Solaris Trusted Extensions Administrator's Procedures

Solaris Man Pages That Are Modified by Trusted Extensions

Solaris Trusted Extensions adds information to the following Solaris man pages.

Solaris Man Page: Trusted Extensions Modification
allocate(1): Adds options to support allocating a device in a zone and cleaning the device in a windowed environment
auditconfig(1M): Adds the window policy for labeled information
audit_class(4): Adds X server audit classes
audit_event(4): Adds audit events
auditreduce(1M): Adds a label selector
auth_attr(4): Adds label authorizations
automount(1M): Adds the capability to mount, and therefore view, lower-level home directories
cancel(1): Adds label restrictions to a user's ability to cancel a print job
deallocate(1): Adds options to support deallocating a device in a zone, cleaning the device in a windowed environment, and specifying the type of device to deallocate
device_clean(5): Is invoked by default in Trusted Extensions
getpflags(2): Recognizes the NET_MAC_AWARE and NET_MAC_AWARE_INHERIT process flags
getsockopt(3SOCKET): Gets the mandatory access control status, SO_MAC_EXEMPT, of the socket
getsockopt(3XNET): Gets the mandatory access control status, SO_MAC_EXEMPT, of the socket
ifconfig(1M): Adds the all-zones interface
ikeadm(1M): Adds a debug flag for labeled IKE processes
ike.config(4): Adds the label_aware global parameter and three Phase 1 transform keywords, single_label, multi_label, and wire_label
in.iked(1M): Supports the negotiation of labeled security associations through multilevel UDP ports 500 and 4500 in the global zone
ipseckey(1M): Adds three extensions: label, outer-label, and implicit-label
is_system_labeled(3C): Determines whether the system is configured with Trusted Extensions
ldaplist(1): Adds Trusted Extensions network databases
list_devices(1): Adds attributes, such as labels, that are associated with a device
lp(1): Adds the -nolabels option
lpadmin(1M): Adds label restrictions to the administrator's ability to administer printing
lpmove(1M): Adds label restrictions to the administrator's ability to move a print job
lpq(1B): Adds label restrictions to the display of print queue information
lprm(1B): Adds label restrictions to the caller's ability to remove print requests
lpsched(1M): Adds label restrictions to the administrator's ability to stop and restart the print service
lpstat(1): Adds label restrictions to the display of the print service status
netstat(1M): Adds the -R option to display extended security attributes
pf_key(7P): Adds labels to IPsec security associations (SAs)
privileges(5): Adds Trusted Extensions privileges, such as PRIV_FILE_DOWNGRADE_SL
prof_attr(4): Adds rights profiles, such as Object Label Management
route(1M): Adds the -secattr option to add extended security attributes to a route
setpflags(2): Sets the NET_MAC_AWARE per-process flag
setsockopt(3SOCKET): Sets the SO_MAC_EXEMPT option
setsockopt(3XNET): Sets the mandatory access control, SO_MAC_EXEMPT, on the socket
smrole(1M): Adds options to support a role's label
smuser(1M): Adds options to support a user's label and other security attributes, such as permitted idle time
socket.h(3HEAD): Supports the SO_MAC_EXEMPT option for unlabeled peers
tar(1): Adds including labels in tar files and extracting files according to label
tar.h(3HEAD): Adds attribute types that are used in labeled tar files
ucred_getlabel(3C): Adds getting the label value on a user credential
user_attr(4): Adds user security attributes that are specific to Trusted Extensions