I'm using code like following to monitor the whole file system:
fanotify_mark(fd,
FAN_MARK_ADD | FAN_MARK_MOUNT,
FAN_OPEN | FAN_EVENT_ON_CHILD,
AT_FDCWD, "/"
)
But I need write some tests, so, I want monitor just a specific dir, let say "/tmp/test_dir". The problem is when I change code this way:
fanotify_mark(fd,
FAN_MARK_ADD,
FAN_OPEN | FAN_EVENT_ON_CHILD,
AT_FDCWD, "/tmp/test_dir"
)
fanotify only watchs to events on "/tmp/test_dir" ignoring whatever happen in deeper folders.
For instance: If I open "/tmp/test_dir/aa/bb/cc/test_file.txt" fanotify detects nothing.
I'm missing some flag?
Problem solved.
fanotify isn't recursive. It only works that way when working on mounted directories. I did the following test:
mkdir /tmp/parent
mkdir -p /tmp/other/aa/bb/cc/dd
touch /tmp/other/aa/bb/cc/dd/test.txt
mount --bind /tmp/other /tmp/parent
then in code:
fanotify_mark(fd,
FAN_MARK_ADD | FAN_MARK_MOUNT,
FAN_OPEN | FAN_EVENT_ON_CHILD,
AT_FDCWD, "/tmp/parent"
)
and it's done. Now fanotify fire up events for test.txt file.