tomoyo−init − load TOMOYO Linux policy automatically
tomoyo-init
When /sbin/init starts, the kernel automatically calls this program. Policy files that have been saved to disk are subsequently loaded into kernel memory.
This program copies the following files:
/etc/tomoyo/exception_policy.conf => /sys/kernel/security/tomoyo/exception_policy /etc/tomoyo/domain_policy.conf => /sys/kernel/security/tomoyo/domain_policy /etc/tomoyo/profile.conf => /sys/kernel/security/tomoyo/profile /etc/tomoyo/manager.conf => /sys/kernel/security/tomoyo/manager /etc/tomoyo/stat.conf => /sys/kernel/security/tomoyo/stat
If /etc/tomoyo/tomoyo−post−init exists and is executable, then it will also be executed. This allows additional control over what happens at startup.
You will not usually need to invoke this program manually.
Contents of "/etc/tomoyo/tomoyo−post−init" allowing non-root "demo"
user to edit policy
#!/bin/bash echo manage_by_non_root > /sys/kernel/security/tomoyo/manager chown −R demo /sys/kernel/security/tomoyo
If you find any bugs, send an email to <tomoyo−users−en AT lists DOT sourceforge DOT jp>.
Tetsuo Handa <penguin−kernel@I−love.SAKURA.ne.jp>
Main author.
Jamie Nguyen <jamie AT tomoyolinux DOT co DOT uk>
Documentation and website.
See <http://tomoyo.sourceforge.jp> for more information.