JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Trusted Extensions Developer's Guide     Oracle Solaris 11.1 Information Library
search filter icon
search icon

Document Information


1.  Trusted Extensions APIs and Security Policy

2.  Labels and Clearances

3.  Label Code Examples

4.  Interprocess Communications

5.  Trusted X Window System

6.  Label Builder GUI

tgnome-selectlabel Utility

Adding the Label Builder GUI to an Administration Application

Using the Label Builder GUI in the txzonemgr Command

7.  Trusted Web Guard Prototype

8.  Experimental Java Bindings for the Solaris Trusted Extensions Label APIs

A.  Programmer's Reference

B.  Trusted Extensions API Reference


tgnome-selectlabel Utility

The tgnome-selectlabel utility enables you to create a label builder GUI with which you can specify label information. You must specify both the minimum label and the maximum label when you use the utility to create a label builder GUI.

tgnome-selectlabel -n min-label -x max-label [-a yes|no ] [-d label-string] \
[-f internal|human] [-h] [-i "window-title"] [-m clearance|sensitivity] \
[-t "operation-description"]

The clearance and sensitivity label information that is used by the label builder GUI is specified in the label_encodings file.

The tgnome-selectlabel utility supports the following options:

-a yes|no

Enables accreditation checking, which determines whether the label is well formed and if it is within the accreditation range for the labeled zone, user, or resource. The default value is no.

You generally use the accreditation check to assign a label to a user, and not to assign a label to a zone or a template. Labels such as admin_low and admin_high, and any labels explicitly stated as not valid in the label_encodings file, are not valid when accreditation checking is enabled.

-d label-string

Specifies the label to select by default in the label builder GUI. This label must be within the label range bounded by the specified minimum and maximum labels. The default value is TRUSTED PATH.

-f internal|human

Specifies whether to use the internal or human-readable label format. The internal label format is a hexadecimal representation of the label, which is safe for storing in a public directory. The human-readable label format is formed according to the rules in the label_encodings file and is suitable for user interfaces. The default value is internal.

-i window-title

Specifies an optional window title for the label builder that you create. The default value is Label Selector.


Shows the tgnome-selectlabel usage statement.

-m clearance|sensitivity

Specifies whether to use clearance mode or sensitivity mode. Clearances correspond to the CLEARANCES section in the label_encodings file. The words used in the clearances might have different spellings or prefixes. Some labels might be valid as clearances but not as sensitivity labels. When you assign labels to users, the minimum label must be specified as a sensitivity label, and the user's clearance must be specified as a clearance. You must specify a sensitivity label for zones. The default value is sensitivity.

-n min-label

Specifies the minimum label. You must specify the minimum label.

-t operation-description

Specifies a text description of the operation to be performed. The default value is Select a Label.

-x max-label

Specifies the maximum label. You must specify the maximum label.

The following table shows both the short and long option formats. When you use the long option format, you must use an equal sign between the option name and the specified value. For example, --format=internal uses the internal label format.

Short Option Form
Long Option Form
Short Option Form
Long Option Form