fapolicyd/SOURCES/fapolicyd-markfs-4.patch

From 194ac1b87ba46ea9e26a865e8432e228cf8fefef Mon Sep 17 00:00:00 2001
From: Steven Brzozowski <stevenbrz8@gmail.com>
Date: Thu, 20 Oct 2022 17:55:30 -0400
Subject: [PATCH] Add `FAN_MARK_MOUNT` when opting out of `FAN_MARK_FILESYSTEM`
 (#210)

Without `FAN_MARK_MOUNT`, fapolicyd will not receive events for any subdirectories specified by the path parameter.
---
 src/daemon/notify.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/daemon/notify.c b/src/daemon/notify.c
index 586b6df..5e4f160 100644
--- a/src/daemon/notify.c
+++ b/src/daemon/notify.c
@@ -128,10 +128,13 @@ int init_fanotify(const conf_t *conf, mlist *m)
 #if defined HAVE_DECL_FAN_MARK_FILESYSTEM && HAVE_DECL_FAN_MARK_FILESYSTEM != 0
 		if (conf->allow_filesystem_mark)
 		    flags |= FAN_MARK_FILESYSTEM;
+		else
+		    flags |= FAN_MARK_MOUNT;
 #else
 		if (conf->allow_filesystem_mark)
 			msg(LOG_ERR,
 	    "allow_filesystem_mark is unsupported for this kernel - ignoring");
+		flags |= FAN_MARK_MOUNT;
 #endif
 		if (fanotify_mark(fd, flags, mask, -1, path) == -1) {
 			/*