On Mon, Jul 15, 2024 at 03:55:52PM +0000, Günther Noack wrote: > This documents a missing reason for why EINVAL might be returned. > The documented behavior exists since the first version of Landlock. > > Cc: Mickaël Salaün <mic@xxxxxxxxxxx> > Signed-off-by: Günther Noack <gnoack@xxxxxxxxxx> Reviewed-by: Mickaël Salaün <mic@xxxxxxxxxxx> > --- > man/man2/landlock_add_rule.2 | 10 ++++++++++ > 1 file changed, 10 insertions(+) > > diff --git a/man/man2/landlock_add_rule.2 b/man/man2/landlock_add_rule.2 > index fa0b1f109..530b45947 100644 > --- a/man/man2/landlock_add_rule.2 > +++ b/man/man2/landlock_add_rule.2 > @@ -101,6 +101,16 @@ The rule accesses are inconsistent (i.e., > .I rule_attr\->allowed_access > is not a subset of the ruleset handled accesses). > .TP > +.B EINVAL > +In > +.IR "struct landlock_path_beneath_attr" , > +the rule accesses are not applicable to the file > +(i.e., some access rights in > +.I rule_attr\->allowed_access > +are only applicable to directories, but > +.I rule_attr\->parent_fd > +does not refer to a directory). > +.TP > .B ENOMSG > Empty accesses (i.e., > .I rule_attr\->allowed_access > -- > 2.45.2.993.g49e7a77208-goog >
