Trusted Solaris Installation and Configuration

About This Book

This book is for knowledgeable system administrators and security administrators who are installing the Trusted Solaris^TMoperating environment at networked or non-networked sites. Level of trust required by site security policy and level of expertise will determine who can perform the tasks required to install Trusted Solaris software.

Implement Trusted Solaris in Accordance with Site Security

Successfully installing and configuring Trusted Solaris consistent with site security requires understanding the security features of Trusted Solaris and your site security policy. Before attempting to install Trusted Solaris, read Chapter 1, Overview for the steps to implement your site security when installing and configuring the Trusted Solaris environment at your site.

Read This Book Strategically

If you are installing and configuring a network of workstations, you can choose from several installation methods after installing the first workstation. The installation methods you choose determine what parts of the book you should read. "Install the Trusted Solaris Software." describes the methods.

Note -

This book does not include instructions for setting up computer hardware or peripherals. Setting up hardware and peripherals is described in your hardware guides, such as the Solaris 7 Sun Hardware Platform Guide.

Planning a Secure Installation

Chapter 1, Overview

Common Installation and Configuration Procedures

Chapter 2, Basic Procedures

Installing Trusted Solaris

Chapter 3, Installing a Workstation

Configuring the NIS+ Root Master

Chapter 5, Configuring the NIS+ Root Master

Configuring a Non-Networked Workstation

Chapter 4, Configuring a Workstation without the NIS+ Name Service

Configuring NIS+ Clients

Chapter 6, Configuring a NIS+ Client

Installing NIS+ Clients Over the Network

Chapter 6, Configuring a NIS+ Client, Chapter 3, Installing a Workstation, and Chapter 7, Preparing to Install Trusted Solaris Over a Network

Installing and Configuring NIS+ Clients Using Custom JumpStart

Chapter 8, Preparing Custom JumpStart Installations, Chapter 9, Using Optional Custom JumpStart Features, and Chapter 3, Installing a Workstation

Configuring and Booting Diskless Clients

Chapter 10, Configuring Diskless Clients

Related Books

The following books contain information useful when installing Trusted Solaris software. The Solaris 7 AnswerBook CD and the Trusted Solaris 7 AnswerBook CD are shipped with the product. Solaris 7 books can be accessed from the Solaris 7 AnswerBook CD.

Books from Sun Microsystems

Trusted Solaris 7 Release Notes -- Describes late-breaking news about installing Trusted Solaris software, including known problems.
Solaris Advanced Installation Guide, 805-3408-10 -- Describes interactive installations: network, JumpStart, and custom JumpStart. Contains background information for networked installation.
Solaris 7 Sun Hardware Platform Guide, 805-4456-10 -- Describes hardware supported in the Solaris and Trusted Solaris environments.
Solaris Installation Library, 805-3643-10 and Solaris Installation Library, 805-3644-10 -- Describe new features in the Solaris environment, and includes how to install an AnswerBook2 server for the Solaris environment. See Trusted Solaris Documentation Roadmap for additional AnswerBook2 server setup required for the Trusted Solaris environment.
Solaris Transition Guide, 805-3864-10 -- Describes transition issues including backing up 4.1.x files before installing Solaris software, and restoring files after Solaris software is installed. Applicable to the Trusted Solaris environment.

System Administration Guide, Volume I: Solaris 7 805-3728-10 -- Describes basic administrative tasks in Solaris 7, such as creating and mounting file systems.
System Administration Guide, Volume II: Solaris 7 805-3728-10 -- Describes more advanced administrative tasks in Solaris 7, such as print management.
Solstice AdminSuite 2.3 Administration Guide, 805-3026-10 -- Describes the basic applications that Trusted Solaris uses to administer the network. Trusted Solaris has modified the applications; the modifications are described in Trusted Solaris Administrator's Procedures.

"Planning Your Network" in TCP/IP and Data Communications Administration Guide, 805-4003-10 -- Describes how to set up a network. Required for networked sites only.
NFS Administration Guide, 805-3479-10 -- Describes how to administer a networked file system. Recommended for a network installation.
Solaris Naming Administration Guide, 806-1391-10 -- Describes how to administer a NIS+ network. Required for networked sites.
Solaris Naming Setup and Configuration Guide, 806-1391-10 -- Describes how to set up and configure a NIS+ domain. Required for networked sites.
Trusted Solaris Administrator's Procedures -- Describes administration tasks in the Trusted Solaris environment in detail.
Trusted Solaris Audit Administration -- Describes auditing one or more Trusted Solaris workstations.
Trusted Solaris Label Administration -- Describes labels and includes a copy of Compartmented Mode Workstation Labeling: Encodings Format issued by the U.S. government.

Books from Elsewhere

Your site security policy document

Describes the security policy and security procedures at your site.
Solaris Common Desktop Environment: Advanced User's and System Administrator's Guide

Describes the Common Desktop Environment.
The administrator guide for your currently installed operating system.

Describes how to back up system files.
Automating Solaris® Installations: A Custom JumpStart^TM Guide.

By Paul Anthony Kasper and Alan L. McClellan, published by Prentice Hall (SunSoft Press), 1995. Describes how to set up "hands-off" network installations. ISBN .0-13-312505-X

Ordering Sun Documents

Fatbrain.com, the Internet's most comprehensive professional bookstore, stocks select product documentation from Sun Microsystems, Inc.

For a list of documents and how to order them, visit the Sun Documentation Center on Fatbrain.com at http://www1.fatbrain.com/documentation/sun.

Accessing Sun Documentation Online

The docs.sun.com^SM Web site enables you to access Sun technical documentation online. You can browse the docs.sun.com archive or search for a specific book title or subject. The URL is http://docs.sun.com.

What Typographic Conventions Mean

The following table describes the typographic changes used in this book.

Table P-1 Typographic Conventions


Typeface or Symbol	Meaning	Example
`AaBbCc123`	The names of commands, files, and directories; on-screen computer output	Edit your `.login` file. Use `ls -a` to list all files. `machine_name% you have mail.`
`AaBbCc123`	What you type, contrasted with on-screen computer output	`machine_name%` `su` `Password:`
`AaBbCc123`	Command-line placeholder: replace with a real name or value	To delete a file, type `rm` `filename`.
AaBbCc123	Book titles, new words, or terms, or words to be emphasized.	Read Chapter 6 in User's Guide. These are called class options. You must be root to do this.

Shell Prompts in Command Examples

The following table shows the default system prompt for the C shell, Bourne shell, and Korn shell, and the prompts for administrative roles.

Table P-2 Shell Prompts


Shell	Prompt
C shell prompt	`machine_name%`
secadmin and admin role prompt	`$`
Bourne shell and Korn shell prompt	`$`
root role prompt	`#`