TOMOYO

Fork

[tomoyo-dev-en 299] Re: mark PID namespace for delete?

Tetsuo Handa from-****@I-lov*****
Mon Jul 18 20:20:10 JST 2011

• Previous message: [tomoyo-dev-en 298] Re: mark PID namespace for delete?
• Next message: [tomoyo-dev-en 300] Re: mark PID namespace for delete?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Horvath Andras wrote:
> Only, as i understood corretly, i add select tag only for domain
> policy. And i wrote it not to add any select while creating the diff
> for exception policy. Is that ok?

Right.

> Let's say my exception policy looks like this:
> 
> initialize_domain /usr/sbin/exim4
> initialize_domain /usr/sbin/unbound
> initialize_domain /usr/bin/ssh
> 
> And i want to add this:
> 
> initialize_domain /usr/bin/lftp
> 
> So the diff that i upload to exception policy would look like this:
> 
> initialize_domain /usr/bin/lftp
> 
> Is that right?

Right.

> Sometimes it's not working. Probably i got it wrong and
> surely i'm doing something wrongly.

Be sure to add trailing '\n'.
You can dump what string was written by your program using strace.

> Would i need some kind of select tag here too?
No.

"select" is for only domain policy.

• Previous message: [tomoyo-dev-en 298] Re: mark PID namespace for delete?
• Next message: [tomoyo-dev-en 300] Re: mark PID namespace for delete?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]