tomoyo_init_policy (8)

init_policy [option]

This program generates templates for all policy files. However, the output should be reviewed because automatically generated exception policy may contain dangerous or redundant entries.

This program only needs to be run once.

--file-only-profile

Create profiles with only file-related functionality enabled.

--full-profile

Create profiles with all functionality enabled. [default]

--use_profile=integer

Set the default profile number for the \*(L"<kernel>\*(R" domain to the specified integer, which must be between 0 and 255. [default=0]

--use_group=integer

Set the default group number for the \*(L"<kernel>\*(R" domain to the specified integer, which must be between 0 and 255. [default=0]

--max_audit_log=integer

Set the default maximal audit log entries that the kernel will spool in the /sys/kernel/security/tomoyo/audit interface. This value must be an integer, and can be set to 0 if audit logs are not required. Maximum memory used can also be controlled via the /sys/kernel/security/tomoyo/stat interface. [default=1024]

--max_learning_entry=integer

Set the default maximum number of \s-1ACL\s0 entries automatically added to each domain by the kernel when using learning mode. This value must be an integer, and can be set to o if you do not need learning mode. Maximum memory used can also be controlled using the /sys/kernel/security/tomoyo/stat interface.

--grant_log=value

Set whether grant logs should be audited. This value can either be \*(C`yes\*(C' or \*(C`no\*(C'. [default=no]

--reject_log=value

Set whether reject logs should be audited. This value can either be \*(C`yes\*(C' or \*(C`no\*(C'. [default=yes]

Initialize policy

  /usr/lib/tomoyo/init_policy

If you find any bugs, send an email to <[email protected]>.

Tetsuo Handa <[email protected]>

Main author.

Jamie Nguyen <[email protected]>

Documentation and website.

Naohiro Aoto <[email protected]>

Bug fix for 64bit Gentoo.

tomoyo-init(8)

See <http://tomoyo.sourceforge.jp> for more information.