1. Trusted Extensions Administration Concepts
2. Trusted Extensions Administration Tools
3. Getting Started as a Trusted Extensions Administrator (Tasks)
4. Security Requirements on a Trusted Extensions System (Overview)
5. Administering Security Requirements in Trusted Extensions (Tasks)
6. Users, Rights, and Roles in Trusted Extensions (Overview)
7. Managing Users, Rights, and Roles in Trusted Extensions (Tasks)
Customizing the User Environment for Security (Task Map)
How to Modify Default User Label Attributes
How to Modify policy.conf Defaults
How to Configure Startup Files for Users in Trusted Extensions
Managing Users and Rights With the Solaris Management Console (Task Map)
How to Modify a User's Label Range in the Solaris Management Console
How to Create a Rights Profile for Convenient Authorizations
How to Restrict a User's Set of Privileges
How to Prevent Account Locking for Users
How to Enable a User to Change the Security Level of Data
How to Delete a User Account From a Trusted Extensions System
Handling Other Tasks in the Solaris Management Console (Task Map)
8. Remote Administration in Trusted Extensions (Tasks)
9. Trusted Extensions and LDAP (Overview)
10. Managing Zones in Trusted Extensions (Tasks)
11. Managing and Mounting Files in Trusted Extensions (Tasks)
12. Trusted Networking (Overview)
13. Managing Networks in Trusted Extensions (Tasks)
14. Multilevel Mail in Trusted Extensions (Overview)
15. Managing Labeled Printing (Tasks)
16. Devices in Trusted Extensions (Overview)
17. Managing Devices for Trusted Extensions (Tasks)
18. Trusted Extensions Auditing (Overview)
19. Software Management in Trusted Extensions (Tasks)
A. Quick Reference to Trusted Extensions Administration
The following task map describes common tasks that you can perform when customizing a system for all users, or when customizing an individual user's account.
|
You can modify the default user label attributes during the configuration of the first system. The changes must be copied to every Trusted Extensions host.
You must be in the Security Administrator role in the global zone. For details, see How to Enter the Global Zone in Trusted Extensions.
For the defaults, see label_encodings File Defaults.
Use the trusted editor. For details, see How to Edit Administrative Files in Trusted Extensions. In Trusted CDE, you can also use the Edit Label Encodings action. For details, see How to Start CDE Administrative Actions in Trusted Extensions.
The label_encodings file should be the same on all hosts.
Changing the policy.conf defaults in Trusted Extensions is similar to changing any security-relevant system file in the Oracle Solaris OS. In Trusted Extensions, you use a trusted editor to modify system files.
You must be in the Security Administrator role in the global zone. For details, see How to Enter the Global Zone in Trusted Extensions.
For Trusted Extensions keywords, see Table 6-1.
Use the trusted editor to edit the system file. For details, see How to Edit Administrative Files in Trusted Extensions.
Example 7-1 Changing the System's Idle Settings
In this example, the security administrator wants idle systems to return to the login screen. The default locks an idle system. Therefore, the Security Administrator role adds the IDLECMD keyword=value pair to the /etc/security/policy.conf file as follows:
IDLECMD=LOGOUT
The administrator also wants systems to be idle a shorter amount of time before logout. Therefore, the Security Administrator role adds the IDLETIME keyword=value pair to the policy.conf file as follows:
IDLETIME=10
The system now logs out the user after the system is idle for 10 minutes.
Example 7-2 Modifying Every User's Basic Privilege Set
In this example, the security administrator of a Sun Ray installation does not want regular users to view the processes of other Sun Ray users. Therefore, on every system that is configured with Trusted Extensions, the administrator removes proc_info from the basic set of privileges. The PRIV_DEFAULT setting in the /etc/policy.conf file is modified as follows:
PRIV_DEFAULT=basic,!proc_info
Example 7-3 Assigning Printing-Related Authorizations to All Users of a System
In this example, the security administrator enables a public kiosk computer to print without labels by typing the following in the computer's /etc/security/policy.conf file. At the next boot, print jobs by all users of this kiosk print without page labels.
AUTHS_GRANTED= solaris.print.unlabeled
Then, the administrator decides to save paper by removing banner and trailer pages. She first ensures that the Always Print Banners checkbox in the Print Manager is not selected. She then modifies the policy.conf entry to read the following and reboots. Now, all print jobs are unlabeled, and have no banner or trailer pages.
AUTHS_GRANTED= solaris.print.unlabeled,solaris.print.nobanner
Users can put a .copy_files file and .link_files file into their home directory at the label that corresponds to their minimum sensitivity label. Users can also modify the existing .copy_files and .link_files files at the users' minimum label. This procedure is for the administrator role to automate the setup for a site.
You must be in the System Administrator role in the global zone. For details, see How to Enter the Global Zone in Trusted Extensions.
You are going to add .copy_files and .link_files to your list of startup files.
# cd /etc/skel # touch .copy_files .link_files
For details, see How to Edit Administrative Files in Trusted Extensions.
/etc/skel/.copy_files
Use .copy_files and .link_files Files for ideas. For sample files, see Example 7-4.
For a discussion of what to include in startup files, see Customizing a User’s Work Environment in System Administration Guide: Basic Administration.
For details, see How to Customize User Initialization Files in System Administration Guide: Basic Administration.
For an example, see Example 7-4.
The P indicates the Profile shell.
The X indicates the letter that begins the shell's name, such as B for Bourne, K for Korn, C for a C shell, and P for Profile shell.
Example 7-4 Customizing Startup Files for Users
In this example, the security administrator configures files for every user's home directory. The files are in place before any user logs in. The files are at the user's minimum label. At this site, the users' default shell is the C shell.
The security administrator creates a .copy_files and a .link_files file in the trusted editor with the following contents:
## .copy_files for regular users ## Copy these files to my home directory in every zone .mailrc .mozilla .soffice :wq
## .link_files for regular users with C shells ## Link these files to my home directory in every zone .cshrc .login .Xdefaults .Xdefaults-hostname :wq
## .link_files for regular users with Korn shells # Link these files to my home directory in every zone .ksh .profile .Xdefaults .Xdefaults-hostname :wq
In the shell initialization files, the administrator ensures that the users' print jobs go to a labeled printer.
## .cshrc file setenv PRINTER conf-printer1 setenv LPDEST conf-printer1
## .ksh file export PRINTER conf-printer1 export LPDEST conf-printer1
The administrator modifies the .Xdefaults-home-directory-server file to force the dtterm command to source the .profile file for a new terminal.
## Xdefaults-HDserver Dtterm*LoginShell: true
The customized files are copied to the appropriate skeleton directory.
$ cp .copy_files .link_files .cshrc .login .profile \ .mailrc .Xdefaults .Xdefaults-home-directory-server \ /etc/skelC $ cp .copy_files .link_files .ksh .profile \ .mailrc .Xdefaults .Xdefaults-home-directory-server \ /etc/skelK
If you create a .copy_files files at your lowest label, then log in to a higher zone to run the updatehome command and the command fails with an access error, try the following:
Verify that from the higher-level zone you can view the lower-level directory.
higher-level zone# ls /zone/lower-level-zone/home/username ACCESS ERROR: there are no files under that directory
If you cannot view the directory, then restart the automount service in the higher-level zone:
higher-level zone# svcadm restart autofs
Unless you are using NFS mounts for home directories, the automounter in the higher-level zone should be loopback mounting from /zone/lower-level-zone/export/home/username to /zone/lower-level-zone/home/username.
In Trusted Extensions, the Selection Manager mediates transfers of information between labels. The Selection Manager appears for drag-and-drop operations, and for cut-and-paste operations. Some applications require that you set a suitable timeout so that the Selection Manager has time to intervene. A value of two minutes is sufficient.
Caution - Do not change the default timeout value on an unlabeled system. The operations fail with the longer timeout value. |
You must be in the System Administrator role in the global zone. For details, see How to Enter the Global Zone in Trusted Extensions.
where office-install-directory is the StarOffice installation directory, for example:
office-top-dir/share/registry/data/org/staroffice
Use the trusted editor. For details, see How to Edit Administrative Files in Trusted Extensions.
The default value is three seconds. A value of 120 sets the timeout to two minutes.
Note - As an alternative, you could have each user change the selection timeout property value.
Most Sun Java Desktop System applications use the GTK library. Web browsers such as Mozilla, Firefox, and Thunderbird use the GTK library.
By default, the selection timeout value is 300, or five seconds. A value of 7200 sets the timeout to two minutes.
Name the file .gtkrc-mine. The .gtkrc-mine file belongs in the user's home directory at the minimum label.
## $HOME/.gtkrc-mine file *gtk-selection-timeout: 7200
As in the Oracle Solaris OS, the gnome-settings-daemon reads this file on startup.
For details, see How to Configure Startup Files for Users in Trusted Extensions.
In Trusted Extensions, failsafe login is protected. If a regular user has customized shell initialization files and now cannot log in, you can use failsafe login to fix the user's files.
You must know the root password.
You can now debug the user's initialization files.