test

Trusted Solaris Installation and Configuration

Trusted Solaris Modifications to Network Installation

Trusted Solaris software modifies network installation commands and procedures that require greater security. For example, the Volume Manager adds a mounting-user directory when mounting devices in the Trusted Solaris environment.

Table 9-1 Solaris and Trusted Solaris Installation and Configuration Differences

Solaris Software  

Trusted Solaris Software 

You can log in as root. 

There is no superuser. You log in as a user who can assume the root role, or as a user who can assume the admin or secadmin role, depending on the task. Then, assume the role to perform the task. 

Processes and files do not have a label. 

All processes and files are labeled. Commands and actions are run at a particular label. Most administrative tasks are run at the label ADMIN_LOW.

Administrators can often use a command line interface, even if a corresponding GUI equivalent exists. 

Many administrative commands are run from a GUI, which calls checking and synchronizing functions. 

Administrators can run an administrative command from a CD-ROM or diskette. 

Commands that are on a diskette or CD-ROM, or are accessible from an NFS mount, may need to be added to the admin role's profile before they can be run. 

Allows you to use a CD-ROM or diskette without allocating it. 

Requires you to allocate a peripheral device at a particular label before its use. Before removing the medium, you must deallocate it. 

Modifications to Network Installation Commands

The following commands and actions are used when installing Solaris software or Trusted Solaris software over a network, and their use is modified in the Trusted Solaris environment. The following listing describes the additional procedures or security requirements. Commands that do not require a change in procedure are not listed. See the "Preparing to Install Solaris Software Over the Network" in Solaris 8 Advanced Installation Guide for the installation procedures themselves.

Table 9-2 Modified Network Commands

Network Command or GUI 

Trusted Solaris Modification in its Use 

setup_install_server(1M)

You must be in the admin role, at label ADMIN_LOW, in a terminal where the command is in a profile assigned to the admin role.

If the admin role does not have this /pathname/ command in its assigned profiles, the secadmin role, at label ADMIN_LOW, must add it to the Custom Admin Role profile.

For the procedure, see "How to Modify a Role's Rights".

add_install_client(1M)

The requirements for this command to succeed are the same as the requirements for those for setup_install_server.

add_to_install_server(1M)

The requirements for this command to succeed are the same as those for setup_install_server.

rm_install_client(1M)

The requirements for this command to succeed are the same as those for setup_install_server.

mount(1M)

The admin role, at label ADMIN_LOW, runs this command.

If you are mounting a CD-ROM or diskette on an installed workstation, the admin role must allocate the device at a particular label, usually ADMIN_LOW. When the medium is removed, the device must be deallocated.

Host Manager 

A graphical user interface that is available from the Solaris Management Console action. You can use Host Manager to specify client information for network installation. This GUI is not available in the Solaris release. 

Modifications to Network Installation Procedures

The following procedures are slightly different in the Trusted Solaris environment. The admin role installs software at the label ADMIN_LOW; the secadmin role modifies files connected with security.

Table 9-3 Modified Network Installation Procedures

Installation Procedure 

Trusted Solaris Modification 

Create an install server 

Users who can assume the roles admin and secadmin should be present.

Give mounted media all allowed privileges. 

The secadmin role modifies the rmmount.conf file. See "Give Mounted Media All Allowed Privileges" for the procedure.

Allocate CD-ROM 

The admin role allocates the CD-ROM drive. See "To Allocate a Device" if you are unsure of the steps. See "Modify Permissions of Mount Point Parent" for additional steps for network install preparation.

Deallocate CD-ROM 

The admin role deallocates the drive and removes the CD-ROM. See "To Deallocate a Device" if you are unsure of the steps.

Add a command to a role's profile 

The secadmin role adds a command to a profile when, for example, the command is not located in the expected directory. See "How to Modify a Role's Rights" for this procedure.

Verify that a command is available to a role 

The role that needs the command, at the appropriate label (usually ADMIN_LOW), verifies that a command that the security administrator has added to the role's profile is available to the role.

For the full procedure, see "To Verify That a Command is Available to a Role". See Example 9-1 at the end of this table for a sample verification command.

Remove a command from a role's profile 

The secadmin role removes the command from the role's profile. This is a security measure, so that the command will not be used at an inappropriate time. 

For the procedure, see "To Remove a Command from a Role's Rights".

Add client information with the add_install_client command 

The admin role, on the install server launches the Name Service Switch action. 

Ensure that the value of ethers and bootparams is files nisplus, as in:

ethers: 			files nisplus dns
netmasks: 			files nisplus dns
bootparams: files nisplus dns

Remove client information with the rm_install_client command 

The admin role, on the install server, executes the rm_install_client command.

Reboot the install server 

If you are unfamiliar with rebooting a Trusted Solaris workstation, see "To Reboot the Workstation".

Example 9-1 Admin Role Verifying that a Command is Available

If the commands add_install_client and rm_install_client are in the admin role's profile, the profiles(1) command should display something like the following for a disk image:


$ profiles -l | grep install_client
/export/install/ts8_sparc/add_install_client: 4,5,6,10,11,12,17,30,32,33,35,36,39,52,55,57,61,68,69
/export/install/ts8_sparc/rm_install_client:  4,5,6,10,11,12,17,30,32,33,35,36,39,52,55,57,61,68,69

Additional Steps to Set up Software Installation

To install from a CD-ROM, users who can assume administrative roles must be present. The secadmin role gives all allowed privileges to the CD-ROM device and modifies profiles where necessary. The admin role allocates the device, changes the permissions on the parent of the mount point, and installs the software.

Give Mounted Media All Allowed Privileges

  1. Log in as a user who can assume the secadmin role and assume it.

  2. Open the Admin Editor from the System_Admin folder.

  3. Assign all allowed privileges to mounted removable media in the /etc/rmmount.conf file, as in:


    mount * hsfs udfs ufs -o nosuid allowed=all

  4. Write the file with :wq! and exit the editor.

Modify Permissions of Mount Point Parent

In the admin role, after allocating the CD-ROM, a File Manager will pop up showing the mount point of the CD-ROM. If it does not appear, bring up a File Manager from the Front Panel.

For Trusted Solaris software, the mount point should be /cdrom/admin-cdrom_0/trusted_sol_8_sparc or /cdrom/admin-cdrom_0/trusted_sol_8_ia.

  1. In the File Manager, highlight /cdrom/admin-cdrom_0, the parent of the mount point.

  2. From the Selected menu, choose Properties.

    Note that the directory, named CD-ROM_FOLDER, has mode 700, so it is not searchable. The following steps will fix that.

  3. Click the Show Access Control List button, then Add ...

  4. Highlight the Mask entry and click Change.

  5. Change the Mask to Read and Execute, and click Change.

  6. Click Add..., and enter root in the User field, giving it Read and Execute.

  7. Click Add, then click OK to exit the dialog.

  8. Leave the File Manager up, available for the installation setup commands.

Load Trusted Solaris Images from CDs

  1. In the File Manager, open the Tools folder, one of /cdrom/admin-cdrom_0/trusted_sol_8_sparc/Trusted_Solaris_8/Tools or /cdrom/admin-cdrom_0/trusted_sol_8_ia/Trusted_Solaris_8/Tools.

  2. From the File menu select Open Terminal.

  3. Still in the admin role, transfer the files from the first CD to the install server by typing


    $ ./setup_install_server /export/install/ts8_{sparc,ia}

    Note -

    Do not double-click on this tool because the command must be started in a profile shell, not the shell defined in the File Manager.

    By default, the Software Installation profile contains the exact pathname for this command, assuming that the role name is called "admin". This profile must be modified if a different mount point is used. To modify a profile, see "How to Modify a Role's Rights".

  4. When the pound sign (#) prompt displays, deallocate the CD.

  5. Insert the second CD and allocate it.

  6. For the second CD, still in the admin role, repeat Step 1 through Step 8.

  7. In the File Manager, open the Tools folder on the second CD, one of /cdrom/admin-cdrom_0/trusted_sol_8_sparc/Solaris_8/Tools or /cdrom/admin-cdrom_0/trusted_sol_8_ia/Solaris_8/Tools.

  8. From the File menu select Open Terminal.

  9. Transfer the files from the second CD to the install server by typing


    $ ./add_to_install_server /export/install/ts8_{sparc,ia}

    Note -

    Do not double-click on this tool because the command must be started in a profile shell, not the shell defined in the File Manager.

Set up the Network Install Server for Installation Clients

To complete client installation, editing files and executing commands must be done in the admin role. Follow the instructions for Solaris network installation setup, using the following procedures when needed.

  1. To share the server's network install directories so that they are available to the clients, in the admin role at label ADMIN_LOW, do the following:

    1. Run the Share Filesystems action from the System_Admin folder in the Application Manager.

      The Share Filesystems action opens the /etc/dfs/dfstab file.

    2. Enter the network install directory, and any relevant options.

      For example, 

         share -F nfs -o ro,anon=0 -d "netinstall dir" /export/ts8_sparc_install

    3. Write the file and quit the editor.

    4. Open a terminal to run the share(1M) command to share the file systems.

      For example,


      $ share /export/ts8_sparc_install
$ share /jumpstart

    5. Verify that the directories are shared by running the showmount command: 


      $ showmount -e
export list for install_server:
/export/ts8_sparc_install
/jumpstart

    6. If it returns the following error: showmount: server: RPC: Program not registered, start the nfs.server daemon, and verify the directories are shared. 


      $ /etc/init.d/nfs.server stop
$ /etc/init.d/nfs.server start
$ showmount -e
export list for install_server:
/export/ts8_sparc_install
/jumpstart

  2. To modify or create files in the /etc directory, use the Admin Editor from the System_Admin folder in the Application Manager in order to give the file the correct security attributes.

    See "To Create or Open a File from the Trusted Editor" for how to create or modify a file using the Admin Editor. For example, to create an empty ethers file, do the following:

    1. In the admin role in an ADMIN_LOW workspace, invoke the Admin Editor.

    2. Enter the full path to the file, /etc/ethers.

    3. Once the editor is open, type :wq to save the empty file.

  3. Run the Name Service Switch action from the System_Admin folder.

  4. Run the Admin Editor action, and enter /etc/nsswitch.conf as the file to edit.

  5. Change the ethers, netmasks, and bootparams entries in the file to read as follows: 

       ethers: files nisplus dns
netmasks: files nisplus dns
bootparams: files nisplus dns

    Note -

    After adding clients to the network install server, reboot the server before attempting to install the clients over the network.