Re: Intercepting system calls

From: richard -rw- weinberger
Date: Thu Dec 22 2011 - 12:32:46 EST

Next message: Andreas Hartmann: "Re: [rt2x00-users] Poor performance and lockup with rt2800usb andAsus USB-N13 adapter"
Previous message: Greg KH: "Re: [PATCH V2 1/6] drivers/staging/ramster: cluster/messagingfoundation"
In reply to: Gaurav Saxena: "Re: Intercepting system calls"
Next in thread: Gaurav Saxena: "Re: Intercepting system calls"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Dec 22, 2011 at 6:16 PM, Gaurav Saxena <grvsaxena419@xxxxxxxxx> wrote:
> I want to monitor whole / and its sub directories for unlink call, if
> there is any call I would save the file, would it be possible with
> FUSE? It would require remounting of file system ? I don't think
> ptrace would be of help as applications are not under my control.

This is a non-trivial problem.
Consider also using a stackable filesystem like dazuko
(http://dazuko.dnsalias.org)

--
Thanks,
//richard
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andreas Hartmann: "Re: [rt2x00-users] Poor performance and lockup with rt2800usb andAsus USB-N13 adapter"
Previous message: Greg KH: "Re: [PATCH V2 1/6] drivers/staging/ramster: cluster/messagingfoundation"
In reply to: Gaurav Saxena: "Re: Intercepting system calls"
Next in thread: Gaurav Saxena: "Re: Intercepting system calls"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]