Horvath Andras
han****@log69*****
Tue Jun 7 21:09:44 JST 2011
On Tue, 7 Jun 2011 21:04:50 +0900 Tetsuo Handa <from-****@I-lov*****> wrote: > Horvath Andras wrote: > > Do i do it correctly? > > Yes. > > > Something is still not working as expected. (Kernel version is > > 2.6.38). > > What is not working as expected? The problem is, that sometimes it loads into the kernel, and sometimes it doesn't. And i cannot tell when and why. For example, i'm testing it now on Ubuntu 11.04 amd64, otherwise i'm testing and developing it on Debian 6. On a clean system with no rules, when i run my prog, it checks which processes have active UDP or TCP sockets, and creates learning rules for these ones. For example, on the default Ubuntu, 2 processes listen: avahi and cupsd. So my prog creates the following rules to load it into kernel: select <kernel> /usr/sbin/avahi-daemon use_profile 1 select <kernel> /usr/sbin/cupsd use_profile 1 After loading it (writing the text file above to /sys/kernel/security/tomoyo/domain_policy), when i "cat" its content, i cannot see the above domains anywhere, only domains with use_profile 0. I don't understand why i doesn't load it. I even debug and print the content of the domain list that i create, and everything seems fine. The write operation finishes too without any error. Only the kernel domain_policy doesn't change.