On Wed, Jul 06, 2005 at 11:54:41AM -0500, Timothy R. Chavez wrote:
> To implement this feature we rely on the concepts of a "watch" and
> "watch list". Directories hold lists of "watches" (ie: "watch lists")
> that describe auditable file names one level beneath them. If a file
> holds a pointer into a "watch list" it is auditable. When accessed by
> a system call, information about the inode and its "watches" is added
> to the audit context of the current task (an inode may have multiple
> "watches" if a hard link to a "watched" file is itself being "watched")
> which is sent to user space upon system call exit.
This sounds almost identical to inotify. Is there some way you could
use that instead? If not, you should explain why in your patch
introduction.
thanks,
greg k-h
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
| |
 |