path-based filesystem watch limitation

Hello, I've been taking a look at the auditfs code in U2, and I've noticed an issue with the path-based watching. In U2, the path-based watching code only keeps tabs on the parent of given user watch, instead of watching the entire path back to the filesystem root. This means that if a path component beyond the user watch's parent changes, the recreation of the object at the watched path will not be caught. Any subsequent events on the object at the watched path will also not be caught. For example: # auditctl -w /one/two/three/four # mkdir -p /one/two/three # :> /one/two/three/four # echo "hello world" > /one/two/three/four <audit records generated> # mv /one/two /one/too # mkdir -p /one/two/three # :> /one/two/three/four # echo "hello world" > /one/two/three/four <no audit records generated> Is this a known limitation? Amy