test

Trusted Solaris Installation and Configuration

Modifications to Optional Custom JumpStart

Use the Trusted Solaris information that follows to modify the procedures in "Using Optional Custom JumpStart Features" in Solaris 8 Advanced Installation Guide.

Modifications to Begin and Finish Scripts

Use the Trusted Solaris information in the following table to modify the procedures in "Creating Begin Scripts" in Solaris 8 Advanced Installation Guide and "Creating Finish Scripts" in Solaris 8 Advanced Installation Guide.

Table 9-7 Modified JumpStart Script Procedures

Solaris Procedure 

Trusted Solaris Modification 

Create a begin or finish script 

Scripts are handled by the admin role at label ADMIN_LOW using the Admin Editor action.
 

The scripts must be profile shell scripts, such as pfsh or pfksh. See the pfexec(1) man page.

Trusted Solaris Script Examples

Begin and finish scripts in the Trusted Solaris environment are edited by an administrative role, and run in a profile shell. See the pfexec(1) man page for information on profile shells.

Reboot the Workstation with a Finish Script

    Add the last line in the example finish script to every finish script you create.


    #!/bin/pfsh
/usr/sbin/reboot

Add label_encodings File with a Finish Script
Note -

Use the Trusted Solaris information that follows to modify the procedure in "To Add Files With a Finish Script" in Solaris 8 Advanced Installation Guide.

    For example, if you are using a custom JumpStart diskette to install Trusted Solaris software, place a copy of the site's label_encodings file into the JumpStart directory on the diskette.

    The following finish script copies the file from the JumpStart directory into a workstation's /etc/security/tsol directory during a custom JumpStart installation:


    #!/bin/pfsh
cp ${SI_CONFIG_DIR}/ label_encodings  /a/etc/security/tsol

Set the Root Password With a Finish Script
Note -

Use the Trusted Solaris information that follows to modify the procedures in "Setting the System's Root Password With a Finish Script" in Solaris 8 Advanced Installation Guide.

    As admin at label ADMIN_LOW, set the variable PASSWD to an encrypted root password obtained from an existing entry in a workstation's /etc/shadow file.

Caution - Caution -

If you set your root password by using a finish script, be sure to safeguard against those who will try to discover the root password from the encrypted password in the finish script.