Hello Tetsuo Handa, Am Montag, 17. März 2014, 20:10:12 schrieben Sie: > Claus Reheis wrote: > > After playing around with "Tomoyo Linux" since one week I have to say > > that I really enjoy analyzing my system and confining applications with > > Tomoyo Linux. > > Yes, TOMOYO is a powerful tool for analyzing/understanding Linux systems. > ;-) > > After putting some applications in "permissive mode" I wanted to take a > > look at the "reject logs" in /var/log/tomoyo/ and was surprised how big > > the file reject_001.log has grown... 6.9GB!!! > > This file is from the "learning mode" as far as I understand!? > > Yes. > > > Luckily I habe a big hard drive in my laptop, but when this log file > > continue to grow at this rate I will be out of space soon! > > What is filling up this file so fast and what can I do about it? > > Probably /proc/$pid/ files and temporary files are filling up this file. > You can use tomoyo-patternize utility (see /etc/tomoyo/tools/patternize.conf > for configuration) for converting such pathnames to patterns. > > http://tomoyo.sourceforge.jp/2.5/chapter-6.html
Can I safely delete the logfiles from time to time until I figured it out how to manage the tomoyo-patternize utility? > > > As Mageia is providing Firefox ESR, we have a Version what does not get > > upgraded ad often as it happens in other distributions and when I see > > this from the perspective of a Tomoyo Linux user, I even appreciate it > > more to have less frequent changes. > > Unless dependency changes, there will be little with updating TOMOYO's > configuration when updating software packages. There is tomoyo- queryd > utility which you can use for interactively judging exceptional requests > which happen while updating software packages. > > > Particular I was wondering if I have a Tomoyo policy for the domain: > > > > /usr/lib64/firefox-24.3.0/plugin-container > > > > if there there a way to do some wildcard magic what makes it possible > > that the policy automatically adopts to a new version/path like > > > > /usr/lib64/firefox-24.4.0/plugin-container > > > > or do I have to create and edit a new policy every time Firefox gets > > updated? > > You can use aggregator directive (see > /etc/tomoyo/policy/current/exception_policy.conf for configuration). > > aggregator /usr/lib/firefox-\*/plugin-container > /usr/lib/firefox/plugin-container > > The "file execute" permission and domainname can be wildcarded by the > aggregator directive. Other permissions (e.g. "file read") can be wildcarded > by tomoyo-patternize utility. Greetings from Austria, _______________________________________________ tomoyo-users-en mailing list [email protected] http://lists.sourceforge.jp/mailman/listinfo/tomoyo-users-en
