How to Set the Label on an Unlabeled File System

The security administrator uses the System_Admin folder to access the /etc/security/tsol/vfstab_adjunct file.

1. Log in as a user who can assume the role secadmin and assume the role.

2. As secadmin, at label admin_low, edit the file /etc/security/tsol/vfstab_adjunct using the Set Mount Attributes action in the System_Admin folder.

3. Copy the template entry, and modify it for the file system to be protected.

   For example, the following example shows a vfstab_adjunct entry for an unlabeled, remote file system, /cpublic, being mounted at the label Confidential ([C]) on a Trusted Solaris 7 network.

   ---

   Example 2-1 vfstab_adjunct Entry for Unlabeled Remote Host

   
   

   #       Modified template.
   #
   /cpublic; \
   acc_acl=; \
   mode=; \
   attr_flg=; \
   gid=; \
   uid=; \
   slabel=C; \
   forced=;
   #

   ---

   Every file in the /cpublic file system will be protected at the label Confidential.

   ---

   Note -

   This example requires the security administrator to have created a new template. See "To Edit the Tnrhtp Database (Example)".

   ---