tomoyo-savepolicy(8) save TOMOYO Linux policy

SYNOPSIS

tomoyo-savepolicy [directory]

tomoyo-savepolicy [directory] [remote_ip:remote:port]

DESCRIPTION

This program saves TOMOYO Linux policy onto disk from kernel memory.

The directory /etc/tomoyo/policy/YY-MM-DD.hh:mm:ss is created with four files inside: domain_policy.conf, exception_policy.conf, profile.conf, and manager.conf. The symbolic links /etc/tomoyo/policy/previous and /etc/tomoyo/policy/current are updated to point to the previous and current YY-MM-DD.hh:mm:ss directories respectively.

The following symbolic links should exist within the /etc/tomoyo directory:

  domain_policy.conf -> policy/current/domain_policy.conf
  exception_policy.conf -> policy/current/exception_policy.conf
  profile.conf -> policy/current/profile.conf
  manager.conf -> policy/current/manager.conf
  policy/current -> policy/YY-MM-DD.hh:mm:ss
  policy/previous -> policy/YY-MM-DD.hh:mm:ss

You can therefore access the current policy files without having to descend into subdirectories, and without having to determine which YY-MM-DD.hh:mm:ss directory is the most recent.

If the policy type is specified, this program works similar to cat(1).

OPTIONS

-e
Print /sys/kernel/security/tomoyo/exception_policy to standard output.
-d
Print /sys/kernel/security/tomoyo/domain_policy to standard output.
-p
Print /sys/kernel/security/tomoyo/profile to standard output.
-m
Print /sys/kernel/security/tomoyo/manager to standard output.
-s
Print /sys/kernel/security/tomoyo/stat to standard output.
directory
Save policy to an alternative directory, rather than the default /etc/tomoyo directory.
remote_ip:remote_port
Save policy on a remote system via an agent waiting at port remote_port on IP address remote_ip.

EXAMPLES

Save policy to disk
  tomoyo-savepolicy
Print "/sys/kernel/security/tomoyo/exception_policy" to standard output
  tomoyo-savepolicy -e
Retrieve policy from a remote system and save in a local directory
  tomoyo-savepolicy /etc/tomoyo/192.168.1.1/ 192.168.1.1:10000

BUGS

If you find any bugs, send an email to <[email protected]>.

AUTHORS

Tetsuo Handa <[email protected]>
Main author.
Jamie Nguyen <[email protected]>
Documentation and website.