How to Specify Default and Inverse Words (Solaris Trusted Extensions Label Administration)

Solaris Trusted Extensions Label Administration

How to Specify Default and Inverse Words

Before You Begin

You must be in the Security Administrator role in the global zone.

Edit the label_encodings file.

Use the Edit Encodings action. For details, see How to Create a label_encodings File.

Specify initial compartments.

In the CLASSIFICATIONS section, specify compartments as part of the classification definition.

CLASSIFICATIONS:
name= PUBLIC;  sname= P;  value= 1;
name= WEB COMPANY;  sname= WEBCO;  value= 2; initial compartments= 4-5 ;

Specify a default word.

Assign an initial compartment bit to the word.

name= DIVISION ONLY;  sname= DO;  minclass=  IUO; compartments= 4-5;
name= WEBC AMERICA;  sname= WEBCA; minclass= IUO; compartments= 4;
name= WEBC WORLD;  sname= WEBCW; minclass= IUO; compartments= 5;

Specify an inverse word.

Inverse words are created by preceding an initial compartment with a tilde (~).

name= DIVISION ONLY;  sname= DO;  minclass=  IUO; compartments= 4-5;
name= WEBC AMERICA;  sname= WEBCA; minclass= IUO; compartments= ~4;
name= WEBC WORLD;  sname= WEBCW; minclass= IUO; compartments= ~5;

Save your changes.

Troubleshooting

For any compartment bits that are not reserved for later assignment, you need to assign a word to the bit in the following sections:

SENSITIVITY LABELS: WORDS:
INFORMATION LABELS: WORDS:
COMPARTMENTS: WORDS: