path-based filesystem watch limitation
Steve Grubb
sgrubb at redhat.com
Tue Aug 16 21:19:06 UTC 2005
On Tuesday 16 August 2005 16:39, Amy Griffis wrote:
> But the point of path-based watching is to watch a particular
> location.
I would agree with this. If the admin wanted to watch a specific
path/file...it should honor it. To move the file is really renaming the file.
But the watch is still desired. In practice, though, it doesn't cause
problems. I don't know of any trusted app that renames a directory and
creates a new data file. There could be user defined watches that might have
problems with the current behavior, though.
There is also no way to specify that you want to watch a file on an unmounted
partition or non-existing directory. Just thought I'd bring this up too. Not
really needed, though.
-Steve
More information about the Linux-audit
mailing list