Provided by: tomoyo-tools_2.4.0-20111025-3_amd64 bug

NAME

       init_policy - initialize TOMOYO Linux policy

SYNOPSIS

       init_policy [options]

DESCRIPTION

       This  program  generates  templates  for  all  policy files. However, the output should be
       reviewed because  automatically  generated  exception  policy  may  contain  dangerous  or
       redundant entries.

OPTIONS

       --file-only-profile
           Create profiles with only file-related functionality enabled.

       --full-profile
           Create profiles with all functionality enabled [default].

       --use_profile=<integer>
           Set  the  default  profile  number for the "<kernel>" domain to the specified integer,
           which must be between 0 and 255 [default=0].

       --use_group=<integer>
           Set the default group number for the "<kernel>" domain to the specified integer, which
           must be between 0 and 255 [default=0].

       --max_audit_log=<integer>
           Set  the  default  maximal  audit  log  entries  that  the  kernel  will  spool in the
           /sys/kernel/security/tomoyo/tomoyo/audit interface. This value must be an integer, and
           can  be  set  to  0  if  audit  logs are not required. Maximum memory used can also be
           controlled via the /sys/kernel/security/tomoyo/tomoyo/stat interface.

           [default=1024]

       --max_learning_entry=<integer>
           Set the maximum number of ACL entries automatically added to each domain by the kernel
           when  using learning mode. This value must be an integer, and can be set to "0" if you
           do not wawnt to make use of the  learning  mode.  Maximum  memory  used  can  also  be
           controlled using the /sys/kernel/security/tomoyo/tomoyo/stat interface.

           [default=2048]

       --grant_log=<value>
           Set  whether  grant  logs  should  be  audited. This value can be either "yes" or "no"
           [default=no].

       --reject_log=<value>
           Set whether reject logs should be audited. This value can  be  either  "yes"  or  "no"
           [default=yes].

EXAMPLES

       Initialize policy:
       /usr/lib/tomoyo/init_policy

NOTES

       This program does not have to be run again after you have successfully initialized policy.

BUGS

       If  there  are  any  bugs,  send an email with as much detail as possible to tomoyo-users-
       en@lists.sourceforge.jp

AUTHORS

       Main authors:

       ·   Tetsuo Handa <penguin-kernel AT I-love.SAKURA.ne.jp>

       Other contributers:

       ·   Jamie Nguyen <jamie AT tomoyolinux.co.uk>

           Man pages, documentation and website.

       ·   Naohiro Aoto <naoto AT namazu.org>

           Bug fix for 64bit Gentoo.

SEE ALSO

       tomoyo-init(8)

       See http://tomoyo.sourceforge.jp/ for more information.