Hello.
TorstenWw wrote:
> if I execute chromium I will get the following message (via dmesg):
>
> ERROR: Domain
> '<kernel> /sbin/init /bin/su /bin/bash /bin/bash /usr/bin/startx
> /usr/bin/xinit /bin/sh /usr/bin/dbus-launch /usr/bin/awesome
> /usr/bin/chromium /usr/lib/chromium/chromium
> proc:/self/exe' not defined.
>
> which seems to be tomoyo related - but there is no domainPolicy nor
> exceptionPolicy for
> chromium
Some applications do execve("/proc/self/exe") but TOMOYO represents
"/proc/self/exe" as "proc:/self/exe". Since TOMOYO's domainname has to be
in the form of "<namespace> /path/to/app1 /path/to/app2 /path/to/app3",
"proc:/self/exe" does not match "/path/to/app3".
Please add a line
aggregator proc:/self/exe /proc/self/exe
to the exception policy (i.e.
# echo 'aggregator proc:/self/exe /proc/self/exe' >>
/etc/tomoyo/exception_policy.conf
and/or
# echo 'aggregator proc:/self/exe /proc/self/exe' | tomoyo-loadpolicy -e
) so that "proc:/self/exe" appears as "/proc/self/exe".
Regards.
_______________________________________________
tomoyo-users-en mailing list
[email protected]
http://lists.sourceforge.jp/mailman/listinfo/tomoyo-users-en
