test

Trusted Solaris Installation and Configuration

How to Assign a Remote Host Template

The trusted network remote host database, tnrhdb(4), enables this host to communicate with remote hosts. The man page describes the format of the tnrhdb, and suggests how to minimize the number of entries required.

To Assign a Template to a Host

  1. At the label ADMIN_LOW, in an administrative role, initially the root role, invoke the Solaris Management Console from the Application Manager.

    If you are unfamiliar with accessing the Solaris Management Console, see "To Initialize the SMC Server". Note that the SMC must be initialized before use.

  2. Click this_host: Scope=Files, Policy=TSOL under Trusted Solaris Management Console in the Navigation pane.

    Note -

    If toolbox icons display as red stop signs, the toolboxes will not load. To load them, do Step 4.

  3. Click Trusted Solaris Configuration, then Computers and Networks, then double-click Security Families.

    The remote host templates display in the View pane.

  4. Double-click the tsol security family.

  5. Choose Add Host(s) from the Action menu.

  6. In the Add Host(s) dialog, click Add Wildcard to assign this template to all hosts on your Trusted Solaris 8 subnet.

    1. Enter the subnet IP address and choose the template name.

      For example, enter 129.150.110.0 and tsol. The final zero signifies a subnet address; all hosts on that subnet are recognized as tsol hosts.

      Note -

      Note that the zero (0) is the wildcard. Do not use a star (*).

    2. Click OK.

  7. Choose Add Host(s) from the Action menu and click Add Host in the Add Host(s) dialog to enter any exceptions to the subnet template assigment. Click OK to end the entry.

    For example, enter 129.150.110.3 and unlab_user_label. This host on the subnet is an unlabeled host, an exception to the tsol wildcard entry.

  8. Choose Add Host(s) from the Action menu and click Add Host to enter the IP address of every host in your /etc/defaultrouter or /etc/tsolgateways file, and assign to each an appropriate template name. Click OK to end each entry.

  9. Enter the details of other subnets and hosts.

    1. Enter the wildcard designation of each subnet and choose its appropriate template by choosing Add Host(s) -- Choose Wildcard.

    2. Individually assign a different template to any host that is an exception to its subnet's assigned template by choosing Add Host(s) -- Choose Host.

      Use the details provided by your system administrator, then choose the appropriate template name from the menu. See Table 1-3 for host types and their associated templates provided by Trusted Solaris software.

  10. Open a terminal and reload and verify the updated tnrhdb database.


    # tnctl -H /etc/security/tsol/tnrhdb
# tninfo -h

  11. Return to the procedure and chapter you are working from.