Scroll to navigation

TOMOYO-SAVEPOLICY(8) System Administration Utilities TOMOYO-SAVEPOLICY(8)

NAME

tomoyo-savepolicy - save TOMOYO Linux policy

SYNOPSIS

tomoyo-savepolicy [directory]
tomoyo-savepolicy [directory] [remote_ip:remote:port]

DESCRIPTION

This program saves TOMOYO Linux policy onto disk from kernel memory.
The directory /etc/tomoyo/policy/YY-MM-DD.hh:mm:ss is created with four files inside: domain_policy.conf, exception_policy.conf, profile.conf, and manager.conf. The symbolic links /etc/tomoyo/policy/previous and /etc/tomoyo/policy/current are updated to point to the previous and current YY-MM-DD.hh:mm:ss directories respectively.
The following symbolic links should exist within the /etc/tomoyo directory: 
  domain_policy.conf -> policy/current/domain_policy.conf
  exception_policy.conf -> policy/current/exception_policy.conf
  profile.conf -> policy/current/profile.conf
  manager.conf -> policy/current/manager.conf
  policy/current -> policy/YY-MM-DD.hh:mm:ss
  policy/previous -> policy/YY-MM-DD.hh:mm:ss
You can therefore access the current policy files without having to descend into subdirectories, and without having to determine which YY-MM-DD.hh:mm:ss directory is the most recent.
If the policy type is specified, this program works similar to cat(1).

OPTIONS

-e
Print /sys/kernel/security/tomoyo/exception_policy to standard output.
-d
Print /sys/kernel/security/tomoyo/domain_policy to standard output.
-p
Print /sys/kernel/security/tomoyo/profile to standard output.
-m
Print /sys/kernel/security/tomoyo/manager to standard output.
-s
Print /sys/kernel/security/tomoyo/stat to standard output.
directory
Save policy to an alternative directory, rather than the default /etc/tomoyo directory.
remote_ip:remote_port
Save policy on a remote system via an agent waiting at port remote_port on IP address remote_ip.

EXAMPLES

Save policy to disk
  tomoyo-savepolicy
Print "/sys/kernel/security/tomoyo/exception_policy" to standard output
  tomoyo-savepolicy -e
Retrieve policy from a remote system and save in a local directory
  tomoyo-savepolicy /etc/tomoyo/192.168.1.1/ 192.168.1.1:10000

BUGS

If you find any bugs, send an email to <tomoyo-users-en@lists.sourceforge.jp>.

AUTHORS

Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Main author.
Jamie Nguyen <jamie@tomoyolinux.co.uk>
Documentation and website.

SEE ALSO

tomoyo-editpolicy-agent(8), tomoyo-loadpolicy(8)
See <http://tomoyo.sourceforge.jp> for more information.
2012-04-14 tomoyo-tools 2.5.0