-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I'm developping a kernel module that will monitore struct (or something else) to generate event (or traces) when a process is over (i.e. its PID disappear from the PID/PPID tree). Currently, I can do that by monitoring the /proc directory but I am looking for a more robust (and kernel side) way to do it. I don't know where to start, hooking some functions in procfs ? Or something similar already exists ? Or ... ? I'm open to any solutions. Thanks in advance PS: If I need SELinux or GRSecurity/PaX to do that, it is not an issue. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJEe2nrzp//Utz6jwRAp2ZAJ4sV46sLzMC93t7OsbwcWzHuc33ogCeIZEk zqEzllfwV/r7op9Jr3Y3y8M= =WF1T -----END PGP SIGNATURE----- -- To unsubscribe from this list: send an email with "unsubscribe kernelnewbies" to ecartis@xxxxxxxxxxxx Please read the FAQ at http://kernelnewbies.org/FAQ
