Hello,
> Did you execute tomoyo-savepolicy between after changing profile from 1 to 3 > and before rebooting your system? No, you are correct that I didn't save the profile after I changed it to use_profile 3 but the rest of the profile was saved. > prompt is because /etc/tomoyo/profile.conf was deleted by some reason. Hmm not sure how I OR if I deleted but i think I recreated it running: /usr/lib/tomoyo/tomoyo_init_policy after it stopped working after the reboot. > According to INFO below, it seems to me that profiles 2 and 3 are defined. > You meant "use_profile 2" and "use_profile 3" lines have gone from > /etc/tomoyo/domain_policy.conf and /sys/kernel/security/tomoyo/domain_policy ? The problem I have is that the Kernel does not know about profiles 2 or 3. Please double check the below output: The reason there is even a profile "2" is because I created one within tomoyo-editpolicy's Profile Editor, Yes the correct profiles are defined in the profile.conf, but it doesn't match what is in the kernel. root@www:~# cat /sys/kernel/security/tomoyo/profile 0-COMMENT=disabled 0-MAC_FOR_FILE=disabled 0-MAX_ACCEPT_ENTRY=0 0-TOMOYO_VERBOSE=disabled 1-COMMENT=disabled 1-MAC_FOR_FILE=disabled 1-MAX_ACCEPT_ENTRY=0 1-TOMOYO_VERBOSE=disabled 2-COMMENT= 2-MAC_FOR_FILE=disabled 2-MAX_ACCEPT_ENTRY=2048 2-TOMOYO_VERBOSE=enabled ^^ Note: Profile 2 isn't the same, and there is no profile 3 in the kernel. root@www:~# cat /etc/tomoyo/profile.conf 0-COMMENT=-----Disabled Mode----- 0-MAC_FOR_FILE=disabled 0-TOMOYO_VERBOSE=disabled 1-COMMENT=-----Learning Mode----- 1-MAC_FOR_FILE=learning 1-TOMOYO_VERBOSE=disabled 2-COMMENT=-----Permissive Mode----- 2-MAC_FOR_FILE=permissive 2-TOMOYO_VERBOSE=enabled 3-COMMENT=-----Enforcing Mode----- 3-MAC_FOR_FILE=enforcing 3-TOMOYO_VERBOSE=enabled I think my main question is now, how do I load the profiles from disk into the kernel? Thanks for your help so far. --Cam
_______________________________________________ tomoyo-users-en mailing list [email protected] http://lists.sourceforge.jp/mailman/listinfo/tomoyo-users-en
