Cam McK wrote: > I think my main question is now, how do I load the profiles from disk into > the kernel? tomoyo-loadpolicy -p < /etc/tomoyo/profile.conf > 1. profile.conf had got deleted somehow. Seems so. > 2. system came backup with no profiles, I unknowingly created profile.conf > again but they hadn't got loaded into the kernel. /usr/lib/tomoyo/tomoyo_init_policy will create it if it does not exist. > I tried to load them via: /sbin/tomoyo-init but recieved: <kernel> > /usr/sbin/sshd /bin/bash /bin/su /bin/bash ( /bin/bash ) is not permitted > to update policies. which meant I had to reboot regardless so that: Please use /usr/sbin/tomoyo-loadpolicy . > PS: I like tomoyo, I think with better userland tools it could catch on. > for example better file / pathname globbing to slim down domain.conf files. > (Similar to: > http://wiki.apparmor.net/index.php/QuickProfileLanguage#File_Globbing) TOMOYO thinks basename component of pathnames very important, for multicall binary applications decide their default behaviour based on basename component (and optionally change their behaviour based on command line arguments). It is an advantage of pathname based access control that can restrict possible names within a directory. Therefore, TOMOYO's /\{ \}/ operator (oops, this operator is not available on Debian Squeeze because it is using 2.6.32: http://tomoyo.sourceforge.jp/2.2/policy-reference.html#wildcard_expression_rules ) was designed not to match basename component of pathnames. However, despite my wish that users benefit from ability to restrict basename component, most users do not care basename component; they simply specify "foo directory and its descendants". (Only few power users are utilizing ability to restrict basename component.) In CaitSith, I added /\( \)/ operator and removed directory's trailing / in order to make it easier to specify "foo directory and its descendants".