Daniel Thau wrote: > First of all, I would like to thank the developers for TOMOYO Linux. I've > been using it for well over a year now quite happily. It's saved me more > than once already from some misaimed "rm -rf"'s and a lot of headaches. > Thank you!
You are welcome. > A friend approached me asking if TOMOYO Linux could lock down a single user, > and leave the rest of the system largely untouched. Of course, yes. (For readers, below syntax is for TOMOYO 1.8.x.) > However, it seemed that any program I tried to run > would fall under the "<kernel> init" etc domain, and not go into either > //lockdown or //open. I've tried to play with keep_domain and > no_keep_domain, but couldn't find a way to get it to work out. Specifying "task auto_domain_transition" in the domain policy is valid for only that domain. Since you want to apply it system wide, you can specify it in the exception policy using "acl_group" directive and refer it from the domain policy using "use_group" directive. > Am I going about this the proper way, and am just missing? Or is there a > completely different way to approach locking down a single user that would > be preferable? You can give below three entries (the last one is optional) acl_group 0 task auto_domain_transition <kernel> //lockdown task.uid=1001 keep_domain <kernel> keep_domain <kernel> //lockdown to the exception policy and give below entries <kernel> use_profile 0 use_group 0 <kernel> //lockdown use_profile 3 use_group 1 to the domain policy. Also, you can give entries like acl_group 1 permissions_given_to_<kernel>_//lockdown_domain to the exception policy if you don't give 'keep_domain <kernel> //lockdown' entry to the exception policy Regards. _______________________________________________ tomoyo-users-en mailing list [email protected] http://lists.sourceforge.jp/mailman/listinfo/tomoyo-users-en
