Chris, >here is my issue, for security certification purposes I need to be able >to create an append only file system for logs, such that no one *even >root* will be able to futz with the log files on my log server. Write the files to CD-Rom in multi-session mode. It may even be the case that there is a continuous-journal kind of file system (one in which the journal is never collapsed). Such a file system would just continuously write the file system to CD. This is conceptually a write-once tape. Since you're not creating file logs at CD rates (one hopes) there will be a window where someone could modify a log entry before you write it to a session. Tim Daly
