[2024-feb-29] Sad news: Eric Layton aka Nocturnal Slacker aka vtel57 passed away on Feb 26th, shortly after hospitalization. He was one of our Wiki's most prominent admins. He will be missed.

Welcome to the Slackware Documentation Project

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
Last revisionBoth sides next revision
howtos:security:tomoy_linux_basics_slackware [2022/05/11 08:13 (UTC)] – created zeebrahowtos:security:tomoy_linux_basics_slackware [2023/12/06 13:05 (UTC)] – [Increasing learning entries] zeebra
Line 6: Line 6:
 There are a few different tools in the Tomoyo family. Mainly Tomoyo 1, Akari and Tomoyo 2. There is also CaitSith, but **this guide is dealing with Tomoyo 2.x**. And at the time of writing Tomoyo 2.6.x for Kernel 5.1 and later.  There are a few different tools in the Tomoyo family. Mainly Tomoyo 1, Akari and Tomoyo 2. There is also CaitSith, but **this guide is dealing with Tomoyo 2.x**. And at the time of writing Tomoyo 2.6.x for Kernel 5.1 and later. 
  
-Tomoyo Linux is very minimalistic (but complex) and in my view very much in harmony with the Slackware way of doing things. It has very few dependencies and is fairly easy to get started with. The documentation is excellent, and can easily be used to get started with Tomoyo. So, then, why am I even bothering to write this?\\+Tomoyo Linux is very minimalistic (but complex) and in my view very much in harmony with the Slackware way of doing things. It has very few dependencies and is fairly easy to get started with. The documentation is excellent, and can easily be used to get started with Tomoyo. Tomoyo doesn't use anything Python or things like that (like SELinux), it uses command line tools and an ncurses interface (optional). So, then, why am I even bothering to write this?\\
 The main reason is to add information specific to Slackware, but also to write down the basics from a user perspective. You can probably just use the main Tomoyo documentation to get started, but there might be a few questions after that and/or Slackware specifics to do. Please DO use the official documentation but feel free to use this in addition. The main reason is to add information specific to Slackware, but also to write down the basics from a user perspective. You can probably just use the main Tomoyo documentation to get started, but there might be a few questions after that and/or Slackware specifics to do. Please DO use the official documentation but feel free to use this in addition.
  
Line 14: Line 14:
 https://tomoyo.osdn.jp/2.6/chapter-3.html.en https://tomoyo.osdn.jp/2.6/chapter-3.html.en
  
-So, what is the purpose of Tomoyo? The purpose is to implement **Mandatory Access Control** (MAC) on your system, which can be used in alot of ways to secure different aspects of the system. It is a fairly simple to implement MAC which can do alot for the security of your system! Among others, the manual specifically mentions SSH and Apache as some examples. If you read those you might start to understand how it can be extremely useful.\\+So, what is the purpose of Tomoyo? The purpose is to implement **Mandatory Access Control** (MAC) on your system, which can be used in alot of ways to secure different aspects of the system. MAC works in such a way that EVERYTHING is FORBIDDEN unless you explicitly permit it (with policy). It is a fairly simple to implement MAC which can do alot for the security of your system! Among others, the manual specifically mentions SSH and Apache as some examples. If you read those you might start to understand how it can be extremely useful. (ssh example) https://tomoyo.osdn.jp/2.6/chapter-12.html.en\\
 For a distro like Slackware, it is fairly easy to implement MAC for the whole boot sequence, which means the system can ONLY do what it is set to allow. That might sound impractical, and it is, and it might sound scary as well, but it is not, because **the default mode of Tomoyo is to do nothing**. Only if you enforce policies will it block everything else than what you allow, and as mentioned, making a MAC policy for booting Slackware is fairly simple, because the boot process is fairly simple. Creating a MAC policy for a regular user system is quite a big task, but Tomoyo comes with a "learning mode" which writes policies, but do not enforce them, so it is a managable task overall. For a distro like Slackware, it is fairly easy to implement MAC for the whole boot sequence, which means the system can ONLY do what it is set to allow. That might sound impractical, and it is, and it might sound scary as well, but it is not, because **the default mode of Tomoyo is to do nothing**. Only if you enforce policies will it block everything else than what you allow, and as mentioned, making a MAC policy for booting Slackware is fairly simple, because the boot process is fairly simple. Creating a MAC policy for a regular user system is quite a big task, but Tomoyo comes with a "learning mode" which writes policies, but do not enforce them, so it is a managable task overall.
  
Line 162: Line 162:
 <code>tomoyo-loadpolicy -p < /etc/tomoyo/profile.conf</code> <code>tomoyo-loadpolicy -p < /etc/tomoyo/profile.conf</code>
  
 +This same step can also be done in the tomoyo-editpolicy tool by pressing "W" to get to the options menu, and then pressing "P" for profile. Here you can edit a line by pressing "S" and verify with "enter" key. All these options can be further looked into in the ncurses interface by using the "?" key.
 ===== Appendage ===== ===== Appendage =====
  
Line 181: Line 182:
 <!-- Please do not modify anything below, except adding new tags.--> <!-- Please do not modify anything below, except adding new tags.-->
 <!-- You must remove the tag-word "template" below before saving your new page --> <!-- You must remove the tag-word "template" below before saving your new page -->
-{{tag>howtossecurityLSMMACTomoyo}}+{{tag>howtos security LSM MAC Tomoyo author_zeebra}}

Trace:

howtos:security:tomoy_linux_basics_slackware ()