> Hello, all.
> I'm using Arch Linux 32-bit. I compiled my own kernel to include Tomoyo
> and installed tomoyo-tools. My goal for now is to restrict Skype and
> ignore everything else.
OK. You are trying to use TOMOYO 2.5.
> When I try to add things to the policies by
> editing domain_policy.conf / exception_policy.conf and loading them, the
> changes are removed from these files.
Will you explain what "the changes are removed from domain_policy.conf /
domain_policy.conf / exception_policy.conf are updated by executing
tomoyo-editpolicy as offline mode) which means that changes in
domain_policy.conf / exception_policy.conf
should not be reverted unless explicitly updated.
> When I try to add a line with
> tomoyo-editpolicy, nothing happens (ex: go to Exception Policy Editor
> and press a, type "initialize_domain /usr/bin/skypeforlinux from any"
> and press enter. The line is not added to the list.)
You are running tomoyo-editpolicy as online mode (i.e. starting
without /etc/tomoyo/ command line argument), aren't you?
You are running tomoyo-editpolicy as root user, aren't you?
Are there messages like
<kernel> /usr/sbin/sshd /usr/bin/bash /usr/sbin/tomoyo-editpolicy (
/usr/sbin/tomoyo-editpolicy ) is not permitted to update policies.
in output of dmesg command? If yes, programs for updating on-memory policies
are not listed in
/sys/kernel/security/tomoyo/manager . Please make sure that you executed
> Did I fail to enable/disable something that protects these files? Or
> what is the problem?
tomoyo-users-en mailing list