Hello. Cam McK wrote: > Hello, > > I have been trying to find out why my tomoyo installation has broken itself. > > It was running locking down just the apache service, I rebooted my server > for some maintenance and it failed to come backup. I logged into the > console and it was waiting at boot for a tomoyo profile, I typed "disable" > if I recall correctly and it booted. I then performed, tomoyo-editpolicy > and apache was back to profile 1, when I tried to adjust it to profile 3, > it just stayed on 1. > > A bit of investigation shows that the kernel doesn't know about profiles 2 > & 3.
According to INFO below, it seems to me that profiles 2 and 3 are defined. You meant "use_profile 2" and "use_profile 3" lines have gone from /etc/tomoyo/domain_policy.conf and /sys/kernel/security/tomoyo/domain_policy ? > How do I go about resolving this? tomoyo-editpolicy directly modifies /sys/kernel/security/tomoyo/ interface but the up-to-date policy will not be saved to /etc/tomoyo/ directory unless you run tomoyo-savepolicy . Did you execute tomoyo-savepolicy between after changing profile from 1 to 3 and before rebooting your system? _______________________________________________ tomoyo-users-en mailing list [email protected] http://lists.sourceforge.jp/mailman/listinfo/tomoyo-users-en
