mirror of https://github.com/mkerrisk/man-pages
fanotify_init.2, fanotify.7: Document FAN_AUDIT flag and FAN_ENABLE_AUDIT
Acked-by: Steve Grubb <sgrubb@redhat.com> Signed-off-by: Jan Kara <jack@suse.cz> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
028350ffb8
commit
f040d28675
|
@ -156,6 +156,13 @@ supplied to
|
|||
(see
|
||||
.BR fanotify (7)).
|
||||
.TP
|
||||
.BR FAN_ENABLE_AUDIT " (since Linux 4.15)"
|
||||
.\" commit de8cd83e91bc3ee212b3e6ec6e4283af9e4ab269
|
||||
Enable generation of audit log records about access mediation performed by
|
||||
permission events. The permission event response has to be marked with
|
||||
.B FAN_AUDIT
|
||||
flag for audit log record to be generated.
|
||||
.TP
|
||||
.BR FAN_REPORT_FID " (since Linux 5.1)"
|
||||
.\" commit a8b13aa20afb69161b5123b4f1acc7ea0a03d360
|
||||
This value allows the receipt of events which contain additional information
|
||||
|
|
|
@ -588,7 +588,14 @@ to deny the file operation.
|
|||
.PP
|
||||
If access is denied, the requesting application call will receive an
|
||||
.BR EPERM
|
||||
error.
|
||||
error. Additionally, if the notification group has been created with
|
||||
.B FAN_ENABLE_AUDIT
|
||||
flag,
|
||||
.B FAN_AUDIT
|
||||
flag can be set in the
|
||||
.I response
|
||||
field. In that case audit subsystem will log information about the access
|
||||
decision to the audit logs.
|
||||
.\"
|
||||
.SS Closing the fanotify file descriptor
|
||||
When all file descriptors referring to the fanotify notification group are
|
||||
|
|
Loading…
Reference in New Issue