Article Title: Use Inotify to monitor Linux File System events. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
Inotify is a file system event monitoring mechanism and is planned to be included in the forthcoming Linux kernel as an effective replacement for dnotify. Dnotify is a file monitoring mechanism supported by earlier kernels. Inotify is a powerful, fine-grained, asynchronous mechanism that meets various file monitoring needs, not limited to security and performance. Next let's learn how to install inotify and how to build an example user space application to respond to file system events.
File System event monitoring is necessary for various programs from File Manager to security tools, but dnotify (standard in earlier kernels) has some limitations, this makes us look forward to a more comprehensive mechanism. With this expectation, we found inotify, a more modern alternative to file system event monitoring.
Why inotify?
There are many reasons for replacing dnotify with inotify. The first reason is that dnotify requires you to open a file descriptor for each directory to be monitored for change. When multiple directories are monitored at the same time, this consumes a lot of resources because it may limit the file descriptor of each process.
In addition, the file descriptor locks the Directory and does not allow unmount. This causes problems in the environment where removable media exists. When inotify is used, if you are monitoring files on the uninstalled file system, the monitoring will be automatically removed and you will receive an unload event.
The second reason why dnotify is not as complex as inotify is that dnotify is a bit complicated. Note that the monitoring granularity of a simple File System Using the dnotify infrastructure is only at the directory level. To use dnotify for more fine-grained monitoring, application programmers must keep a stat structure cache for each monitored directory. The stat structure cache of the user space needs to be used to determine what changes have occurred to the directory when the notification signal is received. When a notification signal is obtained, the stat structure list is generated and compared with the latest status. Obviously, this technology is not ideal.
Another advantage of inotify is that it uses file descriptors as the basic interface so that application developers can use select and poll to monitor devices. This allows effective multi-channel I/O and integration with the mainloop of Glib. On the contrary, the signals used by dnotify often make programmers feel a headache and not very elegant.
Inotify solves these problems by providing a more elegant API that uses the least file descriptor and ensures more fine-grained monitoring. The communication with inotify is provided by the device node. For the above reasons, inotify is your best choice for monitoring files on Linux 2.6.
Install inotify
The first step to install inotify is to determine whether your Linux kernel supports inotify. The easiest way to check the release is to find whether the/dev/inotify device exists. If this device exists, you can jump to the inotify section in a simple application.
At the time of writing this article, inotify was included in the Linux 2.6-mm directory tree of Andrew Morton, and some Linux distributions are providing kernels (including Gentoo and Ubuntu) that support inotify) or you can have a supported supplemental kernel package (such as Fedora and SuSE ). Because Andrew may remove inotify support from the directory tree as needed, and the inotify version is still in frequent development stages, we strongly recommend that you install patches from the beginning.
If the device is missing, you may need to patch the kernel and create the device.
Patch inotify Kernel
Inotify patches can be obtained from Linux Kernel Archives. You should apply the patch with the highest version number for a specific kernel. Each release version processes different kernel installation, but the following describes a general guide. Note: Obtain the source file of the 2.6 Linux Kernel from the Linux Kernel Archives release. If applicable, obtain the latest stable version.
Start from entering the kernel source file directory:
Because you have installed the kernel source file earlier, you need to decompress it now:
bash:~$ sudo tar jxvf linux-source-2.6.8.1.tar.bz2
|
Now, point your symlink to the new source file directory tree:
bash:~$ sudo ln -sf linux-source-2.6.8.1 linux
|
Change the current directory to the created kernel source file directory:
Copy inotify patch:
bash:~$ sudo cp ~/inotify* /usr/src
|
Patch the kernel:
bash:~$ sudo patch -p1 < ../inotify*.patch
|
Build the kernel:
bash:~$ sudo make menuconfig
|
Configure your kernel as usual to ensure that inotify works properly. If necessary, add the new kernel to the boot loader, but remember to maintain the image and boot loader options of the old kernel. This step varies with different boot loaders (see references for more information about specific boot loaders ). Reboot the computer and select a new kernel that enables inotify. Before proceeding, test your new kernel to make sure it works properly.
[1] [2] [3] [4] Next page