All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Building a Linux Filesystem Watcher: Comparing fanotify and eBPF Solutions

By

amandeepspdhr

8mo ago· 7 min readenInsight
Bagel score 100 of 100
100/100
Golden Brown
Bagelometer

Kettled twice. Extra chewy, extra trustworthy.

Score100TypeanalysisSentimentneutral

Summary

A technical deep dive into building a Linux filesystem watcher, comparing fanotify and eBPF-based solutions for in-kernel monitoring. The article explores the challenges of maintaining customized environments where manual tasks by support engineers can lead to issues like incorrect file ownership, and presents a sophisticated approach to solving these monitoring problems at the kernel level.

Key quotes

· 3 pulled
Some of the systems I work with are highly customized environments, and often need support engineers to maintain them.
A lot of automation exists, but sometimes they need to manually go into a VM and change things.
But sometimes people run commands in the service directories as root. This doesn't impact the service as it's running, but it won't restart.
Snippet from the RSS feed
A deep dive into building a Linux filesystem watcher. We compare fanotify vs. a powerful eBPF solution to solve in-kernel monitoring challenges.

You might also wanna read

How to Install Ubuntu Server 26.04 on Raspberry Pi: A Step-by-Step Guide

A practical guide for installing Ubuntu Server 26.04 on Raspberry Pi models. The article covers using Raspberry Pi Imager or direct download

raspberrytips.com·1d ago

Flatpak to require systemd in next major version, dropping support for alternative init systems

Flatpak, a universal Linux app distribution system that previously prided itself on being distribution-agnostic (including support for non-s

osnews.com·5d ago

Omarchy is not a Linux distribution — it's Arch Linux with DHH's personal dotfiles

The article criticizes omarchy, a project by DHH that markets itself as a Linux distribution. The author argues omarchy is not a true distro

abyss.fish·7d ago

Understanding the Linux TTY Subsystem: History, Architecture, and Implementation

A comprehensive technical deep-dive into the TTY (teletype) subsystem in Linux and UNIX systems. The article traces the historical origins o

linusakesson.net·12d ago

Gentoo Linux addresses Copy Fail, Dirty Frag, and Fragnesia kernel privilege escalation vulnerabilities

The article reports on a series of recently discovered Linux kernel privilege escalation vulnerabilities — Copy Fail, Dirty Frag, and Fragne

gentoo.org·12d ago

Fragnesia: New Linux Kernel Local Privilege Escalation Vulnerability Disclosed

A new Linux kernel local privilege escalation (LPE) vulnerability called "Fragnesia" has been made public, following closely on the heels of

phoronix.com·18d ago