How File Protection Works

When the seosd daemon starts, it performs the UNIX stat command for each discrete file object that is defined in the database. The daemon then builds a table in memory that contains an entry for each file object. In addition, the table contains the inode and device of the file for each discrete file. With this information, can also protect the hard links to the files because the protection is according to device and inode. The database does not keep information about the inode and device of a file.
capamsc141
When the seosd daemon starts, it performs the UNIX stat command for each discrete file object that is defined in the database. The daemon then builds a table in memory that contains an entry for each file object. In addition, the table contains the inode and device of the file for each discrete file. With this information,
PAM Server Control
can also protect the hard links to the files because the protection is according to device and inode. The database does not keep information about the inode and device of a file.
When you create a file rule through
PAM Server Control
:
  • If the file exists in UNIX,
    PAM Server Control
    first performs a stat command for the file. Then it adds an entry to the file table with the inode and device information of the file.
  • If the file does not exist in UNIX,
    PAM Server Control
    adds an entry of the name of the file to the file table (without inode and device information). This entry is the same as the entry for a generic file object. Simultaneously, the kernel keeps an indication in its internal tables that this file must be checked during creation for inode and device information. When the file is created, the kernel intercepts its creation. The kernel informs seosd of the inode of the file and device information. The seosd daemon can then update the entry of the file in the file table.
When you delete a file,
PAM Server Control
deletes its entry in the seosd file table. The entry remains in the
PAM Server Control
database in case you create it again.