Re: [RFC][PATCH] (#4) auditfs

Just a heads up. I've come across several glaring bugs (such as creating a cache with the wrong struct sizing), a couple bugs in audit_watch(), etc. I've also reduced redundant code and made some of my helper functions tighter. I'll be releasing an intermediary patch that has all these changes, including the elimination of whitespaces and other bogus information in the patch. I hope this patch will pretty much be patch #5 without the remaining feature to list all the watch points currently in the FS. On a similar note, I'd like to start getting feedback on linux-fsdevel with a CC directly to Al Viro about the design itself. What do you all think of this approach? Or perhaps I should bring it directly to LKML? Should I wait until the intermediary patch #5 is completed and tested before I start any dialog? I personally think overlapping the two would be fine. The reason I think this is because the first major stumbling block has nothing to do with the implementation itself, but the design and all the philosophy and politics surrounding it. As soon as I mention "filesystem auditing" I've noticed that people get antsy and immediately try to beat it down like a pianta made out of software patents J/K. Thus I feel a large part of this endeveour is going to revolve around explanation. Do you agree? I'd appreciate some feedback.