JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Trusted Extensions Configuration and Administration     Oracle Solaris 11.1 Information Library
search filter icon
search icon

Document Information


Part I Initial Configuration of Trusted Extensions

1.  Security Planning for Trusted Extensions

2.  Configuration Roadmap for Trusted Extensions

3.  Adding the Trusted Extensions Feature to Oracle Solaris (Tasks)

4.  Configuring Trusted Extensions (Tasks)

5.  Configuring LDAP for Trusted Extensions (Tasks)

Part II Administration of Trusted Extensions

6.  Trusted Extensions Administration Concepts

7.  Trusted Extensions Administration Tools

8.  Security Requirements on a Trusted Extensions System (Overview)

9.  Performing Common Tasks in Trusted Extensions

10.  Users, Rights, and Roles in Trusted Extensions (Overview)

11.  Managing Users, Rights, and Roles in Trusted Extensions (Tasks)

12.  Remote Administration in Trusted Extensions (Tasks)

13.  Managing Zones in Trusted Extensions

Zones in Trusted Extensions

Zones and IP Addresses in Trusted Extensions

Zones and Multilevel Ports

Zones and ICMP in Trusted Extensions

Global Zone Processes and Labeled Zones

Primary and Secondary Labeled Zones

Zone Administration Utilities in Trusted Extensions

Managing Zones (Task Map)

How to Display Ready or Running Zones

How to Display the Labels of Mounted Files

How to Loopback Mount a File That Is Usually Not Visible in a Labeled Zone

How to Disable the Mounting of Lower-Level Files

How to Share a ZFS Dataset From a Labeled Zone

How to Enable Files to Be Relabeled From a Labeled Zone

14.  Managing and Mounting Files in Trusted Extensions

15.  Trusted Networking (Overview)

16.  Managing Networks in Trusted Extensions (Tasks)

17.  Trusted Extensions and LDAP (Overview)

18.  Multilevel Mail in Trusted Extensions (Overview)

19.  Managing Labeled Printing (Tasks)

20.  Devices in Trusted Extensions (Overview)

21.  Managing Devices for Trusted Extensions (Tasks)

22.  Trusted Extensions Auditing (Overview)

23.  Software Management in Trusted Extensions

A.  Site Security Policy

Creating and Managing a Security Policy

Site Security Policy and Trusted Extensions

Computer Security Recommendations

Physical Security Recommendations

Personnel Security Recommendations

Common Security Violations

Additional Security References

B.  Configuration Checklist for Trusted Extensions

Checklist for Configuring Trusted Extensions

C.  Quick Reference to Trusted Extensions Administration

Administrative Interfaces in Trusted Extensions

Oracle Solaris Interfaces Extended by Trusted Extensions

Tighter Security Defaults in Trusted Extensions

Limited Options in Trusted Extensions

D.  List of Trusted Extensions Man Pages

Trusted Extensions Man Pages in Alphabetical Order

Oracle Solaris Man Pages That Are Modified by Trusted Extensions



Primary and Secondary Labeled Zones

The first zone that you create at a specific label is a primary labeled zone. Its label is unique. You can create no other primary zone at that label.

A secondary zone is a zone at the label of a primary zone. With a secondary zone, you can isolate services in separate zones at the same label. Those services can share network resources such as name servers, printers, and databases without the use of privilege. You can have multiple secondary zones at the same label.

Specifically, secondary zones differ from primary zones in the following ways:

For any label, there can be at most one primary labeled zone and an arbitrary number of secondary labeled zones. The global zone remains an exception. It is the only zone that can be assigned the ADMIN_LOW label and therefore cannot have a secondary zone. To create a secondary zone, see How to Create a Secondary Labeled Zone and the zenity(1) man page.