The following commands are for mounting file systems. Check the Trusted Solaris Summary section of each man page for differences from the Solaris operating environment.
mount(1M) - Requires the sys_mount privilege. Both mandatory and discretionary read access (or overriding privileges) are
required to the mount point and the device being mounted. Depending on the configuration of the vfstab_adjunct file, the process may need some combination of the proc_setsl
and proc_setclr
privileges.
The mount command supports mounts to multilabel directories (MLDs). It has a special option, -S which lets you specify security attributes to be associated with the file system mount (this option requires that you have sufficient clearance for the label specified).
share_nfs(1M) - Provides these options with -S:
dev|nodev - Access to character and block devices is allowed or disallowed. The default is dev.
priv|nopriv - Forced privileges on execution are allowed or disallowed. The default is priv.
Running share_nfs requires the following:
sys_nfs privilege
effective uid 0
process label of [ADMIN_LOW
]
share(1M) - Makes a resource of a specified file system type available for mounting. It requires the sys_nfs privilege.
unshare(1M) - Makes a resource unavailable for mounting. It requires the sys_nfs privilege.
nfsstat(1M) - Displays statistics concerning the NFS and RPC (remote procedure call) interfaces to the kernel. The Trusted Solaris version of the nfsstat command requires that you have the net_config privilege when using the -z option, which reinitializes the statistics.
nfsd(1M) - Handles client file system requests. The Trusted Solaris version of the nfsd command requires the sys_nfs and net_mac_read privileges to run.