NAME¶
tomoyo-queryd - real-time access request management utility for TOMOYO Linux
SYNOPSIS¶
tomoyo-queryd
tomoyo-queryd [
remote_ip:remote_port]
DESCRIPTION¶
This program detects policy violations that occur in domains set to enforcing
mode. The violation is displayed and a number of options are given to either
grant or reject this request. Programs are frozen until a response is provided
by the administrator.
This is useful when upgrading packages on the system, as errors due to changes
in permissions can be avoided.
Carefully analyze access requests before you grant them, as they could be coming
from a compromised process or malicious attacker.
Before this program can be invoked, you must register it in
/sys/kernel/security/tomoyo/manager. After initializing policy, this is
usually as simple as rebooting the system.
OPTIONS¶
- remote_ip:remote_port
- Instead of managing local policy violations, manage remote policy via an
agent waiting at port remote_port on IP address
remote_ip.
EXAMPLES¶
- Handle policy violations on the local system
-
tomoyo-queryd
- Handle policy violations on a remote system
-
tomoyo-queryd 192.168.1.1:10000
BUGS¶
If you find any bugs, send an email to
<tomoyo-users-en@lists.sourceforge.jp>.
AUTHORS¶
- Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
- Main author.
- Jamie Nguyen <jamie@tomoyolinux.co.uk>
- Documentation and website.
SEE ALSO¶
tomoyo-editpolicy-agent(8),
tomoyo-notifyd(8)
See <
http://tomoyo.sourceforge.jp> for more information.