SYNOPSIS

tomoyo-queryd

tomoyo-queryd [remote_ip:remote_port]

DESCRIPTION

This program detects policy violations that occur in domains set to enforcing mode. The violation is displayed and a number of options are given to either grant or reject this request. Programs are frozen until a response is provided by the administrator.

This is useful when upgrading packages on the system, as errors due to changes in permissions can be avoided.

Carefully analyze access requests before you grant them, as they could be coming from a compromised process or malicious attacker.

Before this program can be invoked, you must register it in /sys/kernel/security/tomoyo/manager. After initializing policy, this is usually as simple as rebooting the system.

OPTIONS

remote_ip:remote_port

Instead of managing local policy violations, manage remote policy via an agent waiting at port remote_port on \s-1IP\s0 address remote_ip.

EXAMPLES

Handle policy violations on the local system
  tomoyo-queryd
Handle policy violations on a remote system

tomoyo-queryd 192.168.1.1:10000

BUGS

If you find any bugs, send an email to <[email protected]>.

AUTHORS

Tetsuo Handa <[email protected]>

Main author.

Jamie Nguyen <[email protected]>

Documentation and website.

RELATED TO tomoyo-queryd…

tomoyo-editpolicy-agent(8), tomoyo-notifyd(8)

See <http://tomoyo.sourceforge.jp> for more information.