From: Eric Paris <eparis-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
To: Stephan Mueller
<stephan.mueller-fwYZOkdEjagAvxtiuMwx3w@public.gmane.org>
Cc: linux-man <linux-man-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>
Subject: Re: fanotify_init(2) and fanotify_mark(2) man pages
Date: Wed, 26 Oct 2011 10:46:52 -0400 [thread overview]
Message-ID: <1319640412.3280.33.camel@localhost> (raw)
In-Reply-To: <4E9BFAA4.3010907-fwYZOkdEjagAvxtiuMwx3w@public.gmane.org>
On Mon, 2011-10-17 at 11:51 +0200, Stephan Mueller wrote:
> Hi,
>
> please find attached the man pages for the system calls of fanotify_init
> and fanotify_mark.
>
> The creator of fanotify, Eric, has generally blessed the man pages.
>
> Though, there is one area which should warrant another review: the
> struct fanotify_response discussion, in particular I am not sure about
> the explanation of the fd member variable.
File Descriptor Usage:
"returns all events the kernel collected which will fit in the given
buffer"
The O_NONBLOCK flag will still return multiple events if they exist, but
it will return EAGAIN if no events exist.
writing to the fd only makes sense in FAN_CLASS_CONTENT or
FAN_CLASS_PRE_CONTENT. In one of those classes one can add a mark which
requires permissions handling. If upon reading the fanotify fd an event
for FAN_*_PERM is returned userspace should write back to the fanotify
fd using the struck you show. The fd should be the fd supplied in the
original event, the response should be allow/deny.
FAN_UNLIMITED_MARKS requires CAP_SYS_ADMIN
"Note that only one of the FAN_CLASS_* priority levels shall be
selected for all groups" That not quite right. Only one of the
FAN_CLASS_* priority levels may be selected per group. 2 calls to
fanotify_init() would result in 2 groups and each could have a different
priority.
If I were to write an example program (or more likely trim my example
program, would that be appreciated here?)
-Eric
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2011-10-26 14:46 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-10-17 9:51 fanotify_init(2) and fanotify_mark(2) man pages Stephan Mueller
[not found] ` <4E9BFAA4.3010907-fwYZOkdEjagAvxtiuMwx3w@public.gmane.org>
2011-10-26 14:46 ` Eric Paris [this message]
2011-10-27 7:48 ` Stephan Mueller
[not found] ` <4EA90CB9.3010405-fwYZOkdEjagAvxtiuMwx3w@public.gmane.org>
2012-11-25 16:59 ` Michael Kerrisk (man-pages)
2012-11-25 16:58 ` Michael Kerrisk (man-pages)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1319640412.3280.33.camel@localhost \
--to=eparis-h+wxahxf7alqt0dzr+alfa@public.gmane.org \
--cc=linux-man-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=stephan.mueller-fwYZOkdEjagAvxtiuMwx3w@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.