To Modify the label_encodings (4) File

Modifying the label_encodings file can safely be done at the time the host is installed. If a need arises where an operational file needs to be changed, proceed with caution. Review the caveats described in the label_encodings(4) file.

1. Assume the security administrator role in an ADMIN_LOW workspace.

2. Open a new or existing version of the label_encodings file.

   1. If creating a new version of the label_encodings file, use any text editor to create the file or use the Edit Encodings action.

      The Edit Encodings action both edits and runs chk_encodings(1M) on the file.

      ---

      Note -

      If creating a new file from scratch, make sure to include all the sections shown in "Label Encodings File Template" or copy and modify the example in Appendix A, Example: Label Encodings File.

      ---

      ---

      Note -

      chk_encodings(1M) can be entered on the command line with the -a option to analyze and report on relationships between labels.

      ---

   2. When a new version is ready to install, use the Check Encodings action to open and check the file.

      The Check Encodings action runs chk_encodings(1M) on the specified file, and if the file passes the check, the action asks whether you want to overwrite the currently-installed label_encodings file. If the answer is yes, the action creates a backup copy (naming it label_encodings.orig), and overwrites the installed version.

      ---

      Note -

      By default, both the security administrator and root roles have the Check Encodings action. The root role uses the action to install the label_encodings file when configuring the system after installation.

      ---

   3. If you are installing a new label_encodings, answer affirmatively when prompted.

      Do you want to install this label_encodings file?

3. Restart the Window Manager from the Workspace Menu to initialize the new encodings file.

4. On a distributed system of Trusted Solaris hosts, distribute a copy of the label_encodings file from the NIS+ master to the /etc/security/tsol directory on all hosts in the system.

   See "To Copy the label_encodings File to a Floppy Disk" for how to copy the file to a floppy disk for manual distribution of the modified file. See "Distributing Changed Configuration Files to Hosts Across the Network " in "Miscellaneous Tasks and Procedures" in Trusted Solaris Administrator's Procedures for how to use the rdist(1) command distribute a file that is modified after the system is operational.