spambuffer at orcon.net.nz
2011-Aug-31 08:36 UTC
[zfs-discuss] is there an inmemory map of all files in a zfs filesystem, or how can I get it ?
I really want something like the MFT in NTFS, which has an easily accessible list of everything on the filesystem. I want easy access to the realtime events happening in the filesystem. I have looked at FEN using the event ports api, but then I have to attach a listener to every single file in the filesystem. There are two million files. I don''t like the sound of that idea. Ideally I''d just intercept syscalls using things like syscall::rename:entry but I don''t know how. A bit of background on the task: I am hoping to write an open source quick indexing program that only indexes the file names and directory names of a zfs filesystem. I don''t want to have to crawl the whole fs to get the initial listing, but can definitely handle that - it''s the realtime updates I want most of all. I don''t want to have to modify a users zfs snapshots by taking a snapshot, indexing it, then destroying it. Can someone point me in the right direction of what I should be looking for to do this on Solaris 10 ? My backup hacked together plan is to crawl the fs to get the initial listing, and then use dtrace probes to monitor for any create or deletes since the start of the crawl to keep the listing up to date. For anyone who is curious this is for a network server for Everything, available from voidtools.com Thanks, Tom. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.opensolaris.org/pipermail/zfs-discuss/attachments/20110831/6f3daa08/attachment.html>
Chris Ridd
2011-Sep-04 17:47 UTC
[zfs-discuss] is there an inmemory map of all files in a zfs filesystem, or how can I get it ?
On 31 Aug 2011, at 09:36, spambuffer at orcon.net.nz wrote:> I really want something like the MFT in NTFS, which has an easily accessible list of everything on the filesystem. > > I want easy access to the realtime events happening in the filesystem.ZFS supports virus scanners via the "ICAP" protocol. If you wrote your tool pretending to be a virus scanner, I think it would probably get advised for all the necessary changes. This may not be the completely correct solution, but it might work. Some practical advice on the ICAP side is at <http://www.c0t0d0s0.org/uploads/vscanclamav.pdf> Chris