1. 22 10月, 2007 21 次提交
  2. 21 10月, 2007 3 次提交
  3. 22 10月, 2007 1 次提交
  4. 21 10月, 2007 1 次提交
  5. 22 10月, 2007 1 次提交
  6. 21 10月, 2007 9 次提交
  7. 22 10月, 2007 2 次提交
  8. 21 10月, 2007 2 次提交
    • M
    • A
      [PATCH] audit: watching subtrees · 74c3cbe3
      Al Viro 提交于
      New kind of audit rule predicates: "object is visible in given subtree".
      The part that can be sanely implemented, that is.  Limitations:
      	* if you have hardlink from outside of tree, you'd better watch
      it too (or just watch the object itself, obviously)
      	* if you mount something under a watched tree, tell audit
      that new chunk should be added to watched subtrees
      	* if you umount something in a watched tree and it's still mounted
      elsewhere, you will get matches on events happening there.  New command
      tells audit to recalculate the trees, trimming such sources of false
      positives.
      
      Note that it's _not_ about path - if something mounted in several places
      (multiple mount, bindings, different namespaces, etc.), the match does
      _not_ depend on which one we are using for access.
      Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
      74c3cbe3