By running this program while updating packages, you can avoid errors due to insufficient permissions.
Never grant access requests unconditionally. The cause of policy violation is not always updating packages, but may by malicious requests by attackers. If you grant access requests caused by malicious requests by attackers, the system gets intruded.
If you don't give --no-update option, this program also detects pathname changes of globally readable files. If you give --ask-update option, this program asks you whether or not to append created pathnames which are registered in /etc/ld.so.cache to globally readable files, and asks you whether or not to remove deleted pathnames from globally readable files. If you omit options, this program automatically appends created pathnames which are registered in /etc/ld.so.cache to globally readable files, and automatically removes deleted pathnames from globally readable files.
By running this program without --no-update option, you can avoid errors like "unable to start applications because shared libraries are unreadable" when the pathnames of shared libraries accessed by general programs has changed.
# ccs-queryd 192.168.1.1:10000
Usage is available at http://tomoyo.sourceforge.jp/1.7/enforcing.html
You need to register either path to this program ( /usr/sbin/ccs-queryd ) or a domain for this program in /proc/ccs/manager before invoking this program.
penguin-kernel _at_ I-love.SAKURA.ne.jp
This program is free software; you may redistribute it under the terms of the GNU General Public License. This program has absolutely no warranty.