Filesystem monitoring question
Robert Watson
rwatson at FreeBSD.org
Thu Nov 17 17:15:14 GMT 2005
On Thu, 17 Nov 2005, Giovanni P. Tirloni wrote:
> Using kqueue you can monitor a file/directory for changes and have it
> trigger something when that event happens. But you want to monitor you
> whole partition.. perhaps intercept some syscalls ?
Depending on your requirements, you may be able to use ktrace(1) to
monitor the path lookups of all processes on the system by logging them to
a file and tracking the file.
With Audit support, shortly to be imported into the tree, you'll be able
to do similar things, although in a more configurable way.
Robert N M Watson
More information about the freebsd-hackers
mailing list