Page 1 of 1
kernel 3.2.28 tomyo pb ?
Posted: 28 October 2012, 11:09
by promeneur
don't know if it is a pb but in dmesg log i have :
[ 5.853602] Not activating Mandatory Access Control as /sbin/tomoyo-init does not exist.
Re: kernel 3.2.28 tomyo pb ?
Posted: 28 October 2012, 11:28
by NicCo
Me too, you made me worrying, but
Read here:
https://bbs.archlinux.org/viewtopic.php?id=109341
Especially this msg from the moderator that I'm quoting now
This is an old problem. I experienced a similar message some years ago with an Mandriva installation.
It is usually totally safe to ignore this message.
bye, NicCo
Re: kernel 3.2.28 tomyo pb ?
Posted: 28 October 2012, 12:11
by promeneur
it's just a mean to protect system from app behavior by learning authorized behavior
no protection is activating till you add apps in a list of the app to protect
read
http://tomoyo.sourceforge.jp/2.2/
Re: kernel 3.2.28 tomyo pb ?
Posted: 28 October 2012, 12:16
by promeneur
mandriva already uses another policy tool
i assume we prefer not use another policy tools according to avoid policy compliancy pb.
or
perhaps mandriva tool and tomoyo are for different purposes then no policy conflict ?
Re: kernel 3.2.28 tomyo pb ?
Posted: 28 October 2012, 12:29
by GvMariani
promeneur wrote:mandriva already uses another policy tool
i assume we prefer not use another policy tools according to avoid policy compliancy pb.
or
perhaps mandriva tool and tomoyo are for different purposes then no policy conflict ?
AFAICT the tomoyo kernel is included with the kernel but is not activated at bootstrap unless it finds the
file "/sbin/tomoyo-init", hence the harmless message in the system log...
The above file is part of the ccs-tools packages, so to activate the tomoyo MAC you simply install that package
(and next configure the thing...).
However, as I found in the hard way some time ago, newer kernels can need newer tomoyo-init binaries, otherwise
the system fails to boot: for sure the one provided by our ancient 2010.2 does not work with any kernel in the 3.x.x space...
GvM
Re: kernel 3.2.28 tomyo pb ?
Posted: 28 October 2012, 13:04
by promeneur
However, as I found in the hard way some time ago, newer kernels can need newer tomoyo-init binaries, otherwise
the system fails to boot: for sure the one provided by our ancient 2010.2 does not work with any kernel in the 3.x.x space...
i installed css-tools and tomoyo gui
then
i initilized tomoyo by running "/usr/lib/ccs/tomoyo_init_policy.sh"
then
i reboot without any pb
kernel 3.2.28 nrj desktop pae
but i won't use tomoyo because i fear conflict and pb.