Gidget is a script interface to linux inotify. That means it can cause a script or program to be run when a filesystem object (typically a data file) is modified (usually, by being created or deleted). It does this with no processor overhead, so a system using gidget to react to filesystem changes can potentially support much more activity than polling algorithms can. It also means you can really hurt yourself if you don’t structure your scripts very carefully and manage your security properly – this is a major power tool, not a pocketknife! You must carefully plan your permissions, access controls, and process limitations.

The new version correctly loads secondary groups when it creates the script execution process. This is typically pretty important – groups are a robust and reliable means of access control, and more portable than ACLs. Gidget is written in C, because it is a kernel-interactive process that can be run in a privileged (or unprivileged) mode. I strongly recommend thorough testing of your configuration in unprivileged, single user mode.

As usual, the new version is well tested; it has been in active production use for several years. Thanks as always to HBCS who originally sponsored the development of gidget under version 2 of the GNU General Public License.