TOMOYO

Fork

[tomoyo-users-en 340] Re: Tomoyo: reload changed policy

• Previous message (by thread): [tomoyo-users-en 339] Re: Tomoyo: reload changed policy
• Next message (by thread): [tomoyo-users-en 341] Documentations for TOMOYO 2.3 and AKARI have been updated.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

You can come to tomoyo-dev-en if you think this thread will get longer.

Horvath Andras wrote:
> But i don't change domain paths at all. I don't remove or rename any
> domain either, only add one. Maximum i change use_profile value.

Then, no problem. You can append entries in newer policy and then delete
entries which are not in newer policy. For example, if older policy is like

  <kernel> /usr/sbin/httpd
  
  allow_read /var/www/html/index.html
  allow_read /var/www/html/welcome.html

and newer policy is like

  <kernel> /usr/sbin/httpd
  
  allow_read /var/www/html/\*.html

, you can do

  select <kernel> /usr/sbin/httpd
  allow_read /var/www/html/\*.html
  delete allow_read /var/www/html/index.html
  delete allow_read /var/www/html/welcome.html

to replace older policy with newer policy (like tomoyo-loadpolicy does).

• Previous message (by thread): [tomoyo-users-en 339] Re: Tomoyo: reload changed policy
• Next message (by thread): [tomoyo-users-en 341] Documentations for TOMOYO 2.3 and AKARI have been updated.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]