Hello. I released TOMOYO Linux 1.7.1 . ccs-patch-1.7.1-20091111.tar.gz MD5:1111c8e7697a3cf5008dedefd3b89c85 ccs-tools-1.7.1-20091111.tar.gz MD5:7777bc0efdfa0659a90fbeab4dd73635 This release includes patches for vanilla 2.6.32-rc6 / Ubuntu 9.10 / Fedora 12 / OpenSuSE 11.2 / Vine Linux 5.0 etc. Please see http://sourceforge.jp/projects/tomoyo/lists/archive/users-en/2009-November/000110.html for major changes. One of the biggest changes is that TOMOYO 1.7.1 supports recursive directory matching. Also, TOMOYO 1.7.1 became easier to use with embedded systems (e.g. Android). Many bugs were fixed in TOMOYO 1.7.1 . Thus, I start providing binary packages at http://sourceforge.jp/projects/tomoyo/releases/?package_id=10270 . TOMOYO is using kernel build scripts for custom flavours which existed in Ubuntu 7.10 and 8.04. Therefore, in Ubuntu 8.10 and later, you get a package conflict problem (linux-headers package from TOMOYO project contains modifications by TOMOYO, whereas the same package from Ubuntu does not) when you want to build kernel modules. I succeeded to confine modifications by TOMOYO to local header packages (linux-headers-ccs package) by modifying kernel build scripts. Now, you can install linux-headers/linux-libc-dev packages from Ubuntu and linux-image-ccs/linux-headers-ccs packages from TOMOYO project without package conflicts. Just for demonstrating what TOMOYO 1.7.1 can do, I uploaded an example policy for Ubuntu 9.10 server (from boot till login) at http://tomoyo.sourceforge.jp/cgi-bin/lxr/source/ubuntu-9.10-ccs-1.7.1/?v=policy-sample . This example policy was generated from audit logs instead of automatically appending via learning mode. TOMOYO can check uid/gid/argv[]/envp[] etc. if you wish so. Thanks.
TOMOYO
Fork