fam Linux Service

fam service:

File system Alteration Monitor. Logger for all changes to a file system.
Now lets see the manual of fam service.
Manual fam:
NAME
fam - file alteration monitor
SYNOPSIS
<3>/usr/etc/fam<1> [ <3>-f<1> | <3>-v<1> | <3>-d<1> ] [ <3>-l<1> | c
<3>-t<1> <2>NFS_polling_interval<1> ]
[ <3>-T<1> <2>idle_timeout<1> ] [ <3>-p<1> c
<2>program<3>.<2>version<1> ] [ <3>-L<1> ] [ <3>-C<1> ]
[ <3>-c<1> <2>config_file<1> ]
DESCRIPTION
<2>fam<1> is a server that tracks changes to the filesystem and relays these changes to interested applications. Applications such as <2>fm<1>(1G) and mailbox(1) present an up-to-date view of the filesystem. In the absence of <2>fam<1>, these applications and others like them are forced to poll the filesystem to detect changes. <2>fam<1> is more efficient. Applications can request <2>fam<1> to monitor any files or directories in any filesystem. When <2>fam<1> detects changes to monitored files, it notifies the appropriate application. The FAM API provides a programmatic interface to <2>fam<1>; see fam (3X). <2>fam<1> is informed of filesystem changes as they happen by the kernel through the <2>imon<1>(7M) pseudo device driver. If asked to monitor files on an NFS mounted filesystem, <2>fam<1> tries to use <2>fam<1> on the NFS server to monitor files. If <2>fam<1> cannot contact a remote <2>fam<1>, it polls the files instead. <2>fam<1> also polls special files. Normally, <2>fam<1> is started by <2>inetd<1>(1M). It is registered with <2>portmap<1>(1M) as performing the sgi_fam service.
OPTIONS
<3>-l<1>
Disable polling of NFS files. It does not disable use of remote <2>fam<1> on NFS servers, nor does it disable polling of local files.
<3>-t<1> <2>NFS_polling_interval<1>
Set the interval for polling files to <2>NFS_polling_interval<1> seconds. The default is six seconds.
<3>-T<1> <2>idle_timeout<1>
Set the idle timeout interval to <2>idle_timeout<1>. fam exits <2>idle_timeout<1> seconds after its last client disconnects. A value of 0 causes fam to wait indefinitely for new connections. The default is five seconds.
<3>-f<1>
Remain in the foreground instead of spawning a child and exiting. This option is ignored if <2>fam<1> is started by <2>inetd<1>.
<3>-v<1>
Turn on verbose messages.
<3>-d<1>
Enable verbose messages and debug messages.
<3>-p<1> <2>program<3>.<2>version<1>
Use the specified RPC program and version numbers.
<3>-L<1>
Local-only mode. <2>fam<1> will only accept requests from clients running on the local machine. This overrides the <2>local_only<1> flag in the configuration file. This option is ignored if <2>fam<1> is started by <2>inetd<1>.
<3>-C<1>
Compatibility mode. This disables authentication and reduces access security as described under SECURITY below. This overrides the <2>insecure_compatibility<1> flag in the configuration file.
<3>-c<1> <2>config_file<1>
Read configuration information from the given file rather than the default, which is <2>/etc/fam.conf<1>.
CONFIGURATION FILE
In addition to its command-line options, <2>fam<1>'s behavior can also be controlled through its configuration file. By default, this is <2>/etc/fam.conf<1>; the <3>-c<1> command-line option can be used to specify an alternate file. Configuration lines are in the format <2>option=value<1>. Lines beginning with <2>#<1> or <2>!<1> are ignored. <2>fam<1> recognizes the following options:
<3>insecure_compatibility<1>
If set to <2>true<1>, this disables authentication and reduces access security as described under SECURITY below. This is <2>false<1> by default. Setting this option to <2>true<1> is the same as using the <3>-C<1> command-line option.
<3>untrusted_user<1>
This is the user name or UID of the user account which <2>fam<1> will use for unauthenticated clients. If a file can't be <2>stat<1>'ed by this user, <2>fam<1> will not tell unauthenticated clients about the file's existence. If an untrusted user is not given in the configuration file, <2>fam<1> will write an error message to the system log and terminate.
<3>local_only<1>
If set to <2>true<1>, <2>fam<1> will ignore requests from remote <2>fam<1>s. This is <2>false<1> by default. Setting this option to <2>true<1> is the same as using the <3>-L<1> command-line option. This option is ignored if <2>fam<1> is started by <2>inetd<1>.
<3>xtab_verification<1>
If set to <2>true<1>, <2>fam<1> will check the list of exported filesystems when remote requests are received to verify that the requests fall on filesystems which are exported to the requesting hosts. This is <2>true<1> by default. If this option is set to <2>false<1>, <2>fam<1> will service remote requests without attempting to perform the verification. If the <2>local_only<1> configuration option or <3>-L<1> command-line option is used, <2>xtab_verification<1> has no effect.
SECURITY
For backward compatibility, the <3>-C<1> command-line option and <2>insecure_compatibility<1> configuration option can be used to disable authentication. Configuring <2>fam<1> this way opens a publically known security weakness whereby a "rogue client" can obtain the names of all the files and directories on the system. <2>Note that fam never opens the files it's monitoring<1>, and cannot be used by a rogue client to read the contents of any file on the system. <2>fam<1> only gives out the names of monitored files, and only monitors files which the client can stat (1M). Users can stat a file without having read permission on it as long as they have search permission on the directory containing it.
FILES
/etc/fam.conf
SEE ALSO
inetd(1M), portmap(1M), fam(3X), imon(7M), stat(1M).