• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Monitoring File Access (Read / Write)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Monitoring File Access (Read / Write)

  • Subject: Re: Monitoring File Access (Read / Write)
  • From: Brian Bergstrand <email@hidden>
  • Date: Thu, 17 Jun 2004 17:24:03 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Jun 17, 2004, at 4:42 PM, Justin Walker wrote:

> On Jun 17, 2004, at 14:15, Krishna Monian wrote:
>>
>> I am basically trying to write a utility that will log
>> every file that is accessed (read / write) in a
>> particular directory in the system.
>>
>> What would be the best way to go about doing this? Is
>> a kernel hook the only way? Is there anything that has
>> already been done along these lines (quite sure it
>> has)?
>
> The only way to do this is with some kind of kernel assistance.
> Hacking into dispatch tables won't, in all likelihood, survive new
> releases of the kernel, though. This approach is frowned on.
>
> I'd suggest, as someone already has, looking at ktrace, or perhaps,
> fs_usage. The source for both is available. This is a polling type
> of interface, though, so you need to apply it with some care and
> forethought. There is no notification mechanism for file access.
>

That's not quite true. If the OP can require Darwin7+, then he can use
the kqueue interface to get everything he needs except for reads -- and
w/o polling or being in the kernel. See <sys/event.h>.

For tracking reads, I think you are SOL.

HTH.

> Regards,
>
> Justin
>
Brian Bergstrand <http://www.bergstrand.org/brian/>, AIM: triryche206
PGP Key: <http://www.bergstrand.org/brian/misc/public_key.txt>
Home computers are being called upon to perform many new functions,
including the consumption of homework formerly eaten by the dog. - Doug
Larson
As of 05:01:41 PM, iTunes is playing "Think About You" from "Appetite
For Destruction" by "Guns N' Roses"

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBQNIL+XnR2Fu2x7aiEQKzTACg4gZX1oCFMx+Qd45Ngyn4o9eiuHUAnA5p
svxMFMx2M2myRoYLgMaAn3wB
=8ykt
-----END PGP SIGNATURE-----
_______________________________________________
darwin-kernel mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/darwin-kernel
Do not post admin requests to the list. They will be ignored.

  • Follow-Ups:
    • Re: Monitoring File Access (Read / Write)
      • From: Justin Walker <email@hidden>
References: 
 >Monitoring File Access (Read / Write) (From: Krishna Monian <email@hidden>)
 >Re: Monitoring File Access (Read / Write) (From: Justin Walker <email@hidden>)

  • Prev by Date: Re: Timers in my NKE
  • Next by Date: Re: Monitoring File Access (Read / Write)
  • Previous by thread: Re: Monitoring File Access (Read / Write)
  • Next by thread: Re: Monitoring File Access (Read / Write)
  • Index(es):
    • Date
    • Thread