Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

tomoyo-queryd(8) [debian man page]

TOMOYO-QUERYD(8)					  System Administration Utilities					  TOMOYO-QUERYD(8)

NAME

       tomoyo-queryd - real-time access request management utility for TOMOYO Linux

SYNOPSIS

       tomoyo-queryd

       tomoyo-queryd [remote_ip:remote_port]

DESCRIPTION

       This program detects policy violations that occur in domains set to enforcing mode. The violation is displayed and a number of options are
       given to either grant or reject this request. Programs are frozen until a response is provided by the administrator.

       This is useful when upgrading packages on the system, as errors due to changes in permissions can be avoided.

       Carefully analyze access requests before you grant them, as they could be coming from a compromised process or malicious attacker.

       Before this program can be invoked, you must register it in /sys/kernel/security/tomoyo/manager. After initializing policy, this is usually
       as simple as rebooting the system.

OPTIONS

       remote_ip:remote_port
	   Instead of managing local policy violations, manage remote policy via an agent waiting at port remote_port on IP address remote_ip.

EXAMPLES

       Handle policy violations on the local system
	     tomoyo-queryd

       Handle policy violations on a remote system
	     tomoyo-queryd 192.168.1.1:10000

BUGS

       If you find any bugs, send an email to <tomoyo-users-en@lists.sourceforge.jp>.

AUTHORS

       Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
	   Main author.

       Jamie Nguyen <jamie@tomoyolinux.co.uk>
	   Documentation and website.

SEE ALSO

       tomoyo-editpolicy-agent(8), tomoyo-notifyd(8)

       See <http://tomoyo.sourceforge.jp> for more information.

tomoyo-tools 2.5.0						    2012-04-14							  TOMOYO-QUERYD(8)

Check Out this Related Man Page

TOMOYO-NOTIFYD(8)					  System Administration Utilities					 TOMOYO-NOTIFYD(8)

NAME

       tomoyo-notifyd - policy violation notification daemon for TOMOYO Linux

SYNOPSIS

       tomoyo-notifyd

DESCRIPTION

       This program notifies the system administrator of policy violations that occur in domains set to enforcing mode.

       The notification method can be any arbitrary command, such as sending mail. Configure this daemon in /etc/tomoyo/tools/notifyd.conf. This
       makes it possible to be notified about policy violations as soon as possible, allowing subsequent action to be taken.

       Start this program from an appropriate stage during startup (e.g. /etc/rc.local).

       If you wish to freeze a process using the "time_to_wait" directive, you must register this program in /sys/kernel/security/tomoyo/manager.

EXAMPLES

       Send mail to root
	     time_to_wait 0
	     action_to_take mail -s Notification40from40tomoyo-notifyd root@localhost
	     minimal_interval 60

       See the configuration file for more information about the syntax.

BUGS

       If you find any bugs, send an email to <tomoyo-users-en@lists.sourceforge.jp>.

AUTHORS

       Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
	   Main author.

       Jamie Nguyen <jamie@tomoyolinux.co.uk>
	   Documentation and website.

SEE ALSO

       tomoyo-queryd(8)

       See <http://tomoyo.sourceforge.jp> for more information.

tomoyo-tools 2.5.0						    2012-04-14							 TOMOYO-NOTIFYD(8)
Man Page

2 More Discussions You Might Find Interesting

1. News, Links, Events and Announcements

Linux-loving McNealy dons penguin outfit

Linux-loving McNealy dons penguin outfit (0 Replies)
Discussion started by: Neo
0 Replies

2. Programming

dbx - break on access violations

Hey everyone, Is there a way to make dbx break on access violations? (2 Replies)
Discussion started by: ctote
2 Replies