TOMOYO-INIT

NAME

tomoyo-init - load TOMOYO Linux policy automatically

SYNOPSIS

tomoyo-init

DESCRIPTION

When /sbin/init starts, the kernel automatically calls this program. Policy files that have been saved to disk are subsequently loaded into kernel memory.

This program copies the following files:

/etc/tomoyo/exception_policy.conf => /sys/kernel/security/tomoyo/exception_policy
/etc/tomoyo/domain_policy.conf => /sys/kernel/security/tomoyo/domain_policy
/etc/tomoyo/profile.conf => /sys/kernel/security/tomoyo/profile
/etc/tomoyo/manager.conf => /sys/kernel/security/tomoyo/manager
/etc/tomoyo/stat.conf => /sys/kernel/security/tomoyo/stat

If /etc/tomoyo/tomoyo-post-init exists and is executable, then it will also be executed. This allows additional control over what happens at startup.

You will not usually need to invoke this program manually.

EXAMPLES

Contents of "/etc/tomoyo/tomoyo-post-init" allowing non-root "demo" user to
edit policy

#!/bin/bash
echo manage_by_non_root > /sys/kernel/security/tomoyo/manager
chown -R demo /sys/kernel/security/tomoyo

BUGS

If you find any bugs, send an email to <tomoyo-users-en@lists.osdn.me>.

AUTHORS

Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>

Main author.

Jamie Nguyen <jamie@tomoyolinux.co.uk>

Documentation and website.

SEE ALSO

tomoyo-loadpolicy(8)

See <https://tomoyo.osdn.jp> for more information.