[PATCH] fanotify: Document FAN_AUDIT flag

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Jan Kara <jack@suse.cz>
To: "Michael Kerrisk (man-pages)" <mtk.manpages@gmail.com>
Cc: Amir Goldstein <amir73il@gmail.com>,
	Steve Grubb <sgrubb@redhat.com>,
	linux-man@vger.kernel.org, Jan Kara <jack@suse.cz>
Subject: [PATCH] fanotify: Document FAN_AUDIT flag
Date: Wed,  2 Dec 2020 16:43:54 +0100	[thread overview]
Message-ID: <20201202154354.30778-1-jack@suse.cz> (raw)

Document FAN_AUDIT and related FAN_ENABLE_AUDIT flags.

Signed-off-by: Jan Kara <jack@suse.cz>
---
 man2/fanotify_init.2 | 7 +++++++
 man7/fanotify.7      | 9 ++++++++-
 2 files changed, 15 insertions(+), 1 deletion(-)

OK, here's my attempt to document the FAN_AUDIT flag. It would be nice if
Steve glanced over it from the audit side to check things are sane.

diff --git a/man2/fanotify_init.2 b/man2/fanotify_init.2
index ca03b11dc98a..6becc7a680db 100644
--- a/man2/fanotify_init.2
+++ b/man2/fanotify_init.2
@@ -155,6 +155,13 @@ supplied to
 (see
 .BR fanotify (7)).
 .TP
+.BR FAN_ENABLE_AUDIT " (since Linux 4.15)"
+.\" commit de8cd83e91bc3ee212b3e6ec6e4283af9e4ab269
+Enable generation of audit log records about access mediation performed by
+permission events. The permission event response has to be marked with
+.B FAN_AUDIT
+flag for audit log record to be generated.
+.TP
 .BR FAN_REPORT_FID " (since Linux 5.1)"
 .\" commit a8b13aa20afb69161b5123b4f1acc7ea0a03d360
 This value allows the receipt of events which contain additional information
diff --git a/man7/fanotify.7 b/man7/fanotify.7
index 5804a1f30d6c..b5f096304cf4 100644
--- a/man7/fanotify.7
+++ b/man7/fanotify.7
@@ -588,7 +588,14 @@ to deny the file operation.
 .PP
 If access is denied, the requesting application call will receive an
 .BR EPERM
-error.
+error. Additionally, if the notification group has been created with
+.B FAN_ENABLE_AUDIT
+flag,
+.B FAN_AUDIT
+flag can be set in the
+.I response
+field. In that case audit subsystem will log information about the access
+decision to the audit logs.
 .\"
 .SS Closing the fanotify file descriptor
 When all file descriptors referring to the fanotify notification group are
-- 
2.16.4

next             reply	other threads:[~2020-12-02 15:44 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-12-02 15:43 Jan Kara [this message]
2020-12-02 15:57 ` [PATCH] fanotify: Document FAN_AUDIT flag Alejandro Colomar (man-pages)
2020-12-02 16:19   ` Jan Kara
2020-12-18 10:23     ` Ping: " Alejandro Colomar (man-pages)
2021-01-03 15:43 ` Steve Grubb
2021-01-04 13:27 ` Michael Kerrisk (man-pages)

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:ca03b11dc98 dfblob:6becc7a680d dfblob:5804a1f30d6
dfblob:b5f096304cf )
 OR (
bs:"[PATCH] fanotify: Document FAN_AUDIT flag" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20201202154354.30778-1-jack@suse.cz \
    --to=jack@suse.cz \
    --cc=amir73il@gmail.com \
    --cc=linux-man@vger.kernel.org \
    --cc=mtk.manpages@gmail.com \
    --cc=sgrubb@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.