TOMOYO is a security module which focuses on behavior of a system. A process is created to achieve something. TOMOYO lets each process declare behaviors and resources needed to achieve its purpose (like an immigration officer) and permits only declared behaviors and resources (like an operation watchdog). This approach made it possible for users to understand how a Linux system works. You can use TOMOYO as a system analysis tool as well as an access restriction tool.
Enable SECURITY_TOMOYO in the kernel config:
$ zgrep TOMOYO= /proc/config.gz CONFIG_SECURITY_TOMOYO=y
For TOMOYO 2.3 (Linux 2.6.36):
apt-get install libncurses5-dev help2man # Debian. Ubuntu yum install ncurses-devel help2man # Fedora, RedHat wget http://osdn.dl.sourceforge.jp/tomoyo/48663/tomoyo-tools-2.3.0-20100820.tar.gz wget http://osdn.dl.sourceforge.jp/tomoyo/48663/tomoyo-tools-2.3.0-20100820.tar.gz.asc gpg --recv-keys 4B975A98 gpg tomoyo-tools-2.3.0-20100820.tar.gz.asc tar -xzf tomoyo-tools-2.3.0-20100820.tar.gz cd tomoyo-tools patch -p1 < ~/tomoyo_install.diff sudo make install