Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

tomoyo-savepolicy(8) [debian man page]

TOMOYO-SAVEPOLICY(8)					  System Administration Utilities				      TOMOYO-SAVEPOLICY(8)

NAME

       tomoyo-savepolicy - save TOMOYO Linux policy

SYNOPSIS

       tomoyo-savepolicy [directory]

       tomoyo-savepolicy [directory] [remote_ip:remote:port]

DESCRIPTION

       This program saves TOMOYO Linux policy onto disk from kernel memory.

       The directory /etc/tomoyo/policy/YY-MM-DD.hh:mm:ss is created with four files inside: domain_policy.conf, exception_policy.conf,
       profile.conf, and manager.conf. The symbolic links /etc/tomoyo/policy/previous and /etc/tomoyo/policy/current are updated to point to the
       previous and current YY-MM-DD.hh:mm:ss directories respectively.

       The following symbolic links should exist within the /etc/tomoyo directory:

	 domain_policy.conf -> policy/current/domain_policy.conf
	 exception_policy.conf -> policy/current/exception_policy.conf
	 profile.conf -> policy/current/profile.conf
	 manager.conf -> policy/current/manager.conf
	 policy/current -> policy/YY-MM-DD.hh:mm:ss
	 policy/previous -> policy/YY-MM-DD.hh:mm:ss

       You can therefore access the current policy files without having to descend into subdirectories, and without having to determine which
       YY-MM-DD.hh:mm:ss directory is the most recent.

       If the policy type is specified, this program works similar to cat(1).

OPTIONS

       -e  Print /sys/kernel/security/tomoyo/exception_policy to standard output.

       -d  Print /sys/kernel/security/tomoyo/domain_policy to standard output.

       -p  Print /sys/kernel/security/tomoyo/profile to standard output.

       -m  Print /sys/kernel/security/tomoyo/manager to standard output.

       -s  Print /sys/kernel/security/tomoyo/stat to standard output.

       directory
	   Save policy to an alternative directory, rather than the default /etc/tomoyo directory.

       remote_ip:remote_port
	   Save policy on a remote system via an agent waiting at port remote_port on IP address remote_ip.

EXAMPLES

       Save policy to disk
	     tomoyo-savepolicy

       Print "/sys/kernel/security/tomoyo/exception_policy" to standard output
	     tomoyo-savepolicy -e

       Retrieve policy from a remote system and save in a local directory
	     tomoyo-savepolicy /etc/tomoyo/192.168.1.1/ 192.168.1.1:10000

BUGS

       If you find any bugs, send an email to <tomoyo-users-en@lists.sourceforge.jp>.

AUTHORS

       Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
	   Main author.

       Jamie Nguyen <jamie@tomoyolinux.co.uk>
	   Documentation and website.

SEE ALSO

       tomoyo-editpolicy-agent(8), tomoyo-loadpolicy(8)

       See <http://tomoyo.sourceforge.jp> for more information.

tomoyo-tools 2.5.0						    2012-04-14						      TOMOYO-SAVEPOLICY(8)

Check Out this Related Man Page

TOMOYO-PATTERNIZE(8)					  System Administration Utilities				      TOMOYO-PATTERNIZE(8)

NAME

       tomoyo-patternize - utility to convert pathnames in policy into patterns

SYNOPSIS

       tomoyo-patternize

       tomoyo-patternize [configfile]

DESCRIPTION

       This program reads domain policy from standard input and replaces pathnames with patterns. Replacement rules are defined in
       /etc/tomoyo/tools/patternize.conf. The resulting policy is sent to standard output and is useful to shorten and simplify domain or
       exception policy.

       Pathnames used for domain names themselves will not be replaced. Only the first matching rule is used for any particular pathname. If a
       pathname does not match any rules, it is left unchanged.

EXAMPLES

       Replace "proc:/self/fd/0" with "proc:/self/fd/$"
	     rewrite path_pattern proc:/self/fd/$

       Replace "proc:/123/status" with "proc/$/status"
	     rewrite head_pattern proc:/$

       Replace "dev(8,1):/etc/mtab~456" with "dev(8,1):/etc/mtab~$"
	     rewrite tail_pattern /etc/mtab~$

       Replace "/tmp/phpZjk1k3" with @GROUP1
	     rewrite path_pattern /tmp/php?????? @GROUP1

       Replace integers between 0-100 or 100-200 with @GROUP2
	     rewrite number_pattern 0-100 @GROUP2
	     rewrite number_pattern 100-200 @GROUP2

       Replace loopback addresses with @LOCALHOST
	     rewrite address_pattern 127.0.0.1 @LOCALHOST
	     rewrite address_pattern 0:0:0:0:0:0:0:1 @LOCALHOST

       See the configuration file for more information on rule syntax.

BUGS

       If you find any bugs, send an email to <tomoyo-users-en@lists.sourceforge.jp>.

AUTHORS

       Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
	   Main author.

       Jamie Nguyen <jamie@tomoyolinux.co.uk>
	   Documentation and website.

SEE ALSO

       tomoyo-findtemp(8), tomoyo-diffpolicy(8)

       See <http://tomoyo.sourceforge.jp> for more information.

tomoyo-tools 2.5.0						    2012-04-14						      TOMOYO-PATTERNIZE(8)
Man Page