ccs-loadpolicy

Langue: en

Version: September 2008 (ubuntu - 08/07/09)

Section: 8 (Commandes administrateur)

NAME

ccs-loadpolicy - Load TOMOYO Linux's policy manually

SYNOPSIS

ccs-loadpolicy [-][s][e][d][a][f][p][m]

DESCRIPTION

This program loads TOMOYO Linux's policy from files or standard input into kernel.
-
Read policy from stdin. Specify only one of "sedpm" option when you use this option.
s
Load system_policy. ( /etc/ccs/system_policy.conf )
e
Load exception_policy. ( /etc/ccs/exception_policy.conf )
d
Load domain_policy. ( /etc/ccs/domain_policy.conf )
a
Load system_policy, exception_policy and domain_policy.
p
Load profile. ( /etc/ccs/profile.conf )
m
Load manager. ( /etc/ccs/manager.conf )
f
Erase on-memory policy before loading on-disk policy. If not specified, on-disk policy is appended to on-memory policy. This option is valid for "seda" options.

EXAMPLES

# echo "allow_read /proc/meminfo" | ccs-loadpolicy -e

Add "allow_read /proc/meminfo" to exception policy.

# echo "delete allow_read /proc/meminfo" | ccs-loadpolicy -e

Remove "allow_read /proc/meminfo" from exception policy.

# ( echo "<kernel>"; echo "1 /sbin/init" ) | ccs-loadpolicy -d

Add "1 /sbin/init" to "<kernel>" domain.

# ccs-loadpolicy df

Replace currently loaded domain policy with /etc/ccs/domain_policy.conf .

# ccs-loadpolicy d

Append /etc/ccs/domain_policy.conf into currently loaded domain policy.

NOTES


 This is a symbolic link to /usr/lib/ccs/loadpolicy .


 You need to register either path to this program ( /usr/lib/ccs/loadpolicy ) or a domain for this program in /proc/ccs/manager before invoking this program.

AUTHORS


 penguin-kernel _at_ I-love.SAKURA.ne.jp

Copyright © 2005-2008 NTT DATA CORPORATION.

This program is free software; you may redistribute it under the terms of the GNU General Public License. This program has absolutely no warranty.

SEE ALSO


 ccs-init (8)