[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: auditing file access



On Mon, Oct 01, 2001, guy keren wrote about "Re: auditing file access":
> On Mon, 1 Oct 2001, Shaul Karl wrote:
> why did we choose kprintf? cause it was the easiest way to have
> _something_ done. we intend to replace this with using a device file and
> then sending log records into user space, letting the user-space daemon
> perform the actuall logging. this way you could loose log data if the
> system crashes, but the logging should be much more efficient. (device
> file support just barely started).

Isn't this exactly what klogd is for? If does too much syncing and too
little buffering for your taste, perhaps there's a way to change this
behavior? Then again, there might not - I don't know...

> btw, if you're interested in these kind of things, you might want to read
> 'linux device drivers, 2nd edition' - its one of those cases where a book
> is worth every penny (and many of them don't).

Yes, this is a good book. It even has a whole section on klogd, debugging
messages from the kernel and stuff like that.

BTW, this book is available online in its entirety, in several formats (e.g.,
pdf), for free. You can read the entire book for free, but if you like it
I suggest you buy it - it is fairer to the authors and much more convenient
to read, and it's not too expensive.

-- 
Nadav Har'El                        |      Monday, Oct  1 2001, 14 Tishri 5762
nyh@math.technion.ac.il             |-----------------------------------------
Phone: +972-53-245868, ICQ 13349191 |As far as we know, our computer has never
http://nadav.harel.org.il           |had an undetected error.

=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il