|Skip Navigation Links|
|Exit Print View|
|Trusted Extensions Configuration Guide Oracle Solaris 10 8/11 Information Library|
You do not have to create a zone for every label in your label_encodings file, but you can. The tnzonecfg database enumerates the labels that can have zones created for them on this system.
Tip - Give the zone a similar name to the zone's label. For example, the name of a zone whose label is CONFIDENTIAL : INTERNAL USE ONLY would be internal.
For example, the default label_encodings file contains the following labels:
PUBLIC CONFIDENTIAL: INTERNAL USE ONLY CONFIDENTIAL: NEED TO KNOW CONFIDENTIAL: RESTRICTED SANDBOX: PLAYGROUND MAX LABEL
Although you could run the Configure Zone action six times to create one zone per label, consider creating the following zones:
On a system for all users, create one zone for the PUBLIC label and three zones for the CONFIDENTIAL labels.
On a system for developers, create a zone for the SANDBOX: PLAYGROUND label. Because SANDBOX: PLAYGROUND is defined as a disjoint label for developers, only systems that developers use need a zone for this label.
Do not create a zone for the MAX LABEL label, which is defined to be a clearance.
The tools in the Solaris Management Console are designed to prevent user error. These tools check for syntax errors and automatically run commands in the correct order to update databases.
# /usr/sbin/smc &
Provide a password when prompted.
The dialog box displays the name of a zone that does not have an assigned label.
If you click the wrong label, click the label again to deselect it, then click the correct label.
Click OK in the Label Builder, then click OK in the Trusted Network Zones Properties dialog box.
You are finished when every zone that you want is listed in the panel, or the Add Zone Configuration menu item opens a dialog box that does not have a value for Zone Name.
Check that the zone network configuration file does not already exist. Look in the panel for the name.
If the file does not exist, run the Configure Zone action to supply the zone name. Then, repeat Step 5 to create the file.