监视,扩展和索引Linux文件系统

1) open(),and its parameters (where flags is O_CREAT)
2) write(),along with its parameters,*buf,and the struct file for fd,including f_pos
3) the corresponding information in 2 for a memory-mapped write to a file. I realize I'm asking something very difficult here as it requires an incestuous knowledge between the layers. Setting a flag that memory-mapped IO to a given open file has occurred is good enough,similar to how O_DIRECT writes might be handled. (triggering a later re-scan).
4) rename(),unlink()
5) mkdir(),rmdir()
6) truncate(),ftruncate()

如果有竞争技术来捕获这些类型的操作,我最感兴趣的是那些持续时间最长(最稳定和社区支持)的文件,以及那些文件系统最少的文件(reiser4插件很令人兴奋,但不是似乎在政治上可行).

虽然我的列表1-6仅仅是示例,但关于我忘记的内容的想法是有帮助的.但我并不是想要全面,只是传达我的设计目标.

例如,将此数据传递给用户空间将允许保留实时locate / updatedb索引.它将允许数据库跟踪每个块和每个文件的MD5.此数据的可用性可以促进快照.