Scroll to navigation

TOMOYO-LOADPOLICY(8) System Administration Utilities TOMOYO-LOADPOLICY(8)

NAME

tomoyo-loadpolicy - load TOMOYO Linux manually

SYNOPSIS

tomoyo-loadpolicy [option]

tomoyo-loadpolicy [option] [remote_ip:remote_port]

DESCRIPTION

This program reads TOMOYO Linux policy from standard input and loads it into the kernel.

OPTIONS

Append to /sys/kernel/security/tomoyo/exception_policy.
Overwrite /sys/kernel/security/tomoyo/exception_policy.
Append to /sys/kernel/security/tomoyo/domain_policy.
Overwrite /sys/kernel/security/tomoyo/domain_policy.
Append to /sys/kernel/security/tomoyo/manager.
Append to /sys/kernel/security/tomoyo/profile.
Append to /sys/kernel/security/tomoyo/stat.
Write to policy on a remote system via an agent waiting at port remote_port on IP address remote_ip.

EXAMPLES

  echo "acl_group 0 file read proc:/meminfo" | tomoyo-loadpolicy -e
    
  echo "delete acl_group 0 file read proc:/meminfo" | tomoyo-loadpolicy -e
    
  ( echo "<kernel>"; echo "file execute /sbin/init" ) | tomoyo-loadpolicy -d
    
  tomoyo-loadpolicy -df < /etc/tomoyo/domain_policy.conf
    
  tomoyo-loadpolicy -d 192.168.1.1:10000 < /etc/tomoyo/192.168.1.1/domain_policy.conf
    
  echo "delete /usr/sbin/tomoyo-queryd" | tomoyo-loadpolicy -m
    

BUGS

If you find any bugs, send an email to <tomoyo-users-en@lists.osdn.me>.

AUTHORS

Main author.
Documentation and website.

SEE ALSO

tomoyo-savepolicy(8), tomoyo-editpolicy(8), tomoyo-editpolicy-agent(8), tomoyo-init(8)

See <https://tomoyo.osdn.jp> for more information.

2019-02-05 tomoyo-tools 2.6.0