How can I monitor a whole directory tree for changes in Linux (ext3 file system)?
如何监视整个目录树以查看Linux (ext3文件系统)中的更改?
Currently the directory contains about half a million files in about 3,000 subdirectories, organized in three directory levels.
目前,该目录包含大约3000个目录中的大约50万个文件,组织在3个目录级别。
Those are mostly small files (< 1kb, some few up to 100 kb). It's a sort of queue and I need to know when files are being created, deleted or their content modified within 5-10 seconds of that happening.
这些文件大多是小文件(< 1kb,有些文件甚至高达100kb)。这是一种队列,我需要知道什么时候创建、删除文件,或者在5-10秒内修改文件内容。
I know there is inotify and sorts, but AFAIK they only monitor a single directory, which means I would need 3,000 inotify handles in my case - more than the usual 1024 handles allowed for a single process. Or am I wrong?
我知道有inotify和sort,但是他们只监视一个目录,这就意味着我需要3000个inotify句柄——比一个进程通常允许的1024个句柄要多。还是我错了?
In case the Linux system can't tell me what I need: perhaps there is a FUSE project that simulates a file system (replicating all file accesses on a real file system) and separately logs all modifications (couldn't fine one)?
如果Linux系统不能告诉我我需要什么:也许有一个FUSE项目可以模拟一个文件系统(在一个真实的文件系统上复制所有的文件访问),并分别记录所有的修改(难道不能确定一个)?
6 个解决方案
#1
12
To my knowledge, there's no other way than recursively setting an inotify watch on each directory.
据我所知,除了在每个目录上递归地设置inotify监视之外,没有其他方法。
That said, you won't run out of file descriptors because inotify does not have to reserve an fd to watch a file or a directory (its predecessor, dnotify, did suffer from this limitation). inotify uses "watch descriptors" instead.
也就是说,您不会用完文件描述符,因为inotify不需要预留一个fd来监视文件或目录(它的前身dnotify就受到了这个限制)。inotify使用了“观察描述符”。
According to the documentation for inotifywatch, the default limit is 8192 watch descriptors, and you can increase it by writing the new value to /proc/sys/fs/inotify/max_user_watches.
根据inotifywatch的文档,默认限制是8192个watch描述符,您可以通过将新值写入/proc/sys/fs/inotify/max_user_watches来增加这个值。
#2
35
I've done something similar using the inotifywait tool:
我使用inotifywait工具做了类似的事情:
#!/bin/bash
while true; do
inotifywait -e modify,create,delete -r /path/to/your/dir && \
<some command to execute when a file event is recorded>
done
This will setup recursive directory watches on the entire tree and allow you to execute a command when something changes. If you just want to view the changes, you can add the -m flag to put it into monitor mode.
这将设置递归目录监视整个树,并允许您在发生更改时执行命令。如果您只想查看更改,可以添加-m标志将其放入监视模式。
#3
4
$ inotifywait -m -r /path/to/your/directory
This command is enough to watch the directory recursively for all events such as access, open, create, delete ...
此命令足以递归地监视目录中所有事件,如访问、打开、创建、删除……
#4
3
Wasn't fanotify supposed to provide that capability eventually? Quoting LWN:
fanotify不是应该最终提供这种能力吗?引用LWN:
“fanotify has two basic 'modes' directed and global. [...] fanotify global instead indicates that it wants everything on the system and then individually marks inodes that it doesn't care about.”
fanotify有两个基本的指导和全球性的“模式”。[…fanotify global相反表示,它想要系统上的所有东西,然后单独标记了它不关心的索引节点。
I lost track what its latest status was, though.
但我不知道它的最新状态是什么。
#5
1
Use inotifywait from inotify-tools:
使用从inotify-tools inotifywait:
sudo apt install inotify-tools
sudo apt安装inotify-tools
Now create a script myscript.sh that includes hidden files and folders too:
现在创建一个脚本myscript。sh也包括隐藏文件和文件夹:
#!/bin/bash
while true; do
inotifywait -e modify,create,delete,move -r $1
done
Make the script executable with chmod +x myscript.sh
使用chmod +x myscript.sh使脚本可执行
Run it with ./myscript.sh /folder/to/monitor
运行它。/ myscript。sh /文件夹/ /监控
If you don't provide argument it will use the working directory by default.
如果不提供参数,默认情况下将使用工作目录。
Also, you can run several commands adding && \ at the end of the previous command to add the next one:
此外,您还可以在前一个命令的末尾运行几个添加&& \的命令来添加下一个命令:
#!/bin/bash
while true; do
inotifywait -e modify,create,delete,move -r $1 && \
echo "event" && \
echo "event 2"
done
If you don't want to execute any command on events, just run the command directly with the -m modifier so doesn't close:
如果您不想对事件执行任何命令,只需使用-m修饰符直接运行命令,因此不关闭:
inotifywait -e modify,create,delete,move -m -r /path/to/your/dir
inotifywait -e修改、创建、删除、移动-m -r /path/to/your/dir
#6
0
inotify is the best option when you have many subdirectories but if not I am used to using this command below:
inotify是最好的选择,当你有很多子目录时,但如果没有的话,我习惯使用下面的命令:
watch -d find <<path>>
看- d找到< <路径> >
#1
12
To my knowledge, there's no other way than recursively setting an inotify watch on each directory.
据我所知,除了在每个目录上递归地设置inotify监视之外,没有其他方法。
That said, you won't run out of file descriptors because inotify does not have to reserve an fd to watch a file or a directory (its predecessor, dnotify, did suffer from this limitation). inotify uses "watch descriptors" instead.
也就是说,您不会用完文件描述符,因为inotify不需要预留一个fd来监视文件或目录(它的前身dnotify就受到了这个限制)。inotify使用了“观察描述符”。
According to the documentation for inotifywatch, the default limit is 8192 watch descriptors, and you can increase it by writing the new value to /proc/sys/fs/inotify/max_user_watches.
根据inotifywatch的文档,默认限制是8192个watch描述符,您可以通过将新值写入/proc/sys/fs/inotify/max_user_watches来增加这个值。
#2
35
I've done something similar using the inotifywait tool:
我使用inotifywait工具做了类似的事情:
#!/bin/bash
while true; do
inotifywait -e modify,create,delete -r /path/to/your/dir && \
<some command to execute when a file event is recorded>
done
This will setup recursive directory watches on the entire tree and allow you to execute a command when something changes. If you just want to view the changes, you can add the -m flag to put it into monitor mode.
这将设置递归目录监视整个树,并允许您在发生更改时执行命令。如果您只想查看更改,可以添加-m标志将其放入监视模式。
#3
4
$ inotifywait -m -r /path/to/your/directory
This command is enough to watch the directory recursively for all events such as access, open, create, delete ...
此命令足以递归地监视目录中所有事件,如访问、打开、创建、删除……
#4
3
Wasn't fanotify supposed to provide that capability eventually? Quoting LWN:
fanotify不是应该最终提供这种能力吗?引用LWN:
“fanotify has two basic 'modes' directed and global. [...] fanotify global instead indicates that it wants everything on the system and then individually marks inodes that it doesn't care about.”
fanotify有两个基本的指导和全球性的“模式”。[…fanotify global相反表示,它想要系统上的所有东西,然后单独标记了它不关心的索引节点。
I lost track what its latest status was, though.
但我不知道它的最新状态是什么。
#5
1
Use inotifywait from inotify-tools:
使用从inotify-tools inotifywait:
sudo apt install inotify-tools
sudo apt安装inotify-tools
Now create a script myscript.sh that includes hidden files and folders too:
现在创建一个脚本myscript。sh也包括隐藏文件和文件夹:
#!/bin/bash
while true; do
inotifywait -e modify,create,delete,move -r $1
done
Make the script executable with chmod +x myscript.sh
使用chmod +x myscript.sh使脚本可执行
Run it with ./myscript.sh /folder/to/monitor
运行它。/ myscript。sh /文件夹/ /监控
If you don't provide argument it will use the working directory by default.
如果不提供参数,默认情况下将使用工作目录。
Also, you can run several commands adding && \ at the end of the previous command to add the next one:
此外,您还可以在前一个命令的末尾运行几个添加&& \的命令来添加下一个命令:
#!/bin/bash
while true; do
inotifywait -e modify,create,delete,move -r $1 && \
echo "event" && \
echo "event 2"
done
If you don't want to execute any command on events, just run the command directly with the -m modifier so doesn't close:
如果您不想对事件执行任何命令,只需使用-m修饰符直接运行命令,因此不关闭:
inotifywait -e modify,create,delete,move -m -r /path/to/your/dir
inotifywait -e修改、创建、删除、移动-m -r /path/to/your/dir
#6
0
inotify is the best option when you have many subdirectories but if not I am used to using this command below:
inotify是最好的选择,当你有很多子目录时,但如果没有的话,我习惯使用下面的命令:
watch -d find <<path>>
看- d找到< <路径> >