Gentwo Git Trees - linux/.git/commit

author	Richard Guy Briggs <rgb@redhat.com>
	Wed, 6 Aug 2025 21:04:07 +0000 (17:04 -0400)
committer	Paul Moore <paul@paul-moore.com>
	Mon, 11 Aug 2025 15:44:58 +0000 (11:44 -0400)
commit	ce8370e2e62a903e18be7dd0e0be2eee079501e1
tree	a739906f35807c337bc5c327e65fc872c89a5161	tree \| snapshot
parent	df1145b56c6f92696acec7730694a19fb4c8a174	commit \| diff

audit: record fanotify event regardless of presence of rules

When no audit rules are in place, fanotify event results are
unconditionally dropped due to an explicit check for the existence of
any audit rules.  Given this is a report from another security
sub-system, allow it to be recorded regardless of the existence of any
audit rules.

To test, install and run the fapolicyd daemon with default config.  Then
as an unprivileged user, create and run a very simple binary that should
be denied.  Then check for an event with
ausearch -m FANOTIFY -ts recent

Link: https://issues.redhat.com/browse/RHEL-9065
Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>