fanotify | simple fanotify example for watching events

by NegativeMjark C Version: Current License: Apache-2.0

X-Ray Key Features Code Snippets Community Discussions(1)Vulnerabilities Install Support

kandi X-RAY | fanotify Summary

fanotify is a C library. fanotify has no bugs, it has no vulnerabilities, it has a Permissive License and it has low support. You can download it from GitHub.

A simple fanotify example for watching events on a filesystem.

Support

Quality

Security

License

Reuse

Support

fanotify has a low active ecosystem.

It has 8 star(s) with 9 fork(s). There are 2 watchers for this library.

It had no major release in the last 6 months.

fanotify has no issues reported. There are no pull requests.

It has a neutral sentiment in the developer community.

The latest version of fanotify is current.

Quality

fanotify has 0 bugs and 0 code smells.

Security

fanotify has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.

fanotify code analysis shows 0 unresolved vulnerabilities.

There are 0 security hotspots that need review.

License

fanotify is licensed under the Apache-2.0 License. This license is Permissive.

Permissive licenses have the least restrictions, and you can use them in most projects.

Reuse

fanotify releases are not available. You will need to build from source code and install.

Top functions reviewed by kandi - BETA

kandi's functional review helps you automatically verify the functionalities of the libraries and avoid rework.
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of fanotify

Get all kandi verified functions for this library.

fanotify Key Features

No Key Features are available at this moment for fanotify.

fanotify Examples and Code Snippets

No Code Snippets are available at this moment for fanotify.

Community Discussions

Trending Discussions on fanotify

Anti-virus in docker container - does fanotify works between host and container?

QUESTION

Anti-virus in docker container - does fanotify works between host and container?

Asked 2020-Feb-08 at 00:06

I need to implement anti-virus on-access scanning solution for files inside docker containers using open-source software. Clamav On-Access works fine but have some requirements and limitations:

require CAP_SYS_ADMIN capability for working inside a container
needs to be run per-container, not per-host
require 850Mb resident memory for signatures in each running container, even small one

Does this limitation - "fanotify not working for container events when watching from host", really exists or I just misconfigured ClamAV? I have no deep knowledge how fanotify works with namespaces, but it looks like kernel limitation to me.

UPDATE: Are there any workarounds for this limitation? Adding /var/lib/docker/overlay2/container_id/merged is one option, because of dynamic container nature clamd.conf needs to be updated on every container event. But even with added path ClamAV doesn't detect malicious files in the containers.

Running ClamAV per-container creates huge memory overhead, especially for small containers.

Links collection:

...

ANSWER

Answered 2020-Feb-03 at 17:27

Yes, fanotify only monitors events in the mount namespace that it is running in.

Source https://stackoverflow.com/questions/60043439

Community Discussions, Code Snippets contain sources that include Stack Exchange Network

Vulnerabilities

No vulnerabilities reported

Install fanotify

You can download it from GitHub.

Support

For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .

Find more information at: