|
|
|
|
was introduced in version 2.6.36 of the Linux kernel and enabled in version
|
|
|
|
2.6.37.
|
iconv.1, localedef.1, access.2, execveat.2, fanotify_init.2, futex.2, ioctl_fat.2, mount.2, ftw.3, sd.4, tty_ioctl.4, fanotify.7, futex.7, posixoptions.7, iconvconfig.8: srcfix: Remove useless quotes from .SS and .SH sections
Signed-off-by: Stéphane Aulery <saulery@free.fr>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-03-08 02:03:52 +00:00
|
|
|
.SH CONFORMING TO
|
2014-04-25 05:56:02 +00:00
|
|
|
This system call is Linux-specific.
|
2014-05-01 14:47:39 +00:00
|
|
|
.SH BUGS
|
2016-08-21 10:43:08 +00:00
|
|
|
The following bug was present in Linux kernels before version 3.18:
|
2014-09-29 14:25:53 +00:00
|
|
|
.IP * 3
|
2016-08-21 10:43:08 +00:00
|
|
|
.\" Fixed by commit 0b37e097a648aa71d4db1ad108001e95b69a2da4
|
2014-09-29 14:27:06 +00:00
|
|
|
The
|
2014-09-29 14:25:53 +00:00
|
|
|
.B O_CLOEXEC
|
2014-09-29 14:27:06 +00:00
|
|
|
is ignored when passed in
|
|
|
|
.IR event_f_flags .
|
2014-09-29 14:25:53 +00:00
|
|
|
.PP
|
2014-09-29 14:32:23 +00:00
|
|
|
The following bug was present in Linux kernels before version 3.14:
|
2014-05-01 14:47:39 +00:00
|
|
|
.IP * 3
|
2014-09-29 14:32:23 +00:00
|
|
|
.\" Fixed by commit 48149e9d3a7e924010a0daab30a6197b7d7b6580
|
2014-05-01 20:01:46 +00:00
|
|
|
The
|
2014-05-01 14:47:39 +00:00
|
|
|
.I event_f_flags
|
2014-05-01 20:13:35 +00:00
|
|
|
argument is not checked for invalid flags.
|
2014-05-01 20:01:46 +00:00
|
|
|
Flags that are intended only for internal use,
|
|
|
|
such as
|
2014-05-01 14:47:39 +00:00
|
|
|
.BR FMODE_EXEC ,
|
2014-05-01 20:01:46 +00:00
|
|
|
can be set, and will consequently be set for the file descriptors
|
|
|
|
returned when reading from the fanotify file descriptor.
|
iconv.1, localedef.1, access.2, execveat.2, fanotify_init.2, futex.2, ioctl_fat.2, mount.2, ftw.3, sd.4, tty_ioctl.4, fanotify.7, futex.7, posixoptions.7, iconvconfig.8: srcfix: Remove useless quotes from .SS and .SH sections
Signed-off-by: Stéphane Aulery <saulery@free.fr>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-03-08 02:03:52 +00:00
|
|
|
.SH SEE ALSO
|
2014-04-25 05:56:02 +00:00
|
|
|
.BR fanotify_mark (2),
|
|
|
|
.BR fanotify (7)
|