1. Security Planning for Trusted Extensions
2. Configuration Roadmap for Trusted Extensions
3. Adding Trusted Extensions Software to the Solaris OS (Tasks)
4. Configuring Trusted Extensions (Tasks)
5. Configuring LDAP for Trusted Extensions (Tasks)
6. Configuring a Headless System With Trusted Extensions (Tasks)
B. Using CDE Actions to Install Zones in Trusted Extensions
Associating Network Interfaces With Zones by Using CDE Actions (Task Map)
Specify Two IP Addresses for the System by Using a CDE Action
Specify One IP Address for the System by Using a CDE Action
Preparing to Create Zones by Using CDE Actions (Task Map)
Specify Zone Names and Zone Labels by Using a CDE Action
Creating Labeled Zones by Using CDE Actions (Task Map)
Install, Initialize, and Boot a Labeled Zone by Using CDE Actions
Customize a Booted Zone in Trusted Extensions
Use the Copy Zone Method in Trusted Extensions
Use the Clone Zone Method in Trusted Extensions
For every zone to access Trusted CDE, the DISPLAY variable must resolve. In Trusted CDE, to resolve the variable, the nodename of the labeled zone, the nodename of the global zone, and the nodename of an all-zones interface must resolve to the identical name.
You are using Trusted CDE and are manually initializing a labeled zone.
In this configuration, the labeled zones can reach other systems through the X server in the global zone.
## /etc/nodename machine1
## /etc/hosts 192.168.2.3 machine1 loghost
For ToolTalk services to work, the name of the system must be on the same line as loghost.
In this configuration, machine1 is the all-zones interface for Trusted CDE.
## /etc/hostname.bge0 machine1 all-zones
In this configuration, the labeled zones can communicate with the X server on the local system. However, no route exists from the local X server to other systems on the network. The route must use another interface.
## /etc/nodename machine1
Starting with the Solaris 10 10/08 release, lo0 is an all-zones interface. In this case, the file appears similar to the following:
## /etc/hosts 127.0.0.1 localhost machine1 loghost
You can also use the vni0 interface.
For ToolTalk services to work, the name of the system must be on the same line as loghost.
For that procedure, see Adding Network Interfaces and Routing to Labeled Zones.