Monitoring a file?
MLandman at face2interface.com
Sat Nov 22 16:06:58 PST 2003
At 05:58 PM 11/22/2003, Cordula's Web wrote:
> A file, let's say, /path/to/a/file, is being modified by
> an unknown process P(u) at random times. Unfortunately,
> the name of the program ran by P(u) is unknown.
Being a newbie I'm going against my better judgement by offering my
thoughts. The problem though sounds too interesting to pass up.
I'd think the failsafe way to approach this is with a wrapper so that when
process P accesses file F it's really accessing W(F), i.e. a software
wrapper which would then emulate F, only since W's a pgm it can also log
the activity as well as reply to P with basically whatever you want it to
Would ln(1) be able to serve as the setup for W? I've only done soft links
for directory aliasing on websites. So I don't know if you can get away
with e.g. having a shebang line on top W and expect it to execute; if you
could work it that way though you'd be golden afaict. Rereading this I
realize for W to work it'd also have to be able to know who P is, i.e. the
process and what it was wanting to do so it could emulate it. Or is there a
way to just have W pass F on to P after logging the activity? And why do I
suddenly crave a bowl of alphabet soup?
BTW isn't this the basic concept behind jail(8), only you'd be jailing a
file rather than a process?
Just my two cents, hope it's worth it.
Marty Landman Face 2 Interface Inc 845-679-9387
Sign On Required: Web membership software for your site
Make a Website: http://face2interface.com/Home/Demo.shtml
More information about the freebsd-questions