logo
Free, unlimited AI code reviews that run on commit
git-lrc git-lrc GitHub Install Now We'd appreciate a star git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt

tomoyo-loadpolicy - load TOMOYO Linux manually

Contents

Authors

       Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
           Main author.

       Jamie Nguyen <jamie@tomoyolinux.co.uk>
           Documentation and website.

Bugs

       If you find any bugs, send an email to <tomoyo-users-en@lists.osdn.me>.

Description

       This program reads TOMOYO Linux policy from standard input and loads it into the kernel.

Examples

Appendalinetoexceptionpolicy
             echo "acl_group 0 file read proc:/meminfo" | tomoyo-loadpolicy -e

       Removealinefromexceptionpolicy
             echo "delete acl_group 0 file read proc:/meminfo" | tomoyo-loadpolicy -e

       Appendalinetodomainpolicy
             ( echo "<kernel>"; echo "file execute /sbin/init" ) | tomoyo-loadpolicy -d

       Replacecurrentlyloadeddomainpolicy
             tomoyo-loadpolicy -df < /etc/tomoyo/domain_policy.conf

       Appendtopolicyremotely
             tomoyo-loadpolicy -d 192.168.1.1:10000 < /etc/tomoyo/192.168.1.1/domain_policy.conf

       Removealinefrom"/sys/kernel/security/tomoyo/manager"
             echo "delete /usr/sbin/tomoyo-queryd" | tomoyo-loadpolicy -m

Name

       tomoyo-loadpolicy - load TOMOYO Linux manually

Options

-e  Append to /sys/kernel/security/tomoyo/exception_policy.

       -ef Overwrite /sys/kernel/security/tomoyo/exception_policy.

       -d  Append to /sys/kernel/security/tomoyo/domain_policy.

       -df Overwrite /sys/kernel/security/tomoyo/domain_policy.

       -m  Append to /sys/kernel/security/tomoyo/manager.

       -p  Append to /sys/kernel/security/tomoyo/profile.

       -s  Append to /sys/kernel/security/tomoyo/stat.

       remote_ip:remote_port
           Write to policy on a remote system via an agent waiting at port remote_port on IP address remote_ip.

See Also

tomoyo-savepolicy(8), tomoyo-editpolicy(8), tomoyo-editpolicy-agent(8), tomoyo-init(8)

       See <https://tomoyo.osdn.jp> for more information.

tomoyo-tools 2.6.0                                 2019-02-05                               TOMOYO-LOADPOLICY(8)

Synopsis

tomoyo-loadpolicy [option]

       tomoyo-loadpolicy [option] [remote_ip:remote_port]
return

See Also

← View System admin Category← Back to Kernel and module management🙏  Credits & Acknowledgments