AKARI Documentation

Which version should I use?

TOMOYO Linux 1.x is the original branch of development. This version is implemented as a kernel patch that can be applied to the Linux 2.4/2.6 kernels.

TOMOYO Linux 2.x is the upstreamed branch of development. This version is implemented using a Linux Security Module (LSM) interface that can be applied to the Linux 2.6.30 and later kernels.

AKARI is similar to the TOMOYO Linux 1.x branch. This version is implemented as a loadable kernel module (LKM) using the LSM interface that can be applied to the Linux 2.6.0 and later kernels.

Branch	Advantages	Disadvantages
TOMOYO Linux 1.x	Provides full MAC functionality to all kernel versions.	Need to patch and recompile the kernel unless shipped with distributor's kernels. No support from distributors unless shipped with their kernels.
TOMOYO Linux 2.x	Agreed and approved by the Linux kernel developer's community. No need to recompile the kernel if shipped with distributor's kernels. Support from distributors if shipped with their kernels.	Some MAC functionality in TOMOYO Linux 1.8 is not provided.
AKARI	Provides more MAC functionality than TOMOYO Linux 2.x. No need to recompile the kernel.	Depends on the kernel configuration and CPU architecture. AKARI's behavior is a bit different from TOMOYO Linux 1.8. Some MAC functionality in TOMOYO Linux 1.8 is not provided.

See this chart for detailed comparison between TOMOYO Linux 1.x branch and TOMOYO Linux 2.x branch. See this chart for detailed comparison between AKARI and both the TOMOYO Linux 1.x and 2.x branches.

Use the 2.x branch if your priority is to use TOMOYO Linux without modifying the kernel, and you do not require any of the missing features. Although this branch is already integrated into the upstream Linux kernel, some distributions may not set certain kernel configuration options that TOMOYO Linux depends on. In this case, you may still need to compile your own kernel.

Use the 1.x branch if your priority is to obtain the most out of TOMOYO Linux and the MAC functionality available. Although this branch requires the kernel to be patched and recompiled, binary packages for the 1.x branch are provided for some distributions.

Use AKARI if your priority is to obtain the most out of TOMOYO Linux and the MAC functionality available, but without recompiling the kernel. This may hopefully allow you to receive support from your distribution for kernel problems unrelated to AKARI.

Documentation for AKARI:

AKARI Documentation

Documentation for 2.x branch:

2.5.x Documentation (Linux 3.2 and later) (Backport patch for Linux 2.6.33 to 3.1 is available.)
2.4.x Documentation (Linux 3.1) (Backport patch for Linux 2.6.33 to 3.0 is available.)
2.3.x Documentation (Linux 2.6.36 to 3.0)
2.2.x Documentation (Linux 2.6.30 to 2.6.35)

Documentation for 1.x branch:

1.8.x Documentation (current)
1.7.x Documentation (old)