If you are configuring a site that satisfies criteria for an evaluated configuration, read "Understand Your Site's Security Policy".
The secadmin role handles auditing and security attributes on file systems.
To configure or to disable auditing, see Trusted Solaris Audit Administration.
To ensure that every workstation and user is audited identically, in the root role at label ADMIN_LOW
, copy the name service master's /etc/security/audit* configuration files to each workstation (see "Copy Configuration Files from the Master")
. Modify the dir: entries as described in Trusted Solaris Audit Administration.
To set security attributes on an unlabeled file system, enter the file system in the vfstab_adjunct(4) file.
The admin role handles file system management, and user account creation and deletion.
To share a file system, see "How to Share a File System".
To mount a file system, see "How to Mount a File System".
To delete the install user, see "How to Delete a Local User" if you have not deleted a local user in the Trusted Solaris environment before.