Chapter 5 Customizing LOCAL DEFINITIONS
This chapter describes how to customize the LOCAL DEFINITIONS section of the label_encodings file. This chapter includes the following topics:
LOCAL DEFINITIONS Section
Sun provides additional keywords that are not defined in the government-furnished Compartmented Mode Workstation Labeling: Encodings Format. The Sun keyword extensions are in a LOCAL DEFINITIONS section.
*
* Local site definitions and locally configurable options.
*
LOCAL DEFINITIONS:
Classification Name= Classification;
Compartments Name= Sensitivity;
Default User Sensitivity Label= PUB;
Default User Clearance= CNF NEED TO KNOW;
COLOR NAMES:
label= Admin_Low; color= #bdbdbd;
label= PUB; color= blue violet;
label= SBX PLAYGROUND; color= yellow;
label= CNF; color= navy blue;
label= CNF : INTERNAL USE ONLY; color= blue;
label= CNF : NEED TO KNOW; color= #00bfff;
label= CNF : RESTRICTED; color= #87ceff;
label= Admin_High; color= #636363;
*
* End of local site definitions
*
|
Contents of LOCAL DEFINITIONS Section
The Security Administrator role can do the following in the LOCAL DEFINITIONS section:
-
Specify a user clearance and user minimum label that is different from the definitions in the ACCREDITATION RANGE: section.
For the procedure, see How to Specify Default User Labels.
-
Specify the names for column headers in label builder dialog boxes. The column headers indicate classifications and compartments.
For the procedure, see How to Name Column Headers in Label Builders.
-
Specify which colors are assigned to labels.
Color definitions are optional. However, assigning colors to labels is highly recommended.
For the procedure, see How to Assign a Color to a Label or Word.
For more details on the extensions to the label encodings keywords that Trusted Extensions provides, see the label_encodings(4) man page.
Changing Column Headers on Label Builders
The following figure shows the column headers Classification and Category in the label builder that is displayed by the Solaris Management Console.
Figure 5–1 Column Headers on Label Builder
To change the column headers, see How to Name Column Headers in Label Builders.
Specifying Colors for Labels
In the LOCAL DEFINITIONS section, the COLOR NAMES keyword is followed by zero or more color assignments. If no color is defined for a classification in the COLOR NAMES section of the label_encodings file, the color black is used. The default color values are shown in the following excerpt.
COLOR NAMES:
label= Admin_Low; color= #bdbdbd;
label= PUB; color= blue violet;
label= SBX PLAYGROUND; color= yellow;
label= CNF; color= navy blue;
label= CNF : INTERNAL USE ONLY; color= blue;
label= CNF : NEED TO KNOW; color= #00bfff;
label= CNF : RESTRICTED; color= #87ceff;
label= Admin_High; color= #636363;
|
Colors are assigned to labels and to words within labels with the following syntax:
label= label-name; color= color-name; word= label-name; color= color-name; |
The value of color-name can be either a text color name or a hexadecimal color value. The color is associated with a word or a label. The color that is assigned to a label's component displays as a background color whenever a label includes the specified label components. The windows software computes a complementary color for the lettering.
For an introduction to color values, see Color Values. A full discussion of how to specify color is outside the scope of this guide. For more information, see the X11(5) man page in the /usr/openwin/share/man directory. For a fuller description, see “Color Specification” in the O`Reilly and Associates, Inc. XWindows Systems User's Guide (Vol. III), ISBN number 0-937175-29-3.
Color is assigned to a label's components according to the ordering rules that are described in the following section. For a desktop example of color use, see Figure 5–2. The PUBLIC, INTERNAL, and NTK_SALES workspace buttons are colored differently from each other and from standard workspace buttons.
Figure 5–2 Window Labels With Colors from COLOR NAMES
Order of Color Specification
The color that is used for any label is determined according to the following rules.
-
If a label contains a compartment word that has one or more colors specified, then the color value associated with the first word= value is used.
-
If a label contains none of the compartment words that are associated with colors, and an exact match exists for the label name, then the specified label color is used.
-
If there is no exact match for the label name, then the color that is associated with the first specified label= value for the classification of the label is used.
-
If the classification has no assigned color, then the color that is assigned to the first label that contains the same classification is used.
Example 5–1 Colors Assigned According to Ordering Rules
In this example, a system has the following color definitions:
label= u; color= green label= c; color= blue label= S; color= red; word= B; color= orange; label= TS; color= yellow; label= TS SA; color= khaki; |
The rules result in the following color display:
-
The label TS A displays with a yellow background, because yellow is the color assigned to the TS classification. Rule 3.
-
Any label with the C classification displays with the color blue, unless the label also contains the word B. Rule 2.
-
A label with the C B classification displays with the color orange, because word B is orange. Rule 1.
-
Any label with the U classification always displays with the color green. In the encodings file, word B cannot appear with the classification U. Rule 2.
Example 5–2 Color Assigned to a Label With No Assigned Color
This example illustrates rule 4. The label TS displays the color khaki, because TS SA is the only label that includes the TS classification. TS SA is defined to display the color khaki.
label= u; color= green
label= c; color= blue
label= S; color= red;
word= B; color= orange;
label= TS SA; color= khaki;
|
Color Values
The /usr/openwin/lib/rgb.txt database translates color names into red, green, blue values. You can refer to the rgb.txt file for color names to use for your site's labels. You can also use hexadecimal color values.
Briefly, here are a few high-level points about color values:
-
Color values specify the amount of red, green, and blue (RGB) that compose the color.
-
RGB values can be specified with three hexadecimal numbers from 0 to FF. Each hexadecimal number indicates the amount of red, green, or blue in the color.
For example, pure red is #FF0000, pure green is #00FF00, pure blue is #0000FF, pure white is #FFFFFF, and pure black is #000000. For more information, see the X11(5) man page in the /usr/openwin/share/man directory.
-
The number of colors that are available on the screen depends on several factors:
-
Amount of memory available for specifying colors
-
Number of color planes
-
How many other clients are using color cells
-
Whether private color maps are being used by other applications
-
For a sample color name planner, see Table 6–8. To assign colors, see How to Assign a Color to a Label or Word.
Modifying Sun Extensions (Task Map)
|
Purpose |
Instructions |
|---|---|
|
Change label and clearance defaults for users | |
|
Specify colors for labels | |
|
Customize label builder headers |
How to Specify Default User Labels
Before You Begin
You must be in the Security Administrator role in the global zone.
-
Edit the label_encodings file.
Use the Edit Encodings action. For details, see How to Create a label_encodings File.
-
Find the line in the LOCAL DEFINITIONS section that begins with Default User Sensitivity Label.
Default User Sensitivity Label= u; Default User Clearance= c;
-
Replace the sensitivity label with your desired minimum user label.
The following example shows a new minimum label of c.
Default User Sensitivity Label= c;
-
Replace the clearance with your desired user clearance.
The following example shows a new clearance of s.
Default User Clearance= s;
How to Assign a Color to a Label or Word
To minimize color-flashing, use color names or hexadecimal color values that you know have been specified for other applications. The default color values have been chosen with memory limitations for color in mind.
Before You Begin
You must be in the Security Administrator role in the global zone.
-
Edit the label_encodings file.
Use the Edit Encodings action. For details, see How to Create a label_encodings File.
-
Find the COLOR NAMES section.
COLOR NAMES: label= Admin_Low; color= #bdbdbd; ... label= Admin_High; color= #636363; -
Define a color for each classification.
In this example, the classification REGISTERED is assigned the color red. The NEED_TO_KNOW SYSADM classification is assigned the color blue.
label= REGISTERED; color= red; label= NEED TO KNOW; color= blue;
-
(Optional) Define colors for individual compartment words.
To distinguish certain compartment words irrespective of the classification with which they are associated, assign a separate color to those words.
-
Determine the possible color names on your system.
The names are defined in a local color database. For more information, see the X11(5) man page in the /usr/openwin/share/man directory.
% grep Red /usr/openwin/lib/X11/rgb.txt ... 255 69 0 OrangeRed 219 112 147 PaleVioletRed ... 139 0 0 DarkRed
-
Assign the color names.
word= EMGT; color= OrangeRed;
-
-
(Optional) Define colors for labels.
In this example, the color MediumPurple4 is assigned to a label.
label= NEED TO KNOW SYSADM; color= MediumPurple4;
How to Name Column Headers in Label Builders
Before You Begin
You must be in the Security Administrator role in the global zone.
-
Edit the label_encodings file.
Use the Edit Encodings action. For details, see How to Create a label_encodings File.
-
Find the “Classification Name” line in the LOCAL DEFINITIONS section.
This line and the following line define the column headers in the label builder.
Classification Name= Classification; Compartments Name= Sensitivity;
-
Assign different names to the column headers.
The following example shows the column headers from label_encodings.simple.
Classification Name= Classification; Compartments Name= Department;
- © 2010, Oracle Corporation and/or its affiliates