On Mon, 2011-10-17 at 11:51 +0200, Stephan Mueller wrote: > Hi, > > please find attached the man pages for the system calls of fanotify_init > and fanotify_mark. > > The creator of fanotify, Eric, has generally blessed the man pages. > > Though, there is one area which should warrant another review: the > struct fanotify_response discussion, in particular I am not sure about > the explanation of the fd member variable. File Descriptor Usage: "returns all events the kernel collected which will fit in the given buffer" The O_NONBLOCK flag will still return multiple events if they exist, but it will return EAGAIN if no events exist. writing to the fd only makes sense in FAN_CLASS_CONTENT or FAN_CLASS_PRE_CONTENT. In one of those classes one can add a mark which requires permissions handling. If upon reading the fanotify fd an event for FAN_*_PERM is returned userspace should write back to the fanotify fd using the struck you show. The fd should be the fd supplied in the original event, the response should be allow/deny. FAN_UNLIMITED_MARKS requires CAP_SYS_ADMIN "Note that only one of the FAN_CLASS_* priority levels shall be selected for all groups" That not quite right. Only one of the FAN_CLASS_* priority levels may be selected per group. 2 calls to fanotify_init() would result in 2 groups and each could have a different priority. If I were to write an example program (or more likely trim my example program, would that be appreciated here?) -Eric -- To unsubscribe from this list: send the line "unsubscribe linux-man" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
