| Skip Navigation Links | |
| Exit Print View | |
|
Oracle Solaris Trusted Extensions Configuration Guide |
1. Security Planning for Trusted Extensions
2. Configuration Roadmap for Trusted Extensions
3. Adding Trusted Extensions Software to the Solaris OS (Tasks)
4. Configuring Trusted Extensions (Tasks)
5. Configuring LDAP for Trusted Extensions (Tasks)
6. Configuring a Headless System With Trusted Extensions (Tasks)
B. Using CDE Actions to Install Zones in Trusted Extensions
Associating Network Interfaces With Zones by Using CDE Actions (Task Map)
Specify Two IP Addresses for the System by Using a CDE Action
Specify One IP Address for the System by Using a CDE Action
Preparing to Create Zones by Using CDE Actions (Task Map)
Specify Zone Names and Zone Labels by Using a CDE Action
Creating Labeled Zones by Using CDE Actions (Task Map)
Install, Initialize, and Boot a Labeled Zone by Using CDE Actions
Resolve Local Zone to Global Zone Routing in Trusted CDE
Use the Copy Zone Method in Trusted Extensions
Use the Clone Zone Method in Trusted Extensions
If you are going to clone zones, this procedure configures a zone to be a template for other zones. In addition, this procedure configures the zone for use.
hostname console login: root Password: Type root password
The status running indicates that at least one process is running in the zone.
# zoneadm list -v ID NAME STATUS PATH 2 public running /
The X server runs in the global zone. Each labeled zone must be able to connect with the global zone to use this service. Therefore, zone networking must work before the zone can be used. For assistance, see Labeled Zone Is Unable to Access the X Server.
If you are copying or cloning this zone, the services that you disable are disabled in the new zones. The services that are online on your system depend on the service manifest for the zone. Use the netservices limited command to turn off services that labeled zones do not need.
# netservices limited
# svcs ... STATE STIME FMRI online 13:05:00 svc:/application/graphical-login/cde-login:default ...
# svcadm disable svc:/application/graphical-login/cde-login # svcs cde-login STATE STIME FMRI disabled 13:06:22 svc:/application/graphical-login/cde-login:default
For information about the service management framework, see the smf(5) man page.
Choose one of the following ways:
Provide the name of the zone.
# zlogin zone-name init 0
For more information, see the zlogin(1) man page.
In the zone-name: Zone Terminal Console, the following message indicates that the zone is shut down:
[ NOTICE: Zone halted]
If you are not copying or cloning this zone, create the remaining zones in the way that you created this first zone.
In a terminal window in the global zone, remove this file from the zone-name zone.
cd /zone/zone-name/root/etc # ls auto_home* auto_home auto_home_zone-name # rm auto_home_zone-name
For example, if the public zone were the basis for cloning other zones, remove its auto_home file:
# cd /zone/public/root/etc # rm auto_home_public
If you are copying a zone, go to Use the Copy Zone Method in Trusted Extensions.
If you are cloning a zone, go to Use the Clone Zone Method in Trusted Extensions.
|