El Mon, Nov 10, 2008 at 11:16:06PM +0800 Peter Teoh ha dit: > On Mon, Nov 10, 2008 at 5:06 PM, ashish mahamuni <ashitpro@xxxxxxxxxxx> wrote: > > Hello All, > > > > I am trying to write a module which will log the user who deleted the file... > > So, I am thinking of hooking the unlink system call... > > Which is the best way to achieve this? > > Is it possible in 2.6 kernel? > > > > How about inotify? > > http://www.ibm.com/developerworks/linux/library/l-ubuntu-inotify/index.html > > The advantage is that u don't need to write any kernel > stuff.....everything is done at userspace....and therefore much safer > and reliable. afaik inotify only reports the event type, but can not provide the information of who caused the event. -- Matthias Kaehlcke Embedded Linux Engineer Barcelona If you don't know where you are going, you will probably end up somewhere else (Laurence J. Peter) .''`. using free software / Debian GNU/Linux | http://debian.org : :' : `. `'` gpg --keyserver pgp.mit.edu --recv-keys 47D8E5D4 `- -- To unsubscribe from this list: send an email with "unsubscribe kernelnewbies" to ecartis@xxxxxxxxxxxx Please read the FAQ at http://kernelnewbies.org/FAQ
