Add `FAN_MARK_MOUNT` when opting out of `FAN_MARK_FILESYSTEM`

linux-application-whitelisting / fapolicyd

File Access Policy Daemon

GNU General Public License v3.0

199 stars 56 forks source link

Add `FAN_MARK_MOUNT` when opting out of `FAN_MARK_FILESYSTEM` #210

Closed stevenbrz closed 2 years ago

stevenbrz commented 2 years ago

As of upgrading to v1.1.6, we noticed that we were no longer receiving events since we didn't opt in for monitoring bind mounted accesses via the config option.

Without FAN_MARK_MOUNT added to the flags set in fanotify_mark, fapolicyd does not receive events for any subdirectories specified by the path parameter.

cc. @kenbreeman

stevegrubb commented 2 years ago

Hmm...that was supposed to be there but clearly dropped in commit 2d15ea13. Thanks!