SYNOPSIS
tomoyo-savepolicy [directory]tomoyo-savepolicy [directory] [remote_ip:remote:port]
DESCRIPTION
This program saves TOMOYO Linux policy onto disk from kernel memory.The directory /etc/tomoyo/policy/YY-MM-DD.hh:mm:ss is created with four files inside: domain_policy.conf, exception_policy.conf, profile.conf, and manager.conf. The symbolic links /etc/tomoyo/policy/previous and /etc/tomoyo/policy/current are updated to point to the previous and current YY-MM-DD.hh:mm:ss directories respectively.
The following symbolic links should exist within the /etc/tomoyo directory:
domain_policy.conf -> policy/current/domain_policy.conf exception_policy.conf -> policy/current/exception_policy.conf profile.conf -> policy/current/profile.conf manager.conf -> policy/current/manager.conf policy/current -> policy/YY-MM-DD.hh:mm:ss policy/previous -> policy/YY-MM-DD.hh:mm:ss
You can therefore access the current policy files without having to descend into subdirectories, and without having to determine which YY-MM-DD.hh:mm:ss directory is the most recent.
If the policy type is specified, this program works similar to cat(1).
OPTIONS
- -e
- Print /sys/kernel/security/tomoyo/exception_policy to standard output.
- -d
- Print /sys/kernel/security/tomoyo/domain_policy to standard output.
- -p
- Print /sys/kernel/security/tomoyo/profile to standard output.
- -m
- Print /sys/kernel/security/tomoyo/manager to standard output.
- -s
- Print /sys/kernel/security/tomoyo/stat to standard output.
- directory
- Save policy to an alternative directory, rather than the default /etc/tomoyo directory.
- remote_ip:remote_port
- Save policy on a remote system via an agent waiting at port remote_port on IP address remote_ip.
EXAMPLES
- Save policy to disk
-
tomoyo-savepolicy
- Print "/sys/kernel/security/tomoyo/exception_policy" to standard output
-
tomoyo-savepolicy -e
- Retrieve policy from a remote system and save in a local directory
-
tomoyo-savepolicy /etc/tomoyo/192.168.1.1/ 192.168.1.1:10000
BUGS
If you find any bugs, send an email to <[email protected]>.AUTHORS
- Tetsuo Handa <[email protected]>
- Main author.
- Jamie Nguyen <[email protected]>
- Documentation and website.