Hello Tetsuo Handa, Am Montag, 17. März 2014, 20:10:12 schrieben Sie: > Claus Reheis wrote: > > After playing around with "Tomoyo Linux" since one week I have to >say > > that I really enjoy analyzing my system and confining applications >with > > Tomoyo Linux. > > Yes, TOMOYO is a powerful tool for analyzing/understanding Linux >systems. > > > After putting some applications in "permissive mode" I wanted to >take a > > look at the "reject logs" in /var/log/tomoyo/ and was surprised how >big > > the file reject_001.log has grown... 6.9GB!!! > > This file is from the "learning mode" as far as I understand!? > > Yes. > > > Luckily I habe a big hard drive in my laptop, but when this log file > > continue to grow at this rate I will be out of space soon! > > What is filling up this file so fast and what can I do about it? > > Probably /proc/$pid/ files and temporary files are filling up this file. > You can use tomoyo-patternize utility (see >/etc/tomoyo/tools/patternize.conf > for configuration) for converting such pathnames to patterns. > > http://tomoyo.sourceforge.jp/2.5/chapter-6.html
Can I safely delete the logfiles from time to time until I figured it out how to manage the tomoyo-patternize utility? > > > As Mageia is providing Firefox ESR, we have a Version what does >not get > > upgraded ad often as it happens in other distributions and when I >see > > this from the perspective of a Tomoyo Linux user, I even appreciate >it > > more to have less frequent changes. > > Unless dependency changes, there will be little with updating >TOMOYO's > configuration when updating software packages. There is tomoyo- >queryd > utility which you can use for interactively judging exceptional >requests > which happen while updating software packages. > > > Particular I was wondering if I have a Tomoyo policy for the domain: > > > > /usr/lib64/firefox-24.3.0/plugin-container > > > > if there there a way to do some wildcard magic what makes it >possible > > that the policy automatically adopts to a new version/path like > > > > /usr/lib64/firefox-24.4.0/plugin-container > > > > or do I have to create and edit a new policy every time Firefox gets > > updated? > > You can use aggregator directive (see > /etc/tomoyo/policy/current/exception_policy.conf for configuration). > > aggregator /usr/lib/firefox-\*/plugin-container > /usr/lib/firefox/plugin-container > > The "file execute" permission and domainname can be wildcarded by >the > aggregator directive. Other permissions (e.g. "file read") can be >wildcarded > by tomoyo-patternize utility. Greetings from Austria, _______________________________________________ tomoyo-users-en mailing list [email protected] http://lists.sourceforge.jp/mailman/listinfo/tomoyo-users-en
