changelog: ----------- 23/12/2011 - tomld v0.77 - improve comparison of version numbers to make future compatibility better - don't replace manager.conf neither in kernel memory nor on disk but only add the path of my tomld binary if missing - fix required version numbers of dependencies in documentation - fix some typos 05/12/2011 - tomld v0.76 - bugfix: fix checking for security fs of tomoyo - print more descriptive error message when tomoyo is not activated - print "access deny log messages" with timestamp when in learning mode too 30/11/2011 - tomld v0.75 - update documentation 29/10/2011 - tomld v0.74 - update package scripts 15/10/2011 - tomld v0.73 - bugfix: sort dir names in --info output in ascending order beside percentage 03/10/2011 - tomld v0.72 - bugfix: convert domain deny messages to access deny messages with an allow_execute type and add subdomain if missing - bugfix: add missing uid entries to main domains only instead of subdomains - bugfix: don't print "restart needed" message for enforcing mode domains on startup - bugfix: remove deleted domain from kernel memory too on --restore 30/09/2011 - tomld v0.71 - bugfix: sort percentage of top most directories in --info output properly 29/09/2011 - tomld v0.70 - change --learn-all option name to --learn-more and make it use a pattern of domain name - consider patterns in domain names only after the tags in --remove and --learn-more - change the way --remove works: remove only main domains instead of single subdomains so it avoids the user to leave a corrupt domain policy behind - add uid entries to main domains when switching them to learning mode if the uids are missing - bugfix: fix more memleaks 17/09/2011 - tomld v0.69 - bugfix: show true percentages in --info output taking the min and max times into account too 16/09/2011 - tomld v0.68 - bugfix: make list of deny log unique for temporary learning mode too 13/09/2011 - tomld v0.67 - optimizations in string handling and speed up init 11/09/2011 - tomld v0.66 - bugfix: no configuration compatibility check on empty files bugfix: manage the list of recursive dirs and its components properly 10/09/2011 - tomld v0.65 - bugfix: check whether path is not a directory in which() function to not let tomld take directories as executables bugfix: check whether enforcing mode should be switched on for not running processes too 10/09/2011 - tomld v0.64 - no minimum cpu time is needed for the domains from now after the maximum time is reached to switch to enforcing mode this is because there are processes that use minimum cpu resources and would never get switched to enforcing mode 10/09/2011 - tomld v0.63 - bugfix: check the presence of mounted encrypted volumes in every cycle, not only on startup 09/09/2011 - tomld v0.62 - reupload sources 09/09/2011 - tomld v0.61 - setup a minimum time needed to pass for domains before switching them to enforcing mode this is minimum 1 day since domain creation and minimum 1 hour since last domain change 08/09/2011 - tomld v0.60 - major bugfix in domain_get_log() in switching domains to learning mode - change concept of temporary learning mode: from now when the user requests a temporary learning mode, the former one won't be closed if there was any, so its time will simply be extended this is to resolve the situtation when other domains need temporary learning mode too while having one already (thanks to Szabolcs Gyuris for the tests and reporting the issue) - cosmetical code cleanup (thanks to Laszlo Dvornik) 07/09/2011 - tomld v0.59 - bugfix: there was a neverending cycle while reading network files from /proc/net/ - show tomld icon on notification bubble (thanks to Laszlo Dvornik) - hungarian translation of desktop icons (thanks to Laszlo Dvornik) 06/09/2011 - tomld v0.58 - don't print info about domains if there isn't any 06/09/2011 - tomld v0.57 - fix mem leaks 06/09/2011 - tomld v0.56 - major bugfixes in domain_get_log() and in compare_path_search_path_in_list_first_subdirs() 04/09/2011 - tomld v0.55 - remove checking tomoyo in /proc/cmdline which is not proper method if it's set at compile time - check the existence of /proc/net/files before reading them problem was reported that if IPv6 support is disabled, then /proc/net/tcp6 and udp6 is missing 04/09/2011 - tomld v0.54 - print info about chrooted processes on startup and in every cycles too - run check on chroot only in big cycles to save resources - fix mem leak 04/09/2011 - tomld v0.53 - determine processes run from chroot automatically and use these chroot dirs as a prefix to my special exception directory lists - add a detailed description of the solution of a warning message regarding the slow cycles - improve colorization of --info option so it works good on chrooted directories too 03/09/2011 - tomld v0.52 - bugfix: don't add the same rules several times to the same domain while making recursive dirs 02/09/2011 - tomld v0.51 - [replace] tag can contain files beside dirs too from now - expand [replace] tag with .recently-used.xbel.\* wildcard because its random part contains only upper case chars and nums, no lower case chars in this case, trying to avoid exceptions though - fix mem leaks - some code cleanup 01/09/2011 - tomld v0.50 - bugfix: don't add binaries of network processes with (deleted) tag on startup 01/09/2011 - tomld v0.49 - bugfix: remove underscore from before % char in --info output 01/09/2011 - tomld v0.48 - bugfix: don't remove tomld uid entries from rules in domain_reshape_rules_recursive_dirs() - print date at the end of other warning log too - remove dir list from warning message about running time taking too long - improve --info function by printing the overall numbers of all domains and rules - improve --info function by printing the "restart needed" warning if necessary - improve --info function by printing the top dirs containing the most entries in rules by dir depth 31/08/2011 - tomld v0.47 - fix logrotate in package 31/08/2011 - tomld v0.46 - add logrotate to package 30/08/2011 - tomld v0.45 - make notification messages more readable by prefixing an "*" char to every new message 30/08/2011 - tomld v0.44 - create backup on every user request for temporary learning mode too - change concept of temporary learning mode: from now when the user requests a temporary learning mode, only those domains will get switched back to learning mode that produced deny logs previously, this is for simplicity, reliability and security. - bugfix: load configs before backup if they aren't loaded yet 29/08/2011 - tomld v0.43 - bugfix: do not repack sources and make all packages from the same original one 29/08/2011 - tomld v0.42 - bugfix: print name of directory with most file in it properly when running time takes too long 29/08/2011 - tomld v0.41 - bugfix: let a temporary learning mode be rerequested by user while the former one hasn't ended yet - bugfix: don't check if the domain's last change time is greater than const_time_max_dcreate during temporary learning mode 26/08/2011 - tomld v0.40 - bugfix: fix a segfault because of an uninitialized variable - bugfix: manage access denies for subdomains too beside main domains - bugfix: fix some mem leaks - bugfix: print lines under each other and not after each other on console with --notify option - bugfix: don't clear tomld.message file with --learn option - bugfix: several bugfixes regarding notification - bugfix: ask for root privileges before clearing tomld.message file - bugfix: don't set --notify option if [notify] tag is in config, only tomld client needs it - bugfix: never create or copy more than one change_time and cpu_time entry of any domain - bugfix: don't add rules with myuid entries when merging domains on load() - bugfix: add my exe binary to the exception list too and print it too - bugfix: try to mount security fs only if it doesn't exist in /sys/ yet - bugfix: search for security=tomoyo kernel parameter without extra leading space - bugfix: wait at least 60 seconds instead of 1 in service script when running start-stop-daemon - bugfix: don't load (deleted) domains - bugfix: compare max time (2 weeks) to domain creation time instead of last change - bugfix: load configs before creating backup on --clear (it resulted empty backup files) - bugfix: several bugfixes regarding backup - bugfix: several bugfixes in path_wildcard_temp_name() - bugfix: create recursive wildcards for rules having 2 params too - bugfix: fixes in domain_reshape_rules_temp_dir(), check the second parameter too if both params matches the same recursive directory path - add feature to --info to show completeness of domain's learning mode in percentage - improve --info option and make domain list more readable - add special chars to look for in temporary names in path_wildcard_temp_name() - improve path_wildcard_temp_name() to consider "." char to be part of random part if its left and right sides are also random names - add power saving mode to sleep more every cycle after all domains are in enforcing mode - print notification when all domains are finally switched to enforcing mode - add tomoyo-loadpolicy binary to the exceptions - add /var/run as an exception directory - change myuid, so configuration needs to be regenerated entirely - print message about incompatible config file in the log too - print system info on startup (/proc/version) - wildcard subdirectory names in paths containing random names or only numbers - don't add domains with executable form of /proc/$PID/exe - check tomld directories on startup more efficiently - search for target system logs to read from on startup (/var/log/syslog, kern.log, messages) - add date of building to version info - add date to every line of deny log - count special char as a low case char in path_wildcard_temp_name() - add --nocrypt switch to disable lookup of mounted ecryptfs - detect ecryptfs filesystem automatically and add crypted directory to recursive dirs by default - print more info about config on startup (if there was any encrypted fs found, and if there's any recursive directories set) - create backup when removing domain - add --restore switch to restore configuration from last backup - improve path_wildcard_temp_name() to wildcard hexadecimal numbers too - print a warning message if running cycles take too long and also print the name of the directory containing the most files in it 31/07/2011 - tomld v0.39 - bugfix: name of domain was missing when printing domains without rules - bugfix: don't print "restart needed" message to domains whose process is not running - bugfix in domain_get() - bugfix in processing log files (affects Tomoyo version 2.2) - bugfix in load() checking whether domain is an exception - bugfix in path_link_read() and path_link_read() - bugfix in which() - bugfix in check_instance() to not let more than 1 instances of tomld running together - bugifx in domain_get_log() to reread domain data after I change its profile - bugfix: switch domain with all its subdomains too to learning mode when managing deny logs - bugfix in domain_reshape_rules_create_double(), space was inserted after parameter2 and not before - bugfix in save(): save log mark only if it's not empty - more tiny fixes - simplify messages and code in domain creation - speed up domain_get_profile() - documentation fully revised in english, thanks to Andy Booth - printing info about a domain with --info option can now be used simultaneously while there is another runnin tomld daemon - add [nodomain] tag to tdomf.conf to specify extra executables _not_ to create domain for - rename [exe] tag to [extra] in tdomf.conf - run check() within 2 secs if tomld is in temporary learning mode and the mod time of syslog changes - change creation time to last change time in message when switching a domain to enforcing mode - add possibility to use domain names with --learn option switch, so it switches back only those domains to learning mode which we ask for, and the given patterns match the domain name (thanks to Péter Mihály Avramucz for the idea) - add feature to --info option to print enforcing mode domains in different colors or with a star sing - add tab as a separator beside space character in string functions - don't let several instance of tomld processes with root privileges run together normal privileged processes can run simultanously - add --notify switch for better GUI integration and the ability to notify users through desktop 26/07/2011 - tomld v0.38 - add --log switch to redirect stderr and stdout to a log file - some minor fixes - change default 0.5 sec cycle to 2 sec and 10 sec check() to 30 sec to decrease load - bugfix: stored empty logmark on clear() - speed up load() function - avoid the possibility of any race condition while terminating the program that could be caused by more signals at a time - prohibit to create any rule that matches any of tomld's working directory - print time passed since creation date of domain when switching it to enforcing mode - remove [mta] tag and use [mail] only - add "/" char to the end of dirs only, and not to mail recipients - replace uid check from load() to check_tomoyo() - bugfix: create manager and profile config files on startup if missing - add fflush to some printf functions - run check() at once after requesting temporary learning mode, and not 30 sec later - bugfix: don't write learn file every cycle in manual mode - add [exe] tag to tdomf.conf to specify extra executables to create domain for - bugfix: print info about mail recipients only if option is not --info, --remove etc. 19/07/2011 - tomld v0.37 - handle rules with "allow_execute /proc/$PID/exe" forms present in chromium browser - allow temporary learning mode only for those domains that had access deny logs just now - fix some warnings during compile time (thanks to Andy Booth for reporting it) - update documentation with better english (thanks to Andy Booth for clarifying it) - change --learn option switch to --learn-all and make --learn function for temporary learning mode - add --mail option to send user a mail with the recent deny logs - run whole check() once more on exit, so rules gathered since last check() won't be lost - fix mem leaks - store more chars in logmark from syslog to avoid accidental match because of similar entries - when specifying recursive dirs, the new rules will now be based on the old rule, and not the specified dirs - bugfix in domain_get_rules_with_recursive_dirs() - load tomld config from /etc/tomld/tomld.conf if it exists for customization - add ability to wildcard functions to replace dirs with manually wildcarded ones - bugfix in option handling - add -- option to mark the end of option list - change domain complexity from liner to exponential, so more complex domians will need more time - change working directory for logmark - print statistics about used cpu time, peak of virtual memory and peak of resident memory - bugfix in domain_reshape_rules_create_double() - check on every restart of tomld whether any of the domains still need restart and print info about it - reducing load by saving config files only if their content have changed - reducing load by checking system log only if its modification time has changed - print more info when switching a domain back to learning mode 13/07/2011 - tomld v0.36 - fully automatic enforcing mode is ready, needs a lot of testing though - add ability to accept user request for temporary learning mode for domains with deny logs - empty pid file on exit - fix some mem leaks - runtime working directory is /var/run/tomld/ from now - add a rule with a unique id and with time in seconds to every domain to mark the creation of domain this is to determine from the uptime of process belonging to the domain if it is restarted at least once and so entered its new domain and also this is to determine if the config was created by tomld - add --manual switch to effect the enforcing mode - reorder option switch handling so the not so effective switches run first - add domain_get_cpu_time_all() - add domain_check_enforcing() - add domain_update_change_time() - check if tomoyo support is compiled into kernel above version 2.6.36 - auto yes for adding denied rules in non-manual mode is disabled - offer terminating already running automatic mode tomld process when running it in manual mode - bugfix in file_read() - some more bugfixes - print start time and end time of tomld - print statistics about min/avg/max times of check() cycles on exit 29/06/2011 - tomld v0.35 - add SIGQUIT to interrupt signals - use second parameter for allow_create and similar only from kernel 2.6.36 and above - wildcard pipe values too - expand special directory list 25/06/2011 - tomld v0.34 - create allow_create rules for allow_write too - wildcard random part of file name in special dirs - delete domain from kernel memory too on --remove - bugfix: fix a segfault in domain_info() on --info - bugfix: cleanup domains at the end of every load() - bugfix: fix log file parsing in domain_get_log() - bugfix: fix special recursive directory wildcard usage (it means at least 1 or more directories, not zero or more) - bugfix: domain wasn't switched back to learning mode after adding access deny messages - bugfix: fix several memory leaks - bugfix in path_is_dir_recursive_wildcard() and speed up the function too - bugfix in compare_paths() to take care of the second parameter too if it is not a dir (since kernel 2.6.33 and above) - bugfix in domain_sort_uniq_rules() to search for wildcard in parameter dir instead of whole rule - speed up kernel_version() - make reshape compatible with kernel 2.6.36 and above - replace strspn() with my function - improve path_wildcard_proc() by replacing all subdirs with numeric wildcard that consist of only numbers 12/06/2011 - tomld v0.33 - handle SIGINT and SIGTERM interrupt signals - fix to view options without root privilege - apply rules on the active domains of the running processes too - merge collected rules from similar domains into my main domain on load - fix a segfault in compare_names() - bugfix in domain_sort_uniq_rules(): store only the rule with more wildcards in it, or if that's equal, then the one with the shortest length from the matching ones - rewrite reload() to update policy by applying a diff only to avoid a race condition for security reasons - bugfix: disable all other domains and delete their rules from memory too on --clear - bugfix: don't make a delete line for use_profile when updating policy with diff in reload() 07/06/2011 - tomld v0.32 - first working c version of tomld 25/04/2011 - tomld v0.31 - complete rewrite of tomld from python to c language - drop platform check - improve checking of tomoyo status and availability - some memory leaks fixed 16/04/2011 - tomld v0.30 - bugfix in recursive dir handling - use special recursive wildcard in dir handling that is available since tomoyo version 2.3 14/04/2011 - tomld v0.29 - print error messages and extra info to stderr instead of stdout so to print only rules into a file is easy now: tomld -i pattern 1>output - bugfix: don't count additional programs more than once if the same is specified more times - bugfix: check running instance at the very beginning of the program - bugfix: adding extra check for existence and content of manager.conf - mark all shells in /etc/shells as domain exceptions if their binary exist - bugfix in removing deleted entries - change in recursive dir handling - add custom default recursive directories that may have random part in their names a dir like this is /var/run/gdm/ of gdm3 - support in settings for debian testing and ubuntu beta is removed temporary because of bugs in those versions until they get fixed - improve checking profile config - reenable ubuntu beta support 07/04/2011 - tomld v0.28 - change quit method from ctrl+c to q key - bugfix: do not switch newly created domains to enforcing mode - add compatibility to tomoyo version 2.3 05/04/2011 - tomld v0.27 - rewrite domain cleanup function - speed up the new domain cleanup function by skipping rules reading libs - add feature: check rules only if they changed and avoid unnecessary work - improve info() function: show main domains and subdomains with different colors - major bugfixes 03/04/2011 - tomld v0.26 - improve domain cleanup function - improve info function - bugfixes - add --learn switch to switch all domains on mistake back to learning mode 02/04/2011 - tomld v0.25 - more major bugfixes - add sand clock to see when check rutin is working, so we can stop it while sleeping - some code cleanup - speed up compare rutins a bit 31/03/2011 - tomld v0.24 - major bugfixes - improve domain cleanup function by making the rules more unique 29/03/2011 - tomld v0.23 - add feature to try to detect temporary names and wildcard them - major bugfixes 28/03/2011 - tomld v0.22 - speed up info and remove functions - add full recursive directory subtitution with wildcards - several bugfix 27/03/2011 - tomld v0.21 - more bugfixes and code cleanup - change in structure: from now allow_mkdir will cause the file's parent dir to be wildcarded too - change in structure: I created an exception list for the dirs, so the policy gets a bit tighter with this exception list contains now = "/etc", "/home/any/" 26/03/2011 - tomld v0.20 - minor bugfixes - some code cleanup 25/03/2011 - tomld v0.19 - create policy file backups only with --reset or --clear switches - print info when backups are created - expand documentation - handle error message type "domain not defined" in log 24/03/2011 - tomld v0.18 - create profile.conf file on startup if missing - set maximum accept entry value in profile.conf to a predefined one - add --once switch to quit after first cycle immediately (might be useful for scripts) - don't print confirmation text at the end of log messages with --yes on - don't print sleeping period with --once on 23/03/2011 - tomld v0.17 - add --keep switch to run tomld without switching learning mode domains to enforcing mode - add --recursive switch to mark subdirs of these dirs fully wildcarded (usable for samba shares for example) - on rules with allow_create entries, create the same with allow_unlink and allow_read/write too - ask for confirmation on adding system logs to rules (--yes switch is usable here to bypass this) 22/03/2011 - tomld v0.16 - add --remove switch to remove domains by a pattern on demand - add --yes switch for auto confirmation - function for --info switch rewritten to speed up search - remove rules and domains marked as (deleted) on startup (thanks to Ritesh Raj Sarraf for reporting it) - debian kernel has Tomoyo enabled already, fix package check (only tomoyo-tools is needed) (thanks to Ritesh Raj Sarraf for reporting it) - bugfix: variables of config files were not initialized 21/03/2011 - tomld v0.15 - remove disabled mode domains automatically to speed up the things - change directory parameters' handling in rule reshape code to speed up more - show statistics about active domains and rules on exit 20/03/2011 - tomld v0.14 - bugfix: only first log message was converted to rule 18/03/2011 - tomld v0.13 - additional major bugfixes 18/03/2011 - tomld v0.12 - add --info switch to print the specified domain's rules and bugfixes 17/03/2011 - tomld v0.11 - print domain info only once and print changes continously 17/03/2011 - tomld v0.10 - put allow_rename on the wildcard list too (same as allow_create) and other major changes 16/03/2011 - tomld v0.09 - only old domains with profile 1-2 will be switched to enforcing mode on exit 15/03/2011 - tomld v0.08 - tested version with minor bugfixes 15/03/2011 - tomld v0.07 - create wildcard for newly created files and libfile-0.1.2.so.3.4 library version numbers 14/03/2011 - tomld v0.06 - major bugfixes 12/03/2011 - tomld v0.05 - first fully working version with policy reshape 09/03/2011 - tomld v0.04 - get access denied logs and add them to policy 04/03/2011 - tomld v0.03 - manage and check policy and rules 03/03/2011 - tomld v0.02 - discover which running processes send or recieve network packets 28/02/2011 - tomld v0.01 - basic program structure 27/02/2011 - project start