Claus Reheis wrote: > Hello! > > > After spending the last days with adding rules to my > > /etc/tomoyo/tools/patternize.conf > > and successfully reducing the size of the content of my /var/log/tomoyo/ > directory, I got the expected update of my firefox package! > > While I was busy playing with wildcards, I did put firefox in learning mode > and did the update. > I intended to delete the domain for Firefox 24.3 and just editing a new one > for 24.4! > This worked out half way, but I still have the 24.3 domains left in the > policy > editor looking like: > > ( /usr/lib64/firefox-24.3.0/firefox ) > ( /usr/lib64/firefox-24.3.0/plugin-container ) >
Domains in parenthesis are shown for keeping tree indent. They will disappear when all child domains are deleted using 'd' key. http://tomoyo.sourceforge.jp/2.5/tool-editpolicy.html#missing_domain In case you are misunderstanding, I explain again. tomoyo-editpolicy will edit on-memory configuration if executed without the location of on-disk configuration (i.e. /etc/tomoyo/ ). Therefore, please run tomoyo-savepolicy when you edited on-memory configuration using tomoyo-editpolicy in order to copy on-memory configuration to on-disk. > Then I decided that I take a closer look to you last mail and I followed you > advice with adding: > > aggregator /usr/lib64/firefox-2\$.\$.\$/plugin-container /usr/lib64/plugin- > container > > to my /etc/tomoyo/policy/current/exception_policy.conf > > but I still see the firefox 24.3 domains! I think /usr/lib64/firefox-\*/plugin-container is better because Firefox will someday reach version 30.0. Also, if you edited on-disk configuration (e.g. /etc/tomoyo/policy/current/exception_policy.conf ), please run tomoyo-loadpolicy in order to copy on-disk configuration to on-memory. # tomoyo-loadpolicy -e < /etc/tomoyo/policy/current/exception_policy.conf Finally, please run tomoyo-pstree command and check that currently running processes are in domains you intended. If they are not in domains you intended (e.g. some firefox instance remains in /usr/lib64/firefox-24.3.0/firefox or /usr/lib64/firefox-24.4.0/firefox ), please restart such process. # tomoyo-pstree -a > > After looking through: > > /etc/tomoyo/policy/current/domain_policy.conf > > I saw some firefox 24.3 lines there too! > /etc/tomoyo/policy/current/domain_policy.conf is on-disk configuration. This file will be synchronized with on-memory configuration by running tomoyo-savepolicy . > What can I do now? > Sorry for being so hasty with deleting the domains in the policyeditor what > probably brought me in this ?little? mess :-/ > > Greetings _______________________________________________ tomoyo-users-en mailing list [email protected] http://lists.sourceforge.jp/mailman/listinfo/tomoyo-users-en
