Solaris Trusted Extensions Administrator's Procedures

Preface

The Solaris Trusted Extensions Administrator's Procedures guide provides procedures for enabling and initially configuring SolarisTM Trusted Extensions on the Solaris Operating System. This guide also provides procedures for managing users, zones, devices, and hosts that are labeled with Solaris Trusted Extensions software.


Note –

This Solaris release supports systems that use the SPARC® and x86 families of processor architectures. The supported systems appear in the Solaris OS: Hardware Compatibility Lists. This document cites any implementation differences between the platform types.

In this document these x86 related terms mean the following:

For supported systems, see the Solaris OS: Hardware Compatibility Lists.


Who Should Use This Guide

This guide is for knowledgeable system administrators and security administrators who are configuring and administering Trusted Extensions software. The level of trust that is required by your site security policy, and your level of expertise, determines who can perform the configuration tasks.

Administrators should be familiar with Solaris administration. In addition, administrators should understand the following:

Trusted Extensions and the Solaris Operating System

Trusted Extensions runs on top of the Solaris Operating System (Solaris OS). Because Trusted Extensions software can modify the Solaris OS, Trusted Extensions can require specific settings for Solaris installation options. Part I of this guide describes how to prepare the Solaris OS for Trusted Extensions, how to enable Trusted Extensions, and how to initially configure the software. Part II of this guide describes how to administer the uniquely Trusted Extensions features of the system.

How the Solaris Trusted Extensions Guides Are Organized

The Solaris Trusted Extensions documentation set consists of the following guides.

Title of Guide 

Topics 

Audience 

Solaris Trusted Extensions User’s Guide

Describes the basic features of Solaris Trusted Extensions. This book contains a glossary. 

End users, administrators, developers 

Solaris Trusted Extensions Administrator’s Procedures

For this release, Part I describes how to prepare for, enable, and initially configure Trusted Extensions. Part I replaces Solaris Trusted Extensions Installation and Configuration.

Part II describes how to administer a Trusted Extensions system. This guide contains a glossary. 

Administrators, developers 

Solaris Trusted Extensions Developer’s Guide

Describes how to develop applications with Solaris Trusted Extensions. 

Developers, administrators 

Solaris Trusted Extensions Label Administration

Provides information about how to specify label components in the label encodings file. 

Administrators 

Compartmented Mode Workstation Labeling: Encodings Format

Describes the syntax used in the label encodings file. The syntax enforces the various rules for well-formed labels for a system. 

Administrators 

Related Books From Sun Microsystems

The following guides contain information that is useful when you prepare for and run Solaris Trusted Extensions software.

Solaris Express Installation Guide: Planning for Installation and Upgrade – Provides guidance on installing the Solaris OS

Solaris Express Installation Guide: Custom JumpStart and Advanced Installations – Provides guidance on installation methods and configuration options

Book Title 

Topics 

System Administration Guide: Basic Administration

User accounts and groups, server and client support, shutting down and booting a system, managing services, and managing software (packages and patches) 

System Administration Guide: Advanced Administration

Terminals and modems, system resources (disk quotas, accounting, and crontabs), system processes, and troubleshooting Solaris software problems 

System Administration Guide: Devices and File Systems

Removable media, disks and devices, file systems, and backing up and restoring data 

System Administration Guide: IP Services

TCP/IP network administration, IPv4 and IPv6 address administration, DHCP, IPsec, IKE, Solaris IP filter, Mobile IP, IP network multipathing (IPMP), and IPQoS 

System Administration Guide: Network Interfaces and Network Virtualization

Networking stack, NIC driver property configuration, network interface configuration, administration of VLANs and link aggregations, configuring WiFi wireless networking. 

System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP)

DNS, NIS, and LDAP naming and directory services, including transitioning from NIS to LDAP and transitioning from NIS+ to LDAP 

System Administration Guide: Network Services

Web cache servers, time-related services, network file systems (NFS and Autofs), mail, SLP, and PPP 

System Administration Guide: Security Services

Auditing, device management, file security, BART, Kerberos services, PAM, Solaris Cryptographic Framework, privileges, RBAC, SASL, and Solaris Secure Shell 

System Administration Guide: Virtualization Using the Solaris Operating System

Resource management features, which enable you to control how applications use available system resources; zones software partitioning technology, which virtualizes operating system services to create an isolated environment for running applications; and virtualization using SunTM xVM hypervisor technology, which supports multiple operating system instances simultaneously

Solaris CIFS Administration Guide

Solaris CIFS service, which enables you to configure a Solaris system to make CIFS shares available to CIFS clients; and native identity mapping services, which enables you to map user and group identities between Solaris systems and Windows systems 

Solaris ZFS Administration Guide

ZFS storage pool and file system creation and management, snapshots, clones, backups, using access control lists (ACLs) to protect ZFS files, using ZFS on a Solaris system with zones installed, emulated volumes, and troubleshooting and data recovery 

System Administration Guide: Solaris Printing

Solaris printing topics and tasks, using services, tools, protocols, and technologies to set up and administer printing services and printers 

Books From Elsewhere

Your site security policy document – Describes the security policy and security procedures at your site

The administrator guide for your currently installed operating system – Describes how to back up system files

Related Third-Party Web Site References

Third-party URLs are referenced in this document and provide additional, related information.


Note –

Sun is not responsible for the availability of third-party web sites that are mentioned in this document. Sun does not endorse and is not responsible or liable for any content, advertising, products, or other materials that are available on or through such sites or resources. Sun will not be responsible or liable for any actual or alleged damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any such content, goods, or services that are available on or through such sites or resources.


Documentation, Support, and Training

The Sun web site provides information about the following additional resources:

Typographic Conventions

The following table describes the typographic conventions that are used in this book.

Table P–1 Typographic Conventions

Typeface 

Meaning 

Example 

AaBbCc123

The names of commands, files, and directories, and onscreen computer output 

Edit your .login file.

Use ls -a to list all files.

machine_name% you have mail.

AaBbCc123

What you type, contrasted with onscreen computer output 

machine_name% su

Password:

aabbcc123

Placeholder: replace with a real name or value 

The command to remove a file is rm filename.

AaBbCc123

Book titles, new terms, and terms to be emphasized 

Read Chapter 6 in the User's Guide.

A cache is a copy that is stored locally.

Do not save the file.

Note: Some emphasized items appear bold online.

Shell Prompts in Command Examples

The following table shows the default UNIX® system prompt and superuser prompt for shells that are included in the Solaris OS. Note that the default system prompt that is displayed in command examples varies, depending on the Solaris release.

Table P–2 Shell Prompts

Shell 

Prompt 

Bash shell, Korn shell, and Bourne shell 

$

Bash shell, Korn shell, and Bourne shell for superuser 

#

C shell 

machine_name%

C shell for superuser 

machine_name#