Thanks, the "file create" problem was the culprit. There was some other fine tune to do, but it works fine now.
Thanks again! Paolo On Mon, Apr 1, 2013 at 3:26 PM, Tetsuo Handa < [email protected]> wrote: > Paolo Bolzoni wrote: > > I tried seeking for Skype in tomoyo-editpolicy after pressing > > @ and all the rules appear.... > > Well, I think that the "file create" denial logs are caused by mode > mismatch. > > The policy says 0666 > > file create @SKYPE_FILES 0666 > > while the denial log says 0600 > > file create /home/paolo/.Skype/shared_dynco/dc.lock 0600 > > . You might want to change > > file create @SKYPE_FILES 0666 > > to > > file create @SKYPE_FILES 0600-0666 > > . > > But you are still seeing the "file read" denial logs, aren't you? > Then, try running Skype process while running tomoyo-queryd on a terminal > application. tomoyo-queryd should show you which request is about to be > rejected by TOMOYO. http://tomoyo.sourceforge.jp/2.5/chapter-7.html.en#7.3 >
_______________________________________________ tomoyo-users-en mailing list [email protected] http://lists.sourceforge.jp/mailman/listinfo/tomoyo-users-en
