-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi,
On Tue, 22 Mar 2011 01:12:38 +0530 Ritesh Raj Sarraf <[email protected]> wrote: > I am running v0.15 and the issue was seen on this version. Thanks, i will try to track the bug down then. > The current stable (Squeeze) also has tomoyo enabled in the kernel. I'll take a try with that. > daemon's start-ups are not learnt by tomld at this stage. I just saw > your videos. I guess the steps should be: > * to switch to runlevel 1 (which will kill all processes) > * Run tomld in screen > * Switch to runlevel 2. (This will help all service rules to be > learnt). > * Stop when the user feels that he's done with almost all the tasks. Yes, that's why i print "(restart needed)", notifying the user that the apps and services should be manually restarted. Otherwise they will keep running in a different domain, that look like when they started before tomld, something like <kernel> /sbin/init xfce ... ktorrent instead of the newly created <kernel> /usr/bin/ktorrent So my point is, that after the first run of tomld, all apps have to be restarted, either by whole system restart, or by manually restarting everything one by one. > * Run tomld -c and run your apps > * Stop it (It creates the first set of rules for all the apps). > * Then I realized that I didn't trigger one core feature of one of > the apps. > * I again run tomld -c > * The new rules are not added. One thing that might not have been obvious from my documentation is, that once something changed, we have to wait the next 10s cycle so tomld can finish picking up the rules, change them and write them back. This is shown by a point '.' now. Couldn't it be that you stopped it before it could finish? > *<kernel> /usr/bin/ktorrent (deleted)* This (deleted) domain is not handled yet. This will be the next thing i have to manage. Thanks. Still needed a lot of testing. There feedbacks are very helpful. > The other question I have is maybe more for tomoyo: > > allow_read/write /home/\*/.kde/share/apps/ktorrent/\* > allow_unlink /home/\*/.kde/share/apps/ktorrent/\* > allow_read /home/\*/.kde/share/apps/ktorrent/tor0/\* > allow_read /home/\*/.kde/share/apps/ktorrent/tor1/\* > allow_read/write /home/\*/.kde/share/apps/ktorrent/tor6/\* > allow_unlink /home/\*/.kde/share/apps/ktorrent/tor6/\* > > There are many more such entries. These are just data files. Why are > these necessary to be part of domain policy ? They have to be part of the policy. These rules tell the apps which files they can access and what they can do with it. > This is ktorrent's profile. Is it necessary to nick-pick each data > file? Why I ask this is because the ktorrent failure I faced said > that it couldn't write to one of the files inside My_Data/ folder. > But the way I interpret this rules is that: *any inside > home/?/.crypt/My_Data/ should be allowed r/w* > Why an asterisk after /home/ ? > Why did ktorrent fail? The /home/\*/ is my design to make an app's rule work for all users. So if somebody creates rules for a browser in a couple of days, then it would be bad if the other logged in user would have to also recreate all the rules for everybody. This might sound to make the policy more loosey, and maybe. I think this is a fair balance between security and usability. It might be rethought later if somebody came up with an idea what would be better than this to not have to recreate rules for the same app more times. > This is how the kernel deny looked: > > Mar 21 23:39:42 champaran kernel: [ 5582.664204] ERROR: Access > read/write /home/rrs/.crypt/My_Data/MySecretData/SecretFile.txt > denied for /usr/bin/ktorrent This is useful too. > How does tomoyo deal when a file is deleted? In my case, ktorrent was > purged and then later re-installed. Does purge on a file delete its > domain policy ? I think i simply will remove the domain. As i noticed, more rules can make the process slower, cause several things have to be checked and the iteration number grows. And because it's rare to remove an app - and the rules can be regenerated anytime - i think the best is to remove the domains for the deleted apps. Andras -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAk2HwTEACgkQAx9+mHylNBg8xgCeK5/YoBSSaqc6v74QMjvFqm8F S9wAnjxT24YC6ixw8GGSUAe4UL3x0p0q =pOsW -----END PGP SIGNATURE----- _______________________________________________ tomoyo-users-en mailing list [email protected] http://lists.sourceforge.jp/mailman/listinfo/tomoyo-users-en
