Tetsuo Handa
from-****@I-lov*****
Tue Jun 7 19:42:06 JST 2011
Horvath Andras wrote: > Everything seems to work, except Tomoyo doesn't remember domains with > empty rules, where there are no rules, and i reload only this: > > select <domain> > delete use_profile 0 > use_profile 1 > > What am i missing here? > The use_profile line cannot be deleted. In other words, you cannot write a "delete use_profile 0" line. To change value to 1, simply write a "use_profile 1" line. > I have another question: is it possible to create rules and domains for > an already running process without having to restart that process to > activate the new rules? Creating "rules" for the domain where the specific process identified by $PID belongs to is done by doing select pid=$PID . If you have a global PID, you can do select global-pid=$PID instead. tomoyo-queryd uses the global PID in order to handle PID namespace. What do you mean by creating "domains" for an already running process? If a process is running, the process is already in an existing domain. You cannot create domains where a process already belongs to. However, like a filesystem in Linux, you can delete a domain where an already running process belongs to and recreate the domain.
TOMOYO
Fork