diff options
author | Jan Kara <jack@suse.cz> | 2020-12-02 16:43:54 +0100 |
---|---|---|
committer | Michael Kerrisk <mtk.manpages@gmail.com> | 2021-01-04 14:29:59 +0100 |
commit | f040d2867564179659e7d7181c7d9fcd0f821824 (patch) | |
tree | aba22dcae9c6dc1168df5451d8669a59e20116d6 | |
parent | 028350ffb86a030b9538e6b4c2bc9ebf8b992065 (diff) | |
download | man-pages-f040d2867564179659e7d7181c7d9fcd0f821824.tar.gz |
fanotify_init.2, fanotify.7: Document FAN_AUDIT flag and FAN_ENABLE_AUDIT
Acked-by: Steve Grubb <sgrubb@redhat.com>
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
-rw-r--r-- | man2/fanotify_init.2 | 7 | ||||
-rw-r--r-- | man7/fanotify.7 | 9 |
2 files changed, 15 insertions, 1 deletions
diff --git a/man2/fanotify_init.2 b/man2/fanotify_init.2 index 62d07a4658..13538912b9 100644 --- a/man2/fanotify_init.2 +++ b/man2/fanotify_init.2 @@ -156,6 +156,13 @@ supplied to (see .BR fanotify (7)). .TP +.BR FAN_ENABLE_AUDIT " (since Linux 4.15)" +.\" commit de8cd83e91bc3ee212b3e6ec6e4283af9e4ab269 +Enable generation of audit log records about access mediation performed by +permission events. The permission event response has to be marked with +.B FAN_AUDIT +flag for audit log record to be generated. +.TP .BR FAN_REPORT_FID " (since Linux 5.1)" .\" commit a8b13aa20afb69161b5123b4f1acc7ea0a03d360 This value allows the receipt of events which contain additional information diff --git a/man7/fanotify.7 b/man7/fanotify.7 index 46ebf767df..d5bf6d9877 100644 --- a/man7/fanotify.7 +++ b/man7/fanotify.7 @@ -588,7 +588,14 @@ to deny the file operation. .PP If access is denied, the requesting application call will receive an .BR EPERM -error. +error. Additionally, if the notification group has been created with +.B FAN_ENABLE_AUDIT +flag, +.B FAN_AUDIT +flag can be set in the +.I response +field. In that case audit subsystem will log information about the access +decision to the audit logs. .\" .SS Closing the fanotify file descriptor When all file descriptors referring to the fanotify notification group are |