Best linux filesystem filter option?

I need a linux filesystem filter with which to enforce ACL policy on filesystem calls dynamically (allow/deny read/writes based on stuff computed at runtime).

So far I have stumbled onto DazukoFS and Related Work. What I dont like about DazukoFS is that it has to be compiled for each kernel release.

  1. Is there some user-mode library that can filter filesystem calls dynamically?
  2. If not, is there some kernel-mode library that can filter FS calls dynamically, and not compile it for each kernel release?
  3. If not, what is the best choice among DazukoFS and others ?


I have chosen RedirFS Redirecting Filesystem Framework.

  • similar to windows minifilter drivers in many ways
  • simple enough and featurefull
  • has examples of programs
  • nice docs (but scattered)

If fanotify ever gets into the kernel, it would provide precisely what you're asking for.

But unfortunately it hasn't got in yet.


fanotify has been merged into 2.6.36.

Pull request was:

Need Your Help

Using gulp for compiling of changed files only

gulp gulp-watch

I have lots of .jade, .styl and .coffee files resided in different subfolders.

Having issues with initializing character array

c++ arrays pointers cstring

Ok, this is for homework about hashtables, but this is the simple stuff I thought I was able to do from earlier classes, and I'm tearing my hair out. The professor is not being responsive enough, s...