On 2019/06/05 21:21, Pannbacker, Ole wrote: > Okay I've set profile 1 to the sshd process, started by the init system > and rebooted after saving the policys. however the problem remains.
Yes. That's the expected result. When you saved the policy files onto the disk, domains for child processes were saved with profile 0. Then, when you rebooted the system, the policy files were loaded from the disk, profile value of domains for child processes are that of when you saved the policy files onto the disk (i.e. it remains 0). Please change profile value of domains for child processes before saving the policy files onto the disk. Then, you will see changed profile value when you rebooted the system. The location of policy files is /etc/ccs/ for TOMOYO 1.x and /etc/tomoyo/ for TOMOYO 2.x. You can browse domain_policy.conf file in that directory after you saved the policy files onto the disk. _______________________________________________ tomoyo-users-en mailing list tomoyo-users-en@lists.osdn.me https://lists.osdn.me/mailman/listinfo/tomoyo-users-en
