Scroll to navigation

INIT_POLICY(8) System Administration Utilities INIT_POLICY(8)

NAME

init_policy - initialize TOMOYO Linux policy

SYNOPSIS

init_policy [option]

DESCRIPTION

This program generates templates for all policy files. However, the output should be reviewed because automatically generated exception policy may contain dangerous or redundant entries.

This program only needs to be run once.

OPTIONS

Create profiles with only file-related functionality enabled.
Create profiles with all functionality enabled. [default]
Set the default profile number for the "<kernel>" domain to the specified integer, which must be between 0 and 255. [default=0]
Set the default group number for the "<kernel>" domain to the specified integer, which must be between 0 and 255. [default=0]
Set the default maximal audit log entries that the kernel will spool in the /sys/kernel/security/tomoyo/audit interface. This value must be an integer, and can be set to 0 if audit logs are not required. Maximum memory used can also be controlled via the /sys/kernel/security/tomoyo/stat interface. [default=1024]
Set the default maximum number of ACL entries automatically added to each domain by the kernel when using learning mode. This value must be an integer, and can be set to o if you do not need learning mode. Maximum memory used can also be controlled using the /sys/kernel/security/tomoyo/stat interface.
Set whether grant logs should be audited. This value can either be "yes" or "no". [default=no]
Set whether reject logs should be audited. This value can either be "yes" or "no". [default=yes]

EXAMPLES

  /usr/lib/tomoyo/init_policy
    

BUGS

If you find any bugs, send an email to <tomoyo-users-en@lists.osdn.me>.

AUTHORS

Main author.
Documentation and website.
Bug fix for 64bit Gentoo.

SEE ALSO

tomoyo-init(8)

See <https://tomoyo.osdn.jp> for more information.

2019-02-05 tomoyo-tools 2.6.0