[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Question about setting watches in auto-mounted directories in RHEL 5.2

From: Steve Grubb <sgrubb redhat com>
To: Alexander Viro <aviro redhat com>
Cc: Taylor_Tad emc com, linux-audit redhat com
Subject: Re: Question about setting watches in auto-mounted directories in RHEL 5.2
Date: Sun, 30 Nov 2008 10:47:07 -0500

On Sunday 30 November 2008 10:11:10 Alexander Viro wrote:
> > > Unfortunately, auto-mounts are, well, automatic, so there's no one to
> > > issue that command.
>
> You do realize that they are, in the end, done from userland?  Which is
> the natural place to do that...

The problem is that's a little racy. But more importantly, it would be nice to 
load rules once since there is a chance that high security installations will 
have the audit system in immutable mode.

For rules that do not resolve all the way to an inode, they could be put on a 
wait list that gets checked for resolution anytime mount is called.

-Steve

Follow-Ups:
- Re: Question about setting watches in auto-mounted directories in RHEL 5.2
  - From: Alexander Viro

References:
- Question about setting watches in auto-mounted directories in RHEL 5.2
  - From: Taylor_Tad
- Re: Question about setting watches in auto-mounted directories in RHEL 5.2
  - From: Steve Grubb
- Re: Question about setting watches in auto-mounted directories in RHEL 5.2
  - From: Alexander Viro

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]