2  

On Linux, there's a kernel patch floating around for inotify. However, some have said this is rarely useful and that it can be a security risk. In any case, here's the patch.

在Linux上，有一个用于inotify的内核补丁。然而，一些人说这很少有用，它可能是安全风险。无论如何，这是补丁。

Apart from that, I'm not sure there's any way to get the PID, either with inotify or dnotify. You could investigate further (e.g. search for pid dnotify or pid inotify), but I believe it isn't likely.

除此之外，我不确定是否有任何方法可以获得PID，无论是使用inotify还是dnotify。您可以进一步研究(例如搜索pid dnotify或pid inotify)，但我认为这不太可能。

1  

On FreeBSD, perhaps it should be best if you check its auditing features.

在FreeBSD上，如果您检查它的审计特性，那么它应该是最好的。

1  

Linux has an audit daemon http://www.cyberciti.biz/tips/linux-audit-files-to-see-who-made-changes-to-a-file.html

Linux有一个审计守护进程http://www.cyberciti.biz/tips/linux-audit-files-to-see-who-made-changes-to-a-file.html

See also auditd homepage

参见auditd主页

0  

You can see which processes opened a file just installing and using lsof (LiSt Open Files) command.

您可以看到哪些进程只安装并使用lsof(列出打开的文件)命令打开文件。