Hello. stank.k...@xoxy.net wrote: > Hello, all. > I'm using Arch Linux 32-bit. I compiled my own kernel to include Tomoyo > and installed tomoyo-tools. My goal for now is to restrict Skype and > ignore everything else.
OK. You are trying to use TOMOYO 2.5. > When I try to add things to the policies by > editing domain_policy.conf / exception_policy.conf and loading them, the > changes are removed from these files. Will you explain what "the changes are removed from domain_policy.conf / exception_policy.conf" means? domain_policy.conf / exception_policy.conf are updated by executing tomoyo-savepolicy (or tomoyo-editpolicy as offline mode) which means that changes in domain_policy.conf / exception_policy.conf should not be reverted unless explicitly updated. > When I try to add a line with > tomoyo-editpolicy, nothing happens (ex: go to Exception Policy Editor > and press a, type "initialize_domain /usr/bin/skypeforlinux from any" > and press enter. The line is not added to the list.) You are running tomoyo-editpolicy as online mode (i.e. starting tomoyo-editpolicy without /etc/tomoyo/ command line argument), aren't you? You are running tomoyo-editpolicy as root user, aren't you? Are there messages like <kernel> /usr/sbin/sshd /usr/bin/bash /usr/sbin/tomoyo-editpolicy ( /usr/sbin/tomoyo-editpolicy ) is not permitted to update policies. in output of dmesg command? If yes, programs for updating on-memory policies are not listed in /sys/kernel/security/tomoyo/manager . Please make sure that you executed /usr/lib/tomoyo/init_policy . > Did I fail to enable/disable something that protects these files? Or > what is the problem? _______________________________________________ tomoyo-users-en mailing list tomoyo-users-en@lists.osdn.me http://lists.osdn.me/mailman/listinfo/tomoyo-users-en
