From 707e9800c282dbb21c2e093cedcf8f5361b0e8ba Mon Sep 17 00:00:00 2001 From: rtrimana Date: Fri, 7 Apr 2017 16:53:27 -0700 Subject: [PATCH] In progress of refining the Tomoyo policies for process jailing; will define a set of basic policies and unique policies for each class of program --- iotjava/Makefile | 1 + iotjava/iotruntime/master/IoTMaster.java | 96 +++-- .../iotruntime/master/ProcessJailConfig.java | 371 ++++++++++++++++++ iotjava/iotruntime/master/RouterConfig.java | 11 + localconfig/tomoyo/AmcrestCamera.tomoyo.pol | 133 +------ localconfig/tomoyo/LabRoom.tomoyo.pol | 122 +----- localconfig/tomoyo/LifxLightBulb.tomoyo.pol | 140 +------ .../tomoyo/SmartLightsController.tomoyo.pol | 151 +------ 8 files changed, 523 insertions(+), 502 deletions(-) create mode 100644 iotjava/iotruntime/master/ProcessJailConfig.java diff --git a/iotjava/Makefile b/iotjava/Makefile index 0fda646..e44a4ba 100644 --- a/iotjava/Makefile +++ b/iotjava/Makefile @@ -226,6 +226,7 @@ runtime: cp ../localconfig/iotruntime/IoTSlave.config $(BIN_DIR)/iotruntime/ cp ../others/sslkey/*.jks $(BIN_DIR)/iotruntime/ cp -r ../localconfig/mysql $(BIN_DIR)/iotruntime/ + cp -r ../localconfig/tomoyo $(BIN_DIR)/iotruntime/ PHONY += doc doc: runtime installer rmi compiler diff --git a/iotjava/iotruntime/master/IoTMaster.java b/iotjava/iotruntime/master/IoTMaster.java index ce99125..8be2fe4 100644 --- a/iotjava/iotruntime/master/IoTMaster.java +++ b/iotjava/iotruntime/master/IoTMaster.java @@ -51,6 +51,7 @@ public class IoTMaster { private CommunicationHandler commHan; private LoadBalancer lbIoT; private RouterConfig routerConfig; + private ProcessJailConfig processJailConfig; private ObjectInitHandler objInitHand; private ObjectAddressInitHandler objAddInitHand; private String[] strObjectNames; @@ -112,6 +113,7 @@ public class IoTMaster { private static final String STR_CFG_FILE_EXT = ".config"; private static final String STR_CLS_FILE_EXT = ".class"; private static final String STR_JAR_FILE_EXT = ".jar"; + private static final String STR_MAC_POLICY_EXT = ".tomoyo.pol"; private static final String STR_SHELL_FILE_EXT = ".sh"; private static final String STR_SO_FILE_EXT = ".so"; private static final String STR_ZIP_FILE_EXT = ".zip"; @@ -133,6 +135,7 @@ public class IoTMaster { private static final String STR_IOTSLAVE_CPP = "./IoTSlave.o"; private static final String STR_SHELL_HEADER = "#!/bin/sh"; private static final String STR_JAVA_PATH = "/usr/bin/java"; + private static final String STR_MAC_POL_PATH = "tomoyo/"; private static int INT_SIZE = 4; // send length in the size of integer (4 bytes) @@ -155,6 +158,7 @@ public class IoTMaster { commHan = null; lbIoT = null; routerConfig = null; + processJailConfig = null; objInitHand = null; objAddInitHand = null; strObjectNames = argObjNms; @@ -208,6 +212,8 @@ public class IoTMaster { lbIoT.setupLoadBalancer(); routerConfig = new RouterConfig(); routerConfig.getAddressList(STR_ROUTER_ADD); + processJailConfig = new ProcessJailConfig(); + //processJailConfig.setAddressListObject(routerConfig.getAddressListObject()); objInitHand = new ObjectInitHandler(BOOL_VERBOSE); objAddInitHand = new ObjectAddressInitHandler(BOOL_VERBOSE); mapClassNameToCrim = new HashMap(); @@ -577,10 +583,11 @@ public class IoTMaster { * A private method to instrument an object on a specific machine and setting up policies * * @params strFieldObjectID String field object ID + * @params strObjControllerName String object controller name * @params strLanguage String language * @return void */ - private void instrumentObject(String strFieldObjectID, String strLanguage) throws IOException { + private void instrumentObject(String strFieldObjectID, String strObjControllerName, String strLanguage) throws IOException { // Extract the interface name for RMI // e.g. ProximitySensorInterface, TempSensorInterface, etc. @@ -625,6 +632,13 @@ public class IoTMaster { strIoTSlaveObjectHostAdd, STR_TCP_PROTOCOL); routerConfig.configureHostMainPolicies(strIoTSlaveObjectHostAdd, strIoTSlaveControllerHostAdd, strIoTSlaveObjectHostAdd, STR_TCP_PROTOCOL); + // Configure MAC policies for objects + String strFileName = STR_MAC_POL_PATH + strObjClassName + STR_MAC_POLICY_EXT; + processJailConfig.configureProcessJailDeviceDriverPolicies(strIoTSlaveObjectHostAdd, strObjName, + strFileName, strIoTMasterHostAdd, commHan.getComPort(strObjName), commHan.getRMIRegPort(strObjName), + commHan.getRMIStubPort(strObjName)); + processJailConfig.configureProcessJailContRMIPolicies(strObjControllerName, strIoTSlaveObjectHostAdd, + commHan.getRMIRegPort(strObjName), commHan.getRMIStubPort(strObjName)); // Instrument the IoTSet declarations inside the class file instrumentObjectIoTSet(strFieldObjectID, strLanguage); } @@ -722,6 +736,9 @@ public class IoTMaster { commHan.getComPort(strDeviceAddressKey), iDestDeviceDriverPort); routerConfig.configureHostMainPolicies(strIoTSlaveObjectHostAdd, strIoTSlaveObjectHostAdd, strDeviceAddress, strProtocol, commHan.getComPort(strDeviceAddressKey), iDestDeviceDriverPort); + // Configure MAC policies + processJailConfig.configureProcessJailDevicePolicies(strIoTSlaveObjectHostAdd, strProtocol, + commHan.getComPort(strDeviceAddressKey), strDeviceAddress, iDestDeviceDriverPort); } } } @@ -891,14 +908,6 @@ public class IoTMaster { * * @return String */ - /*private String getCmdJavaDriverIoTSlave(String strIoTMasterHostAdd, String strIoTSlaveObjectHostAdd, String strObjName) { - - return STR_SSH + " " + STR_USERNAME + strIoTSlaveObjectHostAdd + " cd " + STR_RUNTIME_DIR + " sudo java " + - STR_CLS_PATH + " " + STR_RMI_PATH + " " + STR_RMI_HOSTNAME + - strIoTSlaveObjectHostAdd + " " + STR_IOT_SLAVE_CLS + " " + strIoTMasterHostAdd + " " + - commHan.getComPort(strObjName) + " " + commHan.getRMIRegPort(strObjName) + " " + - commHan.getRMIStubPort(strObjName) + " >& " + STR_LOG_FILE_PATH + strObjName + ".log &"; - }*/ private String getCmdJavaDriverIoTSlave(String strIoTMasterHostAdd, String strIoTSlaveObjectHostAdd, String strObjName) { // Create an Shell executable @@ -1153,7 +1162,7 @@ public class IoTMaster { * @params strLanguage String language * @return void */ - private void instrumentIoTSet(Map.Entry map, String strFieldName, String strLanguage) + private void instrumentIoTSet(Map.Entry map, String strFieldName, String strObjControllerName, String strLanguage) throws IOException, ClassNotFoundException, InterruptedException { // Get information from the set @@ -1169,7 +1178,7 @@ public class IoTMaster { String strObjID = setInstrumenter.fieldObjectID(iRow); strObjClassName = setInstrumenter.fieldEntryType(strObjID); // Call the method to create an object - instrumentObject(strObjID, strLanguage); + instrumentObject(strObjID, strObjControllerName, strLanguage); objInitHand.addObjectIntoField(strFieldName, strIoTSlaveObjectHostAdd, strObjName, strObjClassName, strObjClassInterfaceName, strObjStubClsIntfaceName, commHan.getRMIRegPort(strObjName), commHan.getRMIStubPort(strObjName)); @@ -1185,7 +1194,7 @@ public class IoTMaster { * @params strLanguage String language * @return void */ - private void instrumentIoTRelation(Map.Entry map, String strFieldName, String strLanguage) + private void instrumentIoTRelation(Map.Entry map, String strFieldName, String strObjControllerName, String strLanguage) throws IOException, ClassNotFoundException, InterruptedException { // Get information from the set @@ -1200,7 +1209,7 @@ public class IoTMaster { String strObjID = relationInstrumenter.firstFieldObjectID(iRow); strObjClassName = relationInstrumenter.firstEntryFieldType(strObjID); // Call the method to create an object - instrumentObject(strObjID, strLanguage); + instrumentObject(strObjID, strObjControllerName, strLanguage); // Get the first object controller host address String strFirstIoTSlaveObjectHostAdd = strIoTSlaveObjectHostAdd; objInitHand.addObjectIntoField(strFieldName, strIoTSlaveObjectHostAdd, strObjName, @@ -1212,7 +1221,7 @@ public class IoTMaster { strObjID = relationInstrumenter.secondFieldObjectID(iRow); strObjClassName = relationInstrumenter.secondEntryFieldType(strObjID); // Call the method to create an object - instrumentObject(strObjID, strLanguage); + instrumentObject(strObjID, strObjControllerName, strLanguage); // Get the second object controller host address String strSecondIoTSlaveObjectHostAdd = strIoTSlaveObjectHostAdd; objInitHand.addSecondObjectIntoField(strFieldName, strIoTSlaveObjectHostAdd, strObjName, @@ -1425,6 +1434,39 @@ public class IoTMaster { } } + /** + * A method to create a thread for policy deployment + * + * @param setHostAddresses Set of strings for host addresses to configure + * @return void + */ + private void createMACPolicyThreads(Set setHostAddresses) throws IOException { + + // Create a list of threads + List threads = new ArrayList(); + // Start threads for hosts + for(String strAddress : setHostAddresses) { + Thread policyThread = new Thread(new Runnable() { + public void run() { + synchronized(this) { + processJailConfig.sendMACPolicies(strAddress); + } + } + }); + threads.add(policyThread); + policyThread.start(); + RuntimeOutput.print("Deploying MAC policies for: " + strAddress, BOOL_VERBOSE); + } + // Join all threads + for (Thread thread : threads) { + try { + thread.join(); + } catch (InterruptedException ex) { + ex.printStackTrace(); + } + } + } + /** * A method to send files to Java IoTSlave @@ -1552,17 +1594,6 @@ public class IoTMaster { * * @return String */ - /*private String getCmdJavaIoTSlave(String strObjControllerName) { - - return STR_SSH + " " + STR_USERNAME + strIoTSlaveControllerHostAdd + " cd " + - STR_RUNTIME_DIR + " sudo java " + STR_JVM_INIT_HEAP_SIZE + " " + - STR_JVM_MAX_HEAP_SIZE + " " + STR_CLS_PATH + " " + - STR_RMI_PATH + " " + STR_IOT_SLAVE_CLS + " " + strIoTMasterHostAdd + " " + - commHan.getComPort(strObjControllerName) + " " + - commHan.getRMIRegPort(strObjControllerName) + " " + - commHan.getRMIStubPort(strObjControllerName) + " >& " + - STR_LOG_FILE_PATH + strObjControllerName + ".log &"; - }*/ private String getCmdJavaIoTSlave(String strObjControllerName) { // Create an Shell executable @@ -2018,7 +2049,10 @@ public class IoTMaster { sendFileToCppSlave(strControllerFilePath, strControllerZipFile); createMainObjectCpp(strObjControllerName, outStream, inStream); } - + // Write basic MAC policies for controller + String strFileName = STR_MAC_POL_PATH + strObjControllerName + STR_MAC_POLICY_EXT; + processJailConfig.configureProcessJailControllerPolicies(strObjControllerName, strFileName, + strIoTMasterHostAdd, commHan.getComPort(strObjControllerName)); // PROFILING result = System.currentTimeMillis()-start; System.out.println("\n\n ==> From IoTSlave start until main controller object is created: " + result); @@ -2069,12 +2103,17 @@ public class IoTMaster { instrumentIoTSetAddress(strFieldName, strFieldName, inStream, outStream, STR_LANGUAGE_CONTROLLER); } else { // Any other cases - instrumentIoTSet(map, strFieldName, STR_LANGUAGE_CONTROLLER); + instrumentIoTSet(map, strFieldName, strObjControllerName, STR_LANGUAGE_CONTROLLER); } } else if (strClassName.equals(STR_REL_INSTRUMENTER_CLS)) { - instrumentIoTRelation(map, strFieldName, STR_LANGUAGE_CONTROLLER); + instrumentIoTRelation(map, strFieldName, strObjControllerName, STR_LANGUAGE_CONTROLLER); } } + // Combine controller MAC policies with the main policy file for the host + String strTempFileName = "./" + strObjControllerName + STR_MAC_POLICY_EXT; + processJailConfig.combineControllerMACPolicies(strIoTSlaveControllerHostAdd, strObjControllerName, strTempFileName); + processJailConfig.close(); + // PROFILING result = System.currentTimeMillis()-start; System.out.println("\n\n ==> Time needed to instrument device driver objects: " + result + "\n\n"); @@ -2143,6 +2182,7 @@ public class IoTMaster { serverSocket.close(); commHan.printLists(); lbIoT.printHostInfo(); + createMACPolicyThreads(setAddresses); } } catch (IOException | diff --git a/iotjava/iotruntime/master/ProcessJailConfig.java b/iotjava/iotruntime/master/ProcessJailConfig.java new file mode 100644 index 0000000..d76d130 --- /dev/null +++ b/iotjava/iotruntime/master/ProcessJailConfig.java @@ -0,0 +1,371 @@ +package iotruntime.master; + +import java.io.InputStream; +import java.io.InputStreamReader; +import java.io.BufferedReader; +import java.io.BufferedWriter; +import java.io.FileWriter; +import java.io.PrintWriter; +import java.io.IOException; +import java.nio.file.Files; +import java.nio.file.Paths; +import java.nio.charset.StandardCharsets; +import java.util.HashMap; +import java.util.Map; + +/** Class ProcessJailConfig is a class that configures the compute + * nodes in our network with the relevant process jail policies; + *

+ * We use Tomoyo 2.5 as a Mandatory Access Control (MAC) that is + * simple, easy to maintain, and lightweight (suitable for embedded + * devices). + * + * @author Rahmadi Trimananda + * @version 2.0 + * @since 2017-04-07 + */ +public final class ProcessJailConfig { + + /** + * ProcessJailConfig constants + */ + private static final String STR_SSH_USERNAME_ROUTER = "root"; + private static final String STR_SSH_USERNAME_HOST = "iotuser"; + private static final String STR_TCP_PROTOCOL = "tcp"; + private static final String STR_UDP_PROTOCOL = "udp"; + private static final String STR_TCPGW_PROTOCOL = "tcpgw"; + private static final String STR_NO_PROTOCOL = "nopro"; + + private static final String STR_MAC_POLICY_EXT = ".tomoyo.pol"; + private static final String STR_OBJECT_NAME = ""; + private static final String STR_MASTER_IP_ADDRESS = ""; + private static final String STR_MASTER_COM_PORT = ""; + private static final String STR_RMI_REG_PORT = ""; + private static final String STR_RMI_STUB_PORT = ""; + private static final String STR_DEV_IP_ADDRESS = ""; + private static final String STR_DEV_COM_PORT = ""; + private static final String STR_DEV_PORT = ""; + + + /** + * ProcessJailConfig properties + */ + private Map mapHostToFile; + private Map mapMACtoIPAdd; + + + /** + * Constructor + */ + public ProcessJailConfig() { + // This maps hostname to file PrintWriter + mapHostToFile = new HashMap(); + mapMACtoIPAdd = null; + } + + + /** + * renewPrintWriter() renews the mapHostToFile object that lists all PrintWriters + * + * @return void + */ + public void renewPrintWriter() { + + mapHostToFile = new HashMap(); + } + + + /** + * getPrintWriter() gets the right PrintWriter object to print policies to the right file + * + * @param strConfigHost String hostname to be configured + * @return PrintWriter + */ + private PrintWriter getPrintWriter(String strConfigHost) { + + // Return object if existing + if (mapHostToFile.containsKey(strConfigHost)) { + return mapHostToFile.get(strConfigHost); + } else { + // Simply create a new one if it doesn't exist + FileWriter fw = null; + try { + fw = new FileWriter(strConfigHost + STR_MAC_POLICY_EXT); + } catch (IOException ex) { + ex.printStackTrace(); + } + PrintWriter pwConfig = new PrintWriter(new BufferedWriter(fw)); + mapHostToFile.put(strConfigHost, pwConfig); + return pwConfig; + } + } + + + /** + * close() closes all PrintWriter objects + * + * @return void + */ + public void close() { + + for(PrintWriter pwConfig: mapHostToFile.values()) { + pwConfig.close(); + } + } + + + /** + * sendMACPolicies() deploys policies on MAC implementation for process jailing + * + * @param strConfigHost String hostname to be configured + * @return void + */ + public void sendMACPolicies(String strConfigHost) { + + String strCmdSend = "scp " + strConfigHost + STR_MAC_POLICY_EXT + " " + + STR_SSH_USERNAME_HOST + "@" + strConfigHost + ":~;"; + System.out.println(strCmdSend); + runCommand(strCmdSend); + String strCmdDeploy = "ssh " + STR_SSH_USERNAME_HOST + "@" + strConfigHost + + " sudo tomoyo-loadpolicy -df < ~/" + strConfigHost + STR_MAC_POLICY_EXT + "; rm ~/" + strConfigHost + + STR_MAC_POLICY_EXT + ";"; + System.out.println(strCmdDeploy); + runCommand(strCmdDeploy); + } + + + /** + * deployPolicies() method configures the policies + * + * @param strCommand String that contains command line + * @return void + */ + private void deployPolicies(String strCommand) { + + try { + Runtime runtime = Runtime.getRuntime(); + Process process = runtime.exec(strCommand); + process.waitFor(); + } catch (IOException ex) { + System.out.println("RouterConfig: IOException: " + ex.getMessage()); + ex.printStackTrace(); + } catch (InterruptedException ex) { + System.out.println("RouterConfig: InterruptException: " + ex.getMessage()); + ex.printStackTrace(); + } + } + + + /** + * setAddressListObject() method sets the map for IP and MAC addresses + *

+ * This method gets the mapping from RouterConfig + */ + public void setAddressListObject(Map _mapMACtoIPAdd) { + + mapMACtoIPAdd = _mapMACtoIPAdd; + } + + + /** + * runCommand() method runs shell command + * + * @param strCommand String that contains command line + * @return void + */ + private void runCommand(String strCommand) { + + try { + Runtime runtime = Runtime.getRuntime(); + Process process = runtime.exec(strCommand); + process.waitFor(); + } catch (IOException ex) { + System.out.println("RouterConfig: IOException: " + ex.getMessage()); + ex.printStackTrace(); + } catch (InterruptedException ex) { + System.out.println("RouterConfig: InterruptException: " + ex.getMessage()); + ex.printStackTrace(); + } + } + + + /** + * getAddressList() method gets list of IP addresses + *

+ * This method sends an inquiry to the router to look for + * the list of DHCP leased addresses and their mapping to MAC + * addresses + * + * @param strRouterAddress String that contains address of router + */ + public void getAddressList(String strRouterAddress) { + + //HashMap hmMACToIPAdd = new HashMap(); + try { + // We can replace "cat /tmp/dhcp.leases" with "cat /proc/net/arp" + String cmd = "ssh " + STR_SSH_USERNAME_ROUTER + "@" + strRouterAddress + + " cat /tmp/dhcp.leases"; + Runtime runtime = Runtime.getRuntime(); + Process process = runtime.exec(cmd); + + InputStream inStream = process.getInputStream(); + InputStreamReader isReader = new InputStreamReader(inStream); + BufferedReader bReader = new BufferedReader(isReader); + String strRead = null; + while((strRead = bReader.readLine()) != null){ + String[] str = strRead.split(" "); + mapMACtoIPAdd.put(str[1], str[2]); + } + } catch (IOException ex) { + System.out.println("RouterConfig: IOException: " + ex.getMessage()); + ex.printStackTrace(); + } + } + + + /** + * getIPFromMACAddress() method gets IP from MAC address + * + * @return String String that contains IP address from the MAC-IP mapping + */ + public String getIPFromMACAddress(String strMACAddress) { + + String strIPAddress = mapMACtoIPAdd.get(strMACAddress); + if (strIPAddress == null) { + throw new Error("RouterConfig: MAC address " + strMACAddress + + " not found on the list! Please check if device is present in /tmp/dhcp.leases!"); + } + return strIPAddress; + } + + + /** + * readFile() read the entire file and return a string + * + * @return String String that contains the content of the file + */ + public String readFile(String filePath) { + + String retStr = null; + try { + retStr = new String(Files.readAllBytes(Paths.get(filePath)), StandardCharsets.UTF_8); + } catch (IOException ex) { + ex.printStackTrace(); + } + return retStr; + } + + + /** + * configureProcessJailDeviceDriverPolicies() method configures the main MAC policies + *

+ * This method configures the main policies between controller and device driver + * + * @param strConfigHost String hostname to be configured + * @param strObjectName String object name + * @param strFileName String policy file path and name + * @param strMasterIPAddress String master IP address + * @param iComPort Integer communication port (controller-driver) + * @param iRMIRegPort Integer RMI registry port + * @param iRMIStubPort Integer RMI stub port + * @return void + */ + public void configureProcessJailDeviceDriverPolicies(String strConfigHost, String strObjectName, + String strFileName, String strMasterIPAddress, int iComPort, int iRMIRegPort, int iRMIStubPort) { + + PrintWriter pwConfig = getPrintWriter(strConfigHost); + String strPolicyList = readFile(strFileName); + // Replace the strings with the actual values + String strNewPolicyList = strPolicyList.replace(STR_OBJECT_NAME, strObjectName).replace(STR_MASTER_IP_ADDRESS, + strMasterIPAddress).replace(STR_MASTER_COM_PORT, String.valueOf(iComPort)).replace(STR_RMI_REG_PORT, + String.valueOf(iRMIRegPort)).replace(STR_RMI_STUB_PORT, String.valueOf(iRMIStubPort)); + pwConfig.println("\n"); + pwConfig.print(strNewPolicyList); + } + + + /** + * configureProcessJailDevicePolicies() method configures the device MAC policies + *

+ * This method configures the device policies between device driver and device + * + * @param strConfigHost String hostname to be configured + * @param strProtocol String protocol name + * @param iDeviceComPort Integer device communication port + * @param strDeviceIPAddress String device IP address + * @param iDevicePort Integer device port + * @return void + */ + public void configureProcessJailDevicePolicies(String strConfigHost, String strProtocol, + int iDeviceComPort, String strDeviceIPAddress, int iDevicePort) { + + PrintWriter pwConfig = getPrintWriter(strConfigHost); + if (strProtocol.equals(STR_TCP_PROTOCOL)) { + pwConfig.println("network inet stream connect ::ffff:" + strDeviceIPAddress + " " + String.valueOf(iDevicePort)); + } else { + pwConfig.println("network inet dgram bind :: " + String.valueOf(iDeviceComPort)); + pwConfig.println("network inet dgram send ::ffff:" + strDeviceIPAddress + " " + String.valueOf(iDevicePort)); + } + } + + + /** + * configureProcessJailControllerPolicies() method configures the main MAC policies for controller + * + * @param strControllerName String controller name to be configured + * @param strFileName String policy file path and name + * @param strMasterIPAddress String master IP address + * @param iComPort Integer communication port (controller-driver) + * @return void + */ + public void configureProcessJailControllerPolicies(String strControllerName, String strFileName, + String strMasterIPAddress, int iComPort) { + + PrintWriter pwConfig = getPrintWriter(strControllerName); + String strPolicyList = readFile(strFileName); + // Replace the strings with the actual values + String strNewPolicyList = strPolicyList.replace(STR_MASTER_IP_ADDRESS, + strMasterIPAddress).replace(STR_MASTER_COM_PORT, String.valueOf(iComPort)); + pwConfig.println("\n"); + pwConfig.print(strNewPolicyList); + } + + + /** + * configureProcessJailContRMIPolicies() method configures the MAC policies for RMI ports of controller + * + * @param strControllerName String controller name to be configured + * @param strFileName String policy file path and name + * @param strMasterIPAddress String master IP address + * @param iComPort Integer communication port (controller-driver) + * @return void + */ + public void configureProcessJailContRMIPolicies(String strControllerName, String strDeviceDriverIPAddress, + int iRMIRegPort, int iRMIStubPort) { + + PrintWriter pwConfig = getPrintWriter(strControllerName); + // Replace the strings with the actual values + pwConfig.println("network inet stream connect ::ffff:" + strDeviceDriverIPAddress + " " + String.valueOf(iRMIRegPort)); + pwConfig.println("network inet stream connect ::ffff:" + strDeviceDriverIPAddress + " " + String.valueOf(iRMIStubPort)); + } + + + /** + * combineControllerMACPolicies() method combines the controller MAC policies into the right host policy file + * + * @param strConfigHost String hostname to be configured + * @param strFileName String policy file path and name + * @return void + */ + public void combineControllerMACPolicies(String strConfigHost, String strObjectControllerName, String strFileName) { + + PrintWriter pwConfig = getPrintWriter(strConfigHost); + PrintWriter pwCont = getPrintWriter(strObjectControllerName); + pwCont.close(); + String strPolicyList = readFile(strFileName); + pwConfig.println(strPolicyList); + runCommand("rm -rf " + strFileName); + } +} + + diff --git a/iotjava/iotruntime/master/RouterConfig.java b/iotjava/iotruntime/master/RouterConfig.java index 821922c..392fd74 100644 --- a/iotjava/iotruntime/master/RouterConfig.java +++ b/iotjava/iotruntime/master/RouterConfig.java @@ -159,6 +159,17 @@ public final class RouterConfig { } } + /** + * getAddressListObject() method returns the map from this class + *

+ * This method is useful for MAC policy class so that it doesn't have + * to query the router again + */ + public Map getAddressListObject() { + + return mapMACtoIPAdd; + } + /** * getAddressList() method gets list of IP addresses *

diff --git a/localconfig/tomoyo/AmcrestCamera.tomoyo.pol b/localconfig/tomoyo/AmcrestCamera.tomoyo.pol index 369edfc..d13903e 100644 --- a/localconfig/tomoyo/AmcrestCamera.tomoyo.pol +++ b/localconfig/tomoyo/AmcrestCamera.tomoyo.pol @@ -1,4 +1,4 @@ - /usr/sbin/sshd /bin/bash /home/iotuser/iot2/iotjava/iotruntime/AmcrestCamera.sh /usr/bin/java + /usr/sbin/sshd /bin/bash /home/iotuser/iot2/iotjava/iotruntime/.sh /usr/bin/java use_profile 3 use_group 0 @@ -18,135 +18,38 @@ misc env SHELL misc env PWD misc env SSH_CONNECTION file read /etc/ld.so.preload -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/jli/libjli.so -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/jvm.cfg -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/client/libjvm.so -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/libverify.so -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/libjava.so +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/\*.so +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/\*.cfg +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/client/\*.so +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/\* +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/\*.jar +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/ext/\* +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/security/\* +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/jli/\*.so +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/\*.jar network unix stream connect /var/run/nscd/socket file read /etc/nsswitch.conf file read /etc/passwd file create /tmp/hsperfdata_iotuser/\* 0600 file read/write/unlink/truncate /tmp/hsperfdata_iotuser/\* -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/libzip.so -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/meta-index -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/rt.jar file read /sys/devices/system/cpu/online file read /usr/lib/locale/locale-archive -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/ext/meta-index -file write/truncate /home/iotuser/.oracle_jre_usage/81970c018e7540cf.timestamp -file read /usr/share/java/servlet-api-2.5.jar -file read /usr/share/java/asm-all-5.0.3.jar -file read /usr/share/java/BoofCV-WebcamCapture-0.21.jar -file read /usr/share/java/core-0.28.jar -file read /usr/share/java/jurt-4.3.3.jar -file read /usr/share/java/ridl-4.3.3.jar -file read /usr/share/java/unoloader.jar -file read /usr/share/java/BoofCV-xuggler-0.21-sources.jar -file read /usr/share/java/xpp3_min-1.1.4c.jar -file read /usr/share/java/simple-0.29.jar -file read /usr/share/java/BoofCV-recognition-0.21-sources.jar -file read /usr/share/java/BoofCV-feature-0.21.jar -file read /usr/share/java/jsp-api-2.1.jar -file read /usr/share/java/mysql-connector-java-5.1.39.jar -file read /usr/share/java/BoofCV-jcodec-0.21-sources.jar -file read /usr/share/java/BoofCV-visualize-0.21-sources.jar -file read /usr/share/java/BoofCV-WebcamCapture-0.21-sources.jar -file read /usr/share/java/GeoRegression-georegression-0.9-sources.jar -file read /usr/share/java/el-api-2.1.jar -file read /usr/share/java/unoil-4.3.3.jar -file read /usr/share/java/GeoRegression-experimental-0.9-sources.jar -file read /usr/share/java/xmlpull-1.1.3.1.jar -file read /usr/share/java/georegression-0.10.jar -file read /usr/share/java/BoofCV-android-0.21.jar -file read /usr/share/java/BoofCV-ip-0.21.jar -file read /usr/share/java/BoofCV-android-0.21-sources.jar -file read /usr/share/java/hsqldb1.8.0-1.8.0.10+dfsg.jar -file read /usr/share/java/BoofCV-sfm-0.21.jar -file read /usr/share/java/BoofCV-visualize-0.21.jar -file read /usr/share/java/BoofCV-geo-0.21-sources.jar -file read /usr/share/java/core-0.29.jar -file read /usr/share/java/libintl.jar -file read /usr/share/java/BoofCV-io-0.21-sources.jar -file read /usr/share/java/BoofCV-io-0.21.jar -file read /usr/share/java/hsqldbutil1.8.0-1.8.0.10+dfsg.jar -file read /usr/share/java/dense64-0.28.jar -file read /usr/share/java/BoofCV-xuggler-0.21.jar -file read /usr/share/java/BoofCV-learning-0.21.jar -file read /usr/share/java/BoofCV-sfm-0.21-sources.jar -file read /usr/share/java/zip4j_1.3.2.jar -file read /usr/share/java/ddogleg-0.8-SNAPSHOT.jar -file read /usr/share/java/BoofCV-openkinect-0.21.jar -file read /usr/share/java/dense64-0.29.jar -file read /usr/share/java/juh-4.3.3.jar -file read /usr/share/java/jl1.0.1.jar -file read /usr/share/java/BoofCV-jcodec-0.21.jar -file read /usr/share/java/BoofCV-ip-0.21-sources.jar -file read /usr/share/java/GeoRegression-experimental-0.9.jar -file read /usr/share/java/GeoRegression-georegression-0.9.jar -file read /usr/share/java/java-json.jar -file read /usr/share/java/ddogleg-0.9.jar -file read /usr/share/java/xstream-1.4.7.jar -file read /usr/share/java/BoofCV-geo-0.21.jar -file read /usr/share/java/java_uno.jar -file read /usr/share/java/BoofCV-calibration-0.21.jar -file read /usr/share/java/javac.jar -file read /usr/share/java/BoofCV-recognition-0.21.jar -file read /usr/share/java/checker.jar -file read /usr/share/java/BoofCV-feature-0.21-sources.jar -file read /usr/share/java/BoofCV-openkinect-0.21-sources.jar -file read /usr/share/java/equation-0.29.jar -file read /usr/share/java/simple-0.28.jar -file read /usr/share/java/BoofCV-learning-0.21-sources.jar -file read /usr/share/java/equation-0.28.jar -file read /usr/share/java/BoofCV-calibration-0.21-sources.jar -file read /home/iotuser/iot2/iotjava/iotruntime/slave/IoTSlave.class -file read /home/iotuser/iot2/iotjava/iotruntime/IoTSlave.config -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/libnet.so -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/net.properties +file write/truncate /home/iotuser/.oracle_jre_usage/\*cf.timestamp +file read /usr/share/java/\*.jar +file read /home/iotuser/iot2/iotjava/iotruntime/slave/\*.class +file read /home/iotuser/iot2/iotjava/iotruntime/\*.config network inet stream connect ::ffff: -file read /home/iotuser/iot2/iotjava/iotruntime/master/RuntimeOutput.class -file read /home/iotuser/iot2/iotjava/iotruntime/messages/MessageSendFile.class -file read /home/iotuser/iot2/iotjava/iotruntime/messages/Message.class -file read /home/iotuser/iot2/iotjava/iotruntime/messages/IoTCommCode.class -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/security/java.security -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/jsse.jar +file read /home/iotuser/iot2/iotjava/iotruntime/master/\*.class +file read /home/iotuser/iot2/iotjava/iotruntime/messages/\*.class file read /dev/random file read /dev/urandom -file read /home/iotuser/iot2/iotjava/iotruntime/slave/IoTSlave$3.class -file read /home/iotuser/iot2/iotjava/iotruntime/messages/MessageSimple.class file create /home/iotuser/iot2/iotjava/iotruntime/AmcrestCamera.jar 0666 file read/write /home/iotuser/iot2/iotjava/iotruntime/AmcrestCamera.jar -file read /home/iotuser/iot2/iotjava/iotruntime/messages/MessageCreateObject.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMIComm.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMICommServer.class -file read /home/iotuser/iot2/iotjava/iotruntime/slave/IoTSlave$1.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMIComm$1.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMIComm$2.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMICommServer$1.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMICommServer$2.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMICommServer$3.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMIUtil.class -file read /home/iotuser/iot2/iotjava/iotruntime/messages/MessageCreateSetRelation.class -file read /home/iotuser/iot2/iotjava/iotruntime/slave/ISet.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMITypes.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTSocketServer.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTSocket.class -file read /home/iotuser/iot2/iotjava/iotruntime/messages/MessageGetDeviceObject.class -file read /home/iotuser/iot2/iotjava/iotruntime/slave/IoTDeviceAddress.class -file read /home/iotuser/iot2/iotjava/iotruntime/slave/IoTAddress.class -file read /home/iotuser/iot2/iotjava/iotruntime/slave/IoTSet.class +file read /home/iotuser/iot2/iotjava/iotrmi/Java/\*.class file ioctl socket:[family=10:type=1:protocol=6] 0x541B -file read /home/iotuser/iot2/iotjava/iotruntime/IoTHTTP.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMICommClient.class -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/charsets.jar -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/libawt.so -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/libawt_headless.so +file read /home/iotuser/iot2/iotjava/iotruntime/\*.class file read /usr/share/locale/en_GB/LC_MESSAGES/libc.mo -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/libnio.so -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/libjpeg.so file create /tmp/imageio\*.tmp 0600 file read/write/unlink /tmp/imageio\*.tmp network inet stream bind/listen :: network inet stream bind/listen :: -network inet stream connect ::ffff: 80 diff --git a/localconfig/tomoyo/LabRoom.tomoyo.pol b/localconfig/tomoyo/LabRoom.tomoyo.pol index 2267a14..050f52a 100644 --- a/localconfig/tomoyo/LabRoom.tomoyo.pol +++ b/localconfig/tomoyo/LabRoom.tomoyo.pol @@ -1,4 +1,4 @@ - /usr/sbin/sshd /bin/bash /home/iotuser/iot2/iotjava/iotruntime/LabRoom.sh /usr/bin/java + /usr/sbin/sshd /bin/bash /home/iotuser/iot2/iotjava/iotruntime/.sh /usr/bin/java use_profile 3 use_group 0 @@ -18,121 +18,35 @@ misc env SHELL misc env PWD misc env SSH_CONNECTION file read /etc/ld.so.preload -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/jli/libjli.so -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/jvm.cfg -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/client/libjvm.so -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/libverify.so -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/libjava.so +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/\*.so +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/\*.cfg +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/client/\*.so +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/\* +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/\*.jar +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/ext/\* +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/security/\* +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/jli/\*.so +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/\*.jar network unix stream connect /var/run/nscd/socket file read /etc/nsswitch.conf file read /etc/passwd file create /tmp/hsperfdata_iotuser/\* 0600 file read/write/unlink/truncate /tmp/hsperfdata_iotuser/\* -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/libzip.so -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/meta-index -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/rt.jar file read /sys/devices/system/cpu/online file read /usr/lib/locale/locale-archive -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/ext/meta-index -file write/truncate /home/iotuser/.oracle_jre_usage/81970c018e7540cf.timestamp -file read /usr/share/java/servlet-api-2.5.jar -file read /usr/share/java/asm-all-5.0.3.jar -file read /usr/share/java/BoofCV-WebcamCapture-0.21.jar -file read /usr/share/java/core-0.28.jar -file read /usr/share/java/jurt-4.3.3.jar -file read /usr/share/java/ridl-4.3.3.jar -file read /usr/share/java/unoloader.jar -file read /usr/share/java/BoofCV-xuggler-0.21-sources.jar -file read /usr/share/java/xpp3_min-1.1.4c.jar -file read /usr/share/java/simple-0.29.jar -file read /usr/share/java/BoofCV-recognition-0.21-sources.jar -file read /usr/share/java/BoofCV-feature-0.21.jar -file read /usr/share/java/jsp-api-2.1.jar -file read /usr/share/java/mysql-connector-java-5.1.39.jar -file read /usr/share/java/BoofCV-jcodec-0.21-sources.jar -file read /usr/share/java/BoofCV-visualize-0.21-sources.jar -file read /usr/share/java/BoofCV-WebcamCapture-0.21-sources.jar -file read /usr/share/java/GeoRegression-georegression-0.9-sources.jar -file read /usr/share/java/el-api-2.1.jar -file read /usr/share/java/unoil-4.3.3.jar -file read /usr/share/java/GeoRegression-experimental-0.9-sources.jar -file read /usr/share/java/xmlpull-1.1.3.1.jar -file read /usr/share/java/georegression-0.10.jar -file read /usr/share/java/BoofCV-android-0.21.jar -file read /usr/share/java/BoofCV-ip-0.21.jar -file read /usr/share/java/BoofCV-android-0.21-sources.jar -file read /usr/share/java/hsqldb1.8.0-1.8.0.10+dfsg.jar -file read /usr/share/java/BoofCV-sfm-0.21.jar -file read /usr/share/java/BoofCV-visualize-0.21.jar -file read /usr/share/java/BoofCV-geo-0.21-sources.jar -file read /usr/share/java/core-0.29.jar -file read /usr/share/java/libintl.jar -file read /usr/share/java/BoofCV-io-0.21-sources.jar -file read /usr/share/java/BoofCV-io-0.21.jar -file read /usr/share/java/hsqldbutil1.8.0-1.8.0.10+dfsg.jar -file read /usr/share/java/dense64-0.28.jar -file read /usr/share/java/BoofCV-xuggler-0.21.jar -file read /usr/share/java/BoofCV-learning-0.21.jar -file read /usr/share/java/BoofCV-sfm-0.21-sources.jar -file read /usr/share/java/zip4j_1.3.2.jar -file read /usr/share/java/ddogleg-0.8-SNAPSHOT.jar -file read /usr/share/java/BoofCV-openkinect-0.21.jar -file read /usr/share/java/dense64-0.29.jar -file read /usr/share/java/juh-4.3.3.jar -file read /usr/share/java/jl1.0.1.jar -file read /usr/share/java/BoofCV-jcodec-0.21.jar -file read /usr/share/java/BoofCV-ip-0.21-sources.jar -file read /usr/share/java/GeoRegression-experimental-0.9.jar -file read /usr/share/java/GeoRegression-georegression-0.9.jar -file read /usr/share/java/java-json.jar -file read /usr/share/java/ddogleg-0.9.jar -file read /usr/share/java/xstream-1.4.7.jar -file read /usr/share/java/BoofCV-geo-0.21.jar -file read /usr/share/java/java_uno.jar -file read /usr/share/java/BoofCV-calibration-0.21.jar -file read /usr/share/java/javac.jar -file read /usr/share/java/BoofCV-recognition-0.21.jar -file read /usr/share/java/checker.jar -file read /usr/share/java/BoofCV-feature-0.21-sources.jar -file read /usr/share/java/BoofCV-openkinect-0.21-sources.jar -file read /usr/share/java/equation-0.29.jar -file read /usr/share/java/simple-0.28.jar -file read /usr/share/java/BoofCV-learning-0.21-sources.jar -file read /usr/share/java/equation-0.28.jar -file read /usr/share/java/BoofCV-calibration-0.21-sources.jar -file read /home/iotuser/iot2/iotjava/iotruntime/slave/IoTSlave.class -file read /home/iotuser/iot2/iotjava/iotruntime/IoTSlave.config -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/libnet.so -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/net.properties +file write/truncate /home/iotuser/.oracle_jre_usage/\*cf.timestamp +file read /usr/share/java/\*.jar +file read /home/iotuser/iot2/iotjava/iotruntime/\*.class +file read /home/iotuser/iot2/iotjava/iotruntime/slave/\*.class +file read /home/iotuser/iot2/iotjava/iotruntime/\*.config network inet stream connect ::ffff: -file read /home/iotuser/iot2/iotjava/iotruntime/master/RuntimeOutput.class -file read /home/iotuser/iot2/iotjava/iotruntime/messages/MessageSendFile.class -file read /home/iotuser/iot2/iotjava/iotruntime/messages/Message.class -file read /home/iotuser/iot2/iotjava/iotruntime/messages/IoTCommCode.class -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/security/java.security -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/jsse.jar +file read /home/iotuser/iot2/iotjava/iotruntime/master/\*.class +file read /home/iotuser/iot2/iotjava/iotruntime/messages/\*.class file read /dev/random file read /dev/urandom -file read /home/iotuser/iot2/iotjava/iotruntime/slave/IoTSlave$3.class -file read /home/iotuser/iot2/iotjava/iotruntime/messages/MessageSimple.class file create /home/iotuser/iot2/iotjava/iotruntime/LabRoom.jar 0666 file read/write /home/iotuser/iot2/iotjava/iotruntime/LabRoom.jar -file read /home/iotuser/iot2/iotjava/iotruntime/messages/MessageCreateObject.class -file read /home/iotuser/iot2/iotjava/iotcode/LabRoom/LabRoom.class -file read /home/iotuser/iot2/iotjava/iotcode/LabRoom/Room_Skeleton.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMIComm.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMICommServer.class -file read /home/iotuser/iot2/iotjava/iotcode/LabRoom/Room_Skeleton$1.class -file read /home/iotuser/iot2/iotjava/iotruntime/slave/IoTSlave$1.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMIComm$1.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMIComm$2.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMICommServer$1.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMICommServer$2.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMICommServer$3.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMIUtil.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMITypes.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTSocketServer.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTSocket.class +file read /home/iotuser/iot2/iotjava/iotrmi/Java/\*.class network inet stream bind/listen :: network inet stream bind/listen :: file ioctl socket:[family=10:type=1:protocol=6] 0x541B diff --git a/localconfig/tomoyo/LifxLightBulb.tomoyo.pol b/localconfig/tomoyo/LifxLightBulb.tomoyo.pol index 9e4e2f7..5c89817 100644 --- a/localconfig/tomoyo/LifxLightBulb.tomoyo.pol +++ b/localconfig/tomoyo/LifxLightBulb.tomoyo.pol @@ -1,4 +1,4 @@ - /usr/sbin/sshd /bin/bash /home/iotuser/iot2/iotjava/iotruntime/LifxLightBulb.sh /usr/bin/java + /usr/sbin/sshd /bin/bash /home/iotuser/iot2/iotjava/iotruntime/.sh /usr/bin/java use_profile 3 use_group 0 @@ -18,137 +18,35 @@ misc env SHELL misc env PWD misc env SSH_CONNECTION file read /etc/ld.so.preload -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/jli/libjli.so -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/jvm.cfg -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/client/libjvm.so -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/libverify.so -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/libjava.so +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/\*.so +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/\*.cfg +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/client/\*.so +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/\* +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/\*.jar +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/ext/\* +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/security/\* +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/jli/\*.so +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/\*.jar network unix stream connect /var/run/nscd/socket file read /etc/nsswitch.conf file read /etc/passwd file create /tmp/hsperfdata_iotuser/\* 0600 file read/write/unlink/truncate /tmp/hsperfdata_iotuser/\* -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/libzip.so -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/meta-index -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/rt.jar file read /sys/devices/system/cpu/online file read /usr/lib/locale/locale-archive -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/ext/meta-index -file write/truncate /home/iotuser/.oracle_jre_usage/81970c018e7540cf.timestamp -file read /usr/share/java/servlet-api-2.5.jar -file read /usr/share/java/asm-all-5.0.3.jar -file read /usr/share/java/BoofCV-WebcamCapture-0.21.jar -file read /usr/share/java/core-0.28.jar -file read /usr/share/java/jurt-4.3.3.jar -file read /usr/share/java/ridl-4.3.3.jar -file read /usr/share/java/unoloader.jar -file read /usr/share/java/BoofCV-xuggler-0.21-sources.jar -file read /usr/share/java/xpp3_min-1.1.4c.jar -file read /usr/share/java/simple-0.29.jar -file read /usr/share/java/BoofCV-recognition-0.21-sources.jar -file read /usr/share/java/BoofCV-feature-0.21.jar -file read /usr/share/java/jsp-api-2.1.jar -file read /usr/share/java/mysql-connector-java-5.1.39.jar -file read /usr/share/java/BoofCV-jcodec-0.21-sources.jar -file read /usr/share/java/BoofCV-visualize-0.21-sources.jar -file read /usr/share/java/BoofCV-WebcamCapture-0.21-sources.jar -file read /usr/share/java/GeoRegression-georegression-0.9-sources.jar -file read /usr/share/java/el-api-2.1.jar -file read /usr/share/java/unoil-4.3.3.jar -file read /usr/share/java/GeoRegression-experimental-0.9-sources.jar -file read /usr/share/java/xmlpull-1.1.3.1.jar -file read /usr/share/java/georegression-0.10.jar -file read /usr/share/java/BoofCV-android-0.21.jar -file read /usr/share/java/BoofCV-ip-0.21.jar -file read /usr/share/java/BoofCV-android-0.21-sources.jar -file read /usr/share/java/hsqldb1.8.0-1.8.0.10+dfsg.jar -file read /usr/share/java/BoofCV-sfm-0.21.jar -file read /usr/share/java/BoofCV-visualize-0.21.jar -file read /usr/share/java/BoofCV-geo-0.21-sources.jar -file read /usr/share/java/core-0.29.jar -file read /usr/share/java/libintl.jar -file read /usr/share/java/BoofCV-io-0.21-sources.jar -file read /usr/share/java/BoofCV-io-0.21.jar -file read /usr/share/java/hsqldbutil1.8.0-1.8.0.10+dfsg.jar -file read /usr/share/java/dense64-0.28.jar -file read /usr/share/java/BoofCV-xuggler-0.21.jar -file read /usr/share/java/BoofCV-learning-0.21.jar -file read /usr/share/java/BoofCV-sfm-0.21-sources.jar -file read /usr/share/java/zip4j_1.3.2.jar -file read /usr/share/java/ddogleg-0.8-SNAPSHOT.jar -file read /usr/share/java/BoofCV-openkinect-0.21.jar -file read /usr/share/java/dense64-0.29.jar -file read /usr/share/java/juh-4.3.3.jar -file read /usr/share/java/jl1.0.1.jar -file read /usr/share/java/BoofCV-jcodec-0.21.jar -file read /usr/share/java/BoofCV-ip-0.21-sources.jar -file read /usr/share/java/GeoRegression-experimental-0.9.jar -file read /usr/share/java/GeoRegression-georegression-0.9.jar -file read /usr/share/java/java-json.jar -file read /usr/share/java/ddogleg-0.9.jar -file read /usr/share/java/xstream-1.4.7.jar -file read /usr/share/java/BoofCV-geo-0.21.jar -file read /usr/share/java/java_uno.jar -file read /usr/share/java/BoofCV-calibration-0.21.jar -file read /usr/share/java/javac.jar -file read /usr/share/java/BoofCV-recognition-0.21.jar -file read /usr/share/java/checker.jar -file read /usr/share/java/BoofCV-feature-0.21-sources.jar -file read /usr/share/java/BoofCV-openkinect-0.21-sources.jar -file read /usr/share/java/equation-0.29.jar -file read /usr/share/java/simple-0.28.jar -file read /usr/share/java/BoofCV-learning-0.21-sources.jar -file read /usr/share/java/equation-0.28.jar -file read /usr/share/java/BoofCV-calibration-0.21-sources.jar -file read /home/iotuser/iot2/iotjava/iotruntime/slave/IoTSlave.class -file read /home/iotuser/iot2/iotjava/iotruntime/IoTSlave.config -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/libnet.so -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/net.properties -network inet stream connect ::ffff:192.168.2.108 -file read /home/iotuser/iot2/iotjava/iotruntime/master/RuntimeOutput.class -file read /home/iotuser/iot2/iotjava/iotruntime/messages/MessageSendFile.class -file read /home/iotuser/iot2/iotjava/iotruntime/messages/Message.class -file read /home/iotuser/iot2/iotjava/iotruntime/messages/IoTCommCode.class -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/security/java.security -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/jsse.jar +file write/truncate /home/iotuser/.oracle_jre_usage/\*cf.timestamp +file read /usr/share/java/\*.jar +file read /home/iotuser/iot2/iotjava/iotruntime/slave/\*.class +file read /home/iotuser/iot2/iotjava/iotruntime/\*.config +network inet stream connect ::ffff: +file read /home/iotuser/iot2/iotjava/iotruntime/master/\*.class +file read /home/iotuser/iot2/iotjava/iotruntime/messages/\*.class file read /dev/random file read /dev/urandom -file read /home/iotuser/iot2/iotjava/iotruntime/slave/IoTSlave$3.class -file read /home/iotuser/iot2/iotjava/iotruntime/messages/MessageSimple.class file create /home/iotuser/iot2/iotjava/iotruntime/LifxLightBulb.jar 0666 file read/write /home/iotuser/iot2/iotjava/iotruntime/LifxLightBulb.jar -file read /home/iotuser/iot2/iotjava/iotruntime/messages/MessageCreateObject.class -file read /home/iotuser/iot2/iotjava/iotcode/LifxLightBulb/LifxLightBulb.class -file read /home/iotuser/iot2/iotjava/iotcode/LifxLightBulb/LightBulb_Skeleton.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMIComm.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMICommServer.class -file read /home/iotuser/iot2/iotjava/iotcode/LifxLightBulb/LightBulb_Skeleton$1.class -file read /home/iotuser/iot2/iotjava/iotruntime/slave/IoTSlave$1.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMIComm$1.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMIComm$2.class -file read /home/iotuser/iot2/iotjava/iotruntime/messages/MessageCreateSetRelation.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMICommServer$1.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMICommServer$2.class -file read /home/iotuser/iot2/iotjava/iotruntime/slave/ISet.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMICommServer$3.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMIUtil.class -file read /home/iotuser/iot2/iotjava/iotruntime/messages/MessageGetDeviceObject.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMITypes.class -file read /home/iotuser/iot2/iotjava/iotruntime/slave/IoTDeviceAddress.class -file read /home/iotuser/iot2/iotjava/iotruntime/slave/IoTAddress.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTSocketServer.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTSocket.class -file read /home/iotuser/iot2/iotjava/iotruntime/slave/IoTSet.class -file read /home/iotuser/iot2/iotjava/iotruntime/IoTUDP.class +file read /home/iotuser/iot2/iotjava/iotrmi/Java/\*.class +file read /home/iotuser/iot2/iotjava/iotruntime/\*.class network inet stream bind/listen :: network inet stream bind/listen :: file ioctl socket:[family=10:type=1:protocol=6] 0x541B -file read /home/iotuser/iot2/iotjava/iotcode/LifxLightBulb/LightBulb_Skeleton$2.class -network inet dgram bind :: -file read /home/iotuser/iot2/iotjava/iotcode/LifxLightBulb/LifxLightBulb$1.class -file read /home/iotuser/iot2/iotjava/iotcode/LifxLightBulb/LifxHeader.class -network inet dgram send ::ffff: 56700 -file read /home/iotuser/iot2/iotjava/iotcode/LifxLightBulb/DeviceStateVersion.class -file read /home/iotuser/iot2/iotjava/iotcode/LifxLightBulb/BulbColor.class -file read /home/iotuser/iot2/iotjava/iotcode/LifxLightBulb/LightState.class -file read /home/iotuser/iot2/iotjava/iotcode/LifxLightBulb/LightBulb_Skeleton$5.class diff --git a/localconfig/tomoyo/SmartLightsController.tomoyo.pol b/localconfig/tomoyo/SmartLightsController.tomoyo.pol index b9a712a..6760b73 100644 --- a/localconfig/tomoyo/SmartLightsController.tomoyo.pol +++ b/localconfig/tomoyo/SmartLightsController.tomoyo.pol @@ -18,156 +18,39 @@ misc env SHELL misc env PWD misc env SSH_CONNECTION file read /etc/ld.so.preload -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/jli/libjli.so -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/jvm.cfg -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/client/libjvm.so -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/libverify.so -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/libjava.so +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/\*.so +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/\*.cfg +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/client/\*.so +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/\* +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/\*.jar +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/ext/\* +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/security/\* +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/jli/\*.so +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/\*.jar +file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/\*.dat network unix stream connect /var/run/nscd/socket file read /etc/nsswitch.conf file read /etc/passwd file create /tmp/hsperfdata_iotuser/\* 0600 file read/write/unlink/truncate /tmp/hsperfdata_iotuser/\* -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/libzip.so -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/meta-index -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/rt.jar file read /sys/devices/system/cpu/online file read /usr/lib/locale/locale-archive -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/ext/meta-index file write/truncate /home/iotuser/.oracle_jre_usage/81970c018e7540cf.timestamp -file read /usr/share/java/servlet-api-2.5.jar -file read /usr/share/java/asm-all-5.0.3.jar -file read /usr/share/java/BoofCV-WebcamCapture-0.21.jar -file read /usr/share/java/core-0.28.jar -file read /usr/share/java/jurt-4.3.3.jar -file read /usr/share/java/ridl-4.3.3.jar -file read /usr/share/java/unoloader.jar -file read /usr/share/java/BoofCV-xuggler-0.21-sources.jar -file read /usr/share/java/xpp3_min-1.1.4c.jar -file read /usr/share/java/simple-0.29.jar -file read /usr/share/java/BoofCV-recognition-0.21-sources.jar -file read /usr/share/java/BoofCV-feature-0.21.jar -file read /usr/share/java/jsp-api-2.1.jar -file read /usr/share/java/mysql-connector-java-5.1.39.jar -file read /usr/share/java/BoofCV-jcodec-0.21-sources.jar -file read /usr/share/java/BoofCV-visualize-0.21-sources.jar -file read /usr/share/java/BoofCV-WebcamCapture-0.21-sources.jar -file read /usr/share/java/GeoRegression-georegression-0.9-sources.jar -file read /usr/share/java/el-api-2.1.jar -file read /usr/share/java/unoil-4.3.3.jar -file read /usr/share/java/GeoRegression-experimental-0.9-sources.jar -file read /usr/share/java/xmlpull-1.1.3.1.jar -file read /usr/share/java/georegression-0.10.jar -file read /usr/share/java/BoofCV-android-0.21.jar -file read /usr/share/java/BoofCV-ip-0.21.jar -file read /usr/share/java/BoofCV-android-0.21-sources.jar -file read /usr/share/java/hsqldb1.8.0-1.8.0.10+dfsg.jar -file read /usr/share/java/BoofCV-sfm-0.21.jar -file read /usr/share/java/BoofCV-visualize-0.21.jar -file read /usr/share/java/BoofCV-geo-0.21-sources.jar -file read /usr/share/java/core-0.29.jar -file read /usr/share/java/libintl.jar -file read /usr/share/java/BoofCV-io-0.21-sources.jar -file read /usr/share/java/BoofCV-io-0.21.jar -file read /usr/share/java/hsqldbutil1.8.0-1.8.0.10+dfsg.jar -file read /usr/share/java/dense64-0.28.jar -file read /usr/share/java/BoofCV-xuggler-0.21.jar -file read /usr/share/java/BoofCV-learning-0.21.jar -file read /usr/share/java/BoofCV-sfm-0.21-sources.jar -file read /usr/share/java/zip4j_1.3.2.jar -file read /usr/share/java/ddogleg-0.8-SNAPSHOT.jar -file read /usr/share/java/BoofCV-openkinect-0.21.jar -file read /usr/share/java/dense64-0.29.jar -file read /usr/share/java/juh-4.3.3.jar -file read /usr/share/java/jl1.0.1.jar -file read /usr/share/java/BoofCV-jcodec-0.21.jar -file read /usr/share/java/BoofCV-ip-0.21-sources.jar -file read /usr/share/java/GeoRegression-experimental-0.9.jar -file read /usr/share/java/GeoRegression-georegression-0.9.jar -file read /usr/share/java/java-json.jar -file read /usr/share/java/ddogleg-0.9.jar -file read /usr/share/java/xstream-1.4.7.jar -file read /usr/share/java/BoofCV-geo-0.21.jar -file read /usr/share/java/java_uno.jar -file read /usr/share/java/BoofCV-calibration-0.21.jar -file read /usr/share/java/javac.jar -file read /usr/share/java/BoofCV-recognition-0.21.jar -file read /usr/share/java/checker.jar -file read /usr/share/java/BoofCV-feature-0.21-sources.jar -file read /usr/share/java/BoofCV-openkinect-0.21-sources.jar -file read /usr/share/java/equation-0.29.jar -file read /usr/share/java/simple-0.28.jar -file read /usr/share/java/BoofCV-learning-0.21-sources.jar -file read /usr/share/java/equation-0.28.jar -file read /usr/share/java/BoofCV-calibration-0.21-sources.jar -file read /home/iotuser/iot2/iotjava/iotruntime/slave/IoTSlave.class -file read /home/iotuser/iot2/iotjava/iotruntime/IoTSlave.config -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/libnet.so -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/net.properties +file read /usr/share/java/\*.jar +file read /home/iotuser/iot2/iotjava/iotruntime/slave/\*.class +file read /home/iotuser/iot2/iotjava/iotruntime/\*.config network inet stream connect ::ffff: -file read /home/iotuser/iot2/iotjava/iotruntime/master/RuntimeOutput.class -file read /home/iotuser/iot2/iotjava/iotruntime/messages/MessageSendFile.class -file read /home/iotuser/iot2/iotjava/iotruntime/messages/Message.class -file read /home/iotuser/iot2/iotjava/iotruntime/messages/IoTCommCode.class -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/security/java.security -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/jsse.jar +file read /home/iotuser/iot2/iotjava/iotruntime/master/\*.class +file read /home/iotuser/iot2/iotjava/iotruntime/messages/\*.class file read /dev/random file read /dev/urandom -file read /home/iotuser/iot2/iotjava/iotruntime/slave/IoTSlave$3.class -file read /home/iotuser/iot2/iotjava/iotruntime/messages/MessageSimple.class file create /home/iotuser/iot2/iotjava/iotruntime/SmartLightsController.jar 0666 file read/write /home/iotuser/iot2/iotjava/iotruntime/SmartLightsController.jar -file read /home/iotuser/iot2/iotjava/iotruntime/messages/MessageCreateMainObject.class -file read /home/iotuser/iot2/iotjava/SmartLightsController/SmartLightsController.class -file read /home/iotuser/iot2/iotjava/iotruntime/messages/MessageCreateSetRelation.class -file read /home/iotuser/iot2/iotjava/iotruntime/slave/ISet.class -file read /home/iotuser/iot2/iotjava/iotruntime/messages/MessageGetObject.class -file read /home/iotuser/iot2/iotjava/SmartLightsController/CameraSmart_Stub.class -file read /home/iotuser/iot2/iotjava/SmartLightsController/CameraSmart_Stub$1.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMIComm.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMICommClient.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMIComm$1.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMIComm$2.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMICommClient$1.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMIUtil.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMITypes.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTSocketClient.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTSocket.class -network inet stream connect ::ffff:192.168.2.191 54819 -network inet stream connect ::ffff:192.168.2.191 10563 +file read /home/iotuser/iot2/iotjava/SmartLightsController/\*.class +file read /home/iotuser/iot2/iotjava/iotrmi/Java/\*.class file ioctl socket:[family=10:type=1:protocol=6] 0x541B -network inet stream connect ::ffff:192.168.2.108 56450 -network inet stream connect ::ffff:192.168.2.108 30935 -file read /home/iotuser/iot2/iotjava/iotruntime/slave/IoTSet.class -file read /home/iotuser/iot2/iotjava/iotruntime/slave/IoTRelation.class -file read /home/iotuser/iot2/iotjava/SmartLightsController/RoomSmart_Stub.class -network inet stream connect ::ffff:192.168.2.191 22599 -network inet stream connect ::ffff:192.168.2.191 21891 -network inet stream connect ::ffff:192.168.2.108 39783 -network inet stream connect ::ffff:192.168.2.108 36375 -file read /home/iotuser/iot2/iotjava/iotruntime/slave/IRelation.class -file read /home/iotuser/iot2/iotjava/SmartLightsController/LightBulbSmart_Stub.class -network inet stream connect ::ffff:192.168.2.191 22255 -network inet stream connect ::ffff:192.168.2.191 12654 -network inet stream connect ::ffff:192.168.2.108 56613 -network inet stream connect ::ffff:192.168.2.108 42828 -file read /home/iotuser/iot2/iotjava/iotruntime/slave/IoTSlave$2.class -file read /home/iotuser/iot2/iotjava/SmartLightsController/ColorTemperature.class -file read /home/iotuser/iot2/iotjava/SmartLightsController/MotionDetection.class -file read /home/iotuser/iot2/iotjava/SmartLightsController/MotionDetection$1.class -file read /home/iotuser/iot2/iotjava/SmartLightsController/MotionDetection$2.class -file read /home/iotuser/iot2/iotjava/SmartLightsController/CameraCallback_Skeleton.class -file read /home/iotuser/iot2/iotjava/iotrmi/Java/IoTRMICommServer.class -file read /home/iotuser/iot2/iotjava/SmartLightsController/CameraCallback_Skeleton$1.class -file read /home/iotuser/iot2/iotjava/SmartLightsController/CameraCallback_Skeleton$2.class file read /etc/timezone -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/tzdb.dat -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/charsets.jar -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/libawt.so -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/libawt_headless.so file read /usr/share/locale/en_GB/LC_MESSAGES/libc.mo -file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/libnio.so file create /tmp/imageio\*.tmp 0600 file read/write/unlink /tmp/imageio\*.tmp file read/write /tmp/imageio\*.tmp - -- 2.34.1