Search My Blog

Sunday, December 5, 2010

Linuxaria Introduction to inotify : Linuxaria

Introduction to inotify

inotifyinotify is a Linux kernel subsystem that acts to extend filesystems to notice changes to the filesystem, and report those changes to applications. It replaces an earlier facility, dnotify, which had similar goals.
The original developers of inotify were John McCutchan, Robert Love and Amy Griffis. It has been included in the mainline Linux kernel from release 2.6.13 (June 18, 2005), and could be compiled into 2.6.12 and possibly earlier releases by use of a patch.
One major use is in desktop search utilities like Beagle, where its functionality permits reindexing of changed files without scanning the filesystem for changes every few minutes, which would be very inefficient. By being told that a file has changed directly by the kernel, rather than actively looking, Beagle and such utilities can achieve change-to-reindexing times of only about a second.

It can also be used to automatically update directory views, reload configuration files, log changes, backup, synchronize, and upload.
Shell examples
To use the power of inotify you must install the package inotify-tools (available for all the main distribution), after that you can use the function “inotifywait “which makes it easy to integrate it with shell scripts.
This command simply blocks for inotify events, making it appropriate for use in shell scripts. It can watch any set of files and directories, and can recursively watch entire directory trees.
Example 1

# get the current path
inotifywait -mr --timefmt '%d/%m/%y %H:%M' --format '%T %w %f' \
-e close_write /tmp/test | while read date time dir file; do
# convert absolute path to relative
rsync --progress --relative -vrae 'ssh -p 22' $FILECHANGEREL && \
echo "At ${time} on ${date}, file $FILECHANGE was backed up via rsync"
In this example we watch /tmp/test and if an event of “close_write” is caught we rsync that file to a remote location.
Example 2

Consider the simple example of wanting to monitor files created in /tmp and print on standard output a message any time a file is created.

on_exit() {
rm $FIFO
on_event() {
local date=$1
local time=$2
local file=$3
sleep 5
echo "$date $time Fichier créé: $file"
if [ ! -e "$FIFO" ]
mkfifo "$FIFO"
inotifywait -m -e "$EVENTS" --timefmt '%Y-%m-%d %H:%M:%S' --format '%T %f' "$DIR" > "$FIFO" &
trap "on_exit" 2 3 15
while read date time file
on_event $date $time $file &
done < "$FIFO"
  • Function on_event is launched in the background (a sub-shell process is actually created)
  • operations are now performed in parallel processing practical for long or multiple processors eligible
  • The use of the named pipe $FIFO can run the command inotifywait background and get its PID
  • It is  possible to install a “trap”, ie the function on_exit () “, which will kill the command inotifywait (and also delete the named pipe) when the script is killed by a signal 2 (INT ), 3 (QUIT) or 15 (TERM).
  • The events are played through the named pipe, without creating a shell, through the end of “while” done <$ FIFO
Stay “inotified”

There are other inotify-based utilities to consider adding to your bag of tricks. The incron utility is a corollary to cron but reacts to inotify events instead of a schedule. The inoticoming utility is specifically designed to monitor dropboxes. And if you’re a Perl, Ruby, or Python developer, you can find modules and libraries to call inotify from the comfort of your favorite scripting language.
Per esempio, per i programmatori Perl è possibile utilizzare Linux:: Inotify2  per  incorporare le funzionalità di inotify in qualsiasi applicazione Perl.
Questo codice, preso dalla Linux:: file README Inotify2, mostra un’interfaccia di callback per monitorare gli eventi su filesystem:

use Linux::Inotify2;
my $inotify = new Linux::Inotify2
or die "Unable to create new inotify object: $!";
# for Event:
Event->io (fd =>$inotify->fileno, poll => 'r', cb => sub { $inotify->poll });
# for Glib:
add_watch Glib::IO $inotify->fileno, in => sub { $inotify->poll };
# manually:
1 while $inotify->poll;
# add watchers
$inotify->watch ("/etc/passwd", IN_ACCESS, sub {
my $e = shift;
my $name = $e->fullname;
print "$name was accessed\n" if $e->IN_ACCESS;
print "$name is no longer mounted\n" if $e->IN_UNMOUNT;
print "$name is gone\n" if $e->IN_IGNORED;
print "events for $name have been lost\n" if $e->IN_Q_OVERFLOW;
# cancel this watcher: remove no further events


Popular Posts:

Related posts:
  1. introduction to zsh
  2. Introduction to LVS
  3. Introduction to snort
November 26, 2010 · Posted in Article

Go there...

I tried out inotify-tools with Example 1 edited to just /tmp folder, but got an Error when running my inotify-tools Example 1 Script…
[don@fedora13gt5408 Shell Scripts]$ ./
Setting up watches. Beware: since -r was given, this may take a while!
Failed to watch /tmp/; upper limit on inotify watches reached!
Please increase the amount of inotify watches allowed per user via `/proc/sys/fs/inotify/max_user_watches’.
[don@fedora13gt5408 Shell Scripts]$
Max is already set to 8192. Tired to 9000 in Kursader root mode, to see if it works. Couldn’t save copy or edit at all, even by starting kwrite and gedit from root Terminal. I wonder if this is an SElinux issue. But I didn’t get any SELinux notices and I have mine set to Permissive mode…


No comments: