Results 1 to 6 of 6
Hi,
I am doing a project that deals with linux file system. My question is whether we are allowed to edit the inode structure or not i.e. to add an ...
- 01-28-2010 #1Just Joined!
- Join Date
- Jan 2010
- Posts
- 8
Linux Inode Structure
Hi,
I am doing a project that deals with linux file system. My question is whether we are allowed to edit the inode structure or not i.e. to add an additional attribute that could keep track of user who accessed the file????
- 01-28-2010 #2Linux Guru
- Join Date
- Sep 2006
- Location
- 3rd rock from sun - Often seen near moon
- Posts
- 1,568
You are not allowed to edit inode structure unless you get "green signal" from File system developers
But what you can do is, try to use some reserved but unused bits in inode use it (this means messing up FS too) as long as it remains reserved bit - you program will work.
Else take better approach something like create your own list/buffer that keep track of users.- Lakshmipathi.G
-------------------
FOSS India Award winning ext3fs Undelete tool and tutorials www.giis.co.in
First they criticize you,Then they laugh at you,Then they fight with you,Then you win. - M.K.Gandhi
-------------------
- 01-28-2010 #3Just Joined!
- Join Date
- Jan 2010
- Posts
- 8
Thank U Lakshmipathi for your suggestion
I would just like to cofirm that were you refering to a log kind of thing that would keep the track of users or something different. My point of view is that log will contain the file name with the users who modified and when.
- 01-28-2010 #4Linux Guru
- Join Date
- Apr 2009
- Location
- I can be found either 40 miles west of Chicago, or in a galaxy far, far away.
- Posts
- 8,975
As you can imagine, there are any number of ways to do this. If you want to do it in the file system driver itself, then I suggest you use fuse and create your own. It can be a mofification of the ext2/ext3 file system with your changes to the inode structures or whatever else is appropriate for your needs, such as tracing all write access to the files in question. Other methods apart from rolling your own file system driver could be to have a loadable kernel module that intercepts and traces write access to the files in question. I'm sure there are other methods that will work for you. So, at issue here is are you more interested in a specific approach, or solving the more general problem of knowing who did what and when?
Sometimes, real fast is almost as good as real time.
Just remember, Semper Gumbi - always be flexible!
- 01-30-2010 #5Just Joined!
- Join Date
- Jan 2010
- Posts
- 8
Thanks rubberman for the suggestions.
As far as my priority i am more concerned about tracking the user who did what and when rather than approach. So what u suggest what path would be better to choose?
- 01-30-2010 #6Linux Guru
- Join Date
- Apr 2009
- Location
- I can be found either 40 miles west of Chicago, or in a galaxy far, far away.
- Posts
- 8,975
Personally, I'd opt for the intercept open and write events technique and log the appropriate information to a secure file. That would make it a reasonable proposition so install in any desired system. You can even make it dkms-compliant so that it will automatically get reinstalled even if the kernel is updated.
Sometimes, real fast is almost as good as real time.
Just remember, Semper Gumbi - always be flexible!
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts