What is Inotify
To start with let us discuss what is inotify :- Inotify (inode notify) is a Linux kernel subsystem that acts to extend filesystems to notice changes to the filesystem, and report those changes to applications through the APIs provided. This particular subsystem support was added to glibc version in 2006; to use inotify, you must have a Linux machine with kernel 2.6.13 or later.
What is Inotify Watch
Inotify Watch helps to keep track of the file changes under the directories on "watch" and report back to the application in a standard format using the API calls. We can monitor multiple file events under the watched directory using the API calls. There is a default limit for the number of watches that can be enabled on the system and this limit should be increased for cPGuard to function. if you hit inotify watch limit, it may interrupt the system performance and you may see "upper limit on inotify watches reached" message from system log.
Will increasing watch limit affect system performance?
Obviously, it does not make any direct harm to the system. For a 64 bit system, 1 kB memory will be allocated for the each watch on board. So with sufficient memory, increasing watch will be just fine and we have crafted our application to utilize the memory as efficiently as possible.
So what is happening with Virtuozzo/OpenVZ?
The Virtuozzo/OpenVZ implementation does not allow to change of kernel parameters within the container and may require max_user_watches to be increased by the hosting provider. Some providers may not be willing to do this, though it is completely safe. So before purchasing/installing cPGuard, please make sure that your hosting provider can increase the value for you [ we recommend to set it up to a value of 1000000 for servers hosting multiple accounts, though the limit will be based on the directory structure ] and if they use custom kernel, the kernel will support "inotify".