How to Check the Syntax of Trusted
Network Databases
The tnchkdb command checks that the syntax of each network database is accurate. The Solaris Management Console runs this command automatically when you use the Security Templates tool or the Trusted Network Zones tool. Typically, you run this command to check the syntax of database files that you are configuring for future use.
Before You Begin
You must be in the global zone in a role that can check network settings. The Security Administrator role and the System Administrator role can check these settings.
-
In a terminal window, run the tnchkdb command.
$ tnchkdb [-h tnrhdb-path] [-t tnrhtp-path] [-z tnzonecfg-path] checking /etc/security/tsol/tnrhtp ... checking /etc/security/tsol/tnrhdb ... checking /etc/security/tsol/tnzonecfg ...
Example 19–15 Testing the Syntax of a Trial Network Database
In this example, the security administrator is testing a network database file for possible use. Initially, the administrator uses the wrong option. The results of the check are printed on the line for the tnrhdb file:
$ tnchkdb -h /opt/secfiles/trial.tnrhtp checking /etc/security/tsol/tnrhtp ... checking /opt/secfiles/trial.tnrhtp ... line 12: Illegal name: min_sl=ADMIN_LOW;max_sl=ADMIN_HIGH line 14: Illegal name: min_sl=ADMIN_LOW;max_sl=ADMIN_HIGH checking /etc/security/tsol/tnzonecfg ... |
When the security administrator checks the file by using the -t option, the command confirms that the syntax of the trial tnrhtp database is accurate:
$ tnchkdb -t /opt/secfiles/trial.tnrhtp checking /opt/secfiles/trial.tnrhtp ... checking /etc/security/tsol/tnrhdb ... checking /etc/security/tsol/tnzonecfg ... |
- © 2010, Oracle Corporation and/or its affiliates