Documentation Home
> Trusted Solaris Installation and Configuration
Trusted Solaris Installation and Configuration
Book Information
About This Book
Chapter 1 Security Overview
The Big Picture
Understand the Trusted Solaris Environment
Understand Your Site's Security Policy
Devise an Administration Strategy
Devise a Label Strategy
For International Customers
Plan User Security
Plan Workstation Hardware and Capacity
Plan Your Network
Additional Planning for Open Networks
Plan Auditing
Devise an Installation and Configuration Strategy
Collect Information
Back Up the Workstation
Install the Trusted Solaris Software
Configure the Software
Differences from Solaris 8 Installation and Configuration
Installation Results from an Administrator's Perspective
Chapter 2 Installation Task Maps
Where Do I Go?
Chapter 3 Basic Procedures
How to Log In
How to Assume a Role
How to Launch a Terminal
How to Create an Admin_High Workspace
How to Protect Machine Hardware
How to Allocate and Deallocate a Device
How to Copy to and from a Portable Medium
How to Run Administrative Actions
How To Use System_Admin Actions
How to Use the Solaris Management Console
How to Install a Label Encodings File
How to Set Up Static Routing
To Set Up Simple Static Routing
To Set Up Complex Static Routing
How to Add Hosts
How to Add a Remote Host Template
How to Assign a Remote Host Template
How to Share a File System
How to Mount a File System
How to Create Administrative Roles
To Create a Role
How to Create Users to Assume Roles
To Create a User
How to Verify that Users and Roles Work
How to Delete a Local User
To Delete the install User
How to Modify a Role's Rights
How to End a Session
How to Save and Restore Trusted Solaris Databases
Chapter 4 Installing a Workstation
Install Team Responsibilities
Trusted Solaris Differences from the Solaris 8 Installation Program
Recommendations for the Trusted Solaris Environment
Shutting Down the System to be Installed
Installing a Trusted Solaris System from CD
Boot from CD-ROM
Read Booting Messages
Answer Installation Questions
Enter a root Password
Insert the Second Trusted Solaris 8 CD
Read the Log
Configure the Trusted Solaris System
Troubleshooting
Installing Over the Network
Boot over the Network or with Custom Files
Complete Network and JumpStart Installations
Chapter 5 Configuring a Workstation with No Name Service
Who Does What
Local Files Configuration Tasks
Log In and Launch a Terminal
Protect the Workstation
Check and Install the label_encodings File
Initialize the Solaris Management Console
Set Up Network Files
Set up Static Routing
Set up DNS
Add Hosts
Assign Templates to Remote Hosts
Create Administrative Roles
Create Users to Assume Roles
Reboot the Workstation
Verify That Users and Roles Work
Mount File Systems
Share File Systems
Delete the User install
Chapter 6 Configuring the NIS+ Domain
Who Does What
NIS+ Root Master Configuration Tasks
Log In and Launch a Terminal
Protect the Workstation
Check and Install the label_encodings File
Initialize the Solaris Management Console
Set Up Static Routing (Optional)
Add Remote Hosts
Add and Assign Remote Host Templates
Add an Unlabeled Remote Host Template to the tnrhtp
Assign Templates to Remote Hosts
Summary
Set Up the NIS+ Domain
To Set the Stage
To Set Up NIS+ with Databases from the Staging Area
Set Up the NIS+ SMC Toolbox
Set Up DNS
Reboot the Workstation
Install and Configure the Home Directory Server
Create Roles on the NIS+ Master
Add Roles to the NIS+ Admin Group
Create Users to Assume Roles
Log Out
Verify that Users and Roles Work
Set Up Auditing
To Configure Auditing
Mount File Systems
Share File Systems
Copy Configuration Files for Distribution to Clients
Delete the User install
Chapter 7 Configuring a NIS Network
Who Does What
NIS Configuration Tasks
Log In and Launch a Terminal
Protect the Workstation
Check and Install the label_encodings File
Initialize the Solaris Management Console
Set Up Static Routing (Optional)
Add Remote Hosts
Add and Assign Remote Host Templates
Summary
Set Up the NIS Domain on the Master Server
Set Up the Staging Area
Modify the /yp/Makefile
Create NIS Maps from the Staging Area
Set Up the NIS SMC Toolbox
Set Up DNS
Reboot the Workstation
Install and Configure the Home Directory Server
Create Roles on the NIS Master Server
Create Users to Assume Roles
Log Out
Verify that Users and Roles Work
Set Up Auditing
To Configure Auditing
Mount File Systems
Share File Systems
Copy Configuration Files for Distribution to Clients
Delete the User install
Chapter 8 Configuring a NIS or NIS+ Client
Who Does What
Client Configuration Tasks
Log In and Protect the Workstation
Copy Configuration Files from the Master
To Copy Master Files from Diskette
Copy the Name Service Master's label_encodings File
Initialize the Solaris Management Console
Set Up Static Routing
Add Remote Hosts
Copy the Name Service Master's Tnrhtp Database
Assign Templates to Remote Hosts
Verify Communication with the Name Service Master
Summary
Add the Client to the Name Service Domain
Set Up DNS and the Name Service Switch
Reboot the Workstation
Share Home Directories
Finish Configuring the Workstation
Security Administrator Responsibilities
System Administrator Responsibilities
Chapter 9 Installing Trusted Solaris Over a Network
Trusted Solaris Modifications to Network Installation
Modifications to Network Installation Commands
Modifications to Network Installation Procedures
Additional Steps to Set up Software Installation
Trusted Solaris Modifications to Custom JumpStart
Modifications to Custom JumpStart Procedures
Modifications to Custom JumpStart Profiles
Modifications to Custom JumpStart Rules
Modifications to Optional Custom JumpStart
Modifications to Begin and Finish Scripts
Trusted Solaris Script Examples
Modifications to Creating a Disk Configuration File
Trusted Solaris Differences for a JumpStart Example
Set up the engineering systems for installation
Set up the marketing systems for installation
Appendix A Site Security Policy
Site Security Policy and the Distributed System
Computer Security Recommendations
Physical Security Recommendations
Personnel Security Recommendations
Common Security Violations
Additional Security References
U.S. Government Publications
UNIX Security Publications
General Computer Security Publications
General UNIX Publications
Appendix B Checklists for Configuring and Installing Trusted Solaris
Site Summary Checklist
Background Checklist
Checklist Summaries
Planning Labels
Label Decisions
Planning the Network
Open Network Security Information
Name Service Domain Information
Labels of Communicating Machines
Planning Auditing
Auditing Security Information
Auditing System Information
Planning Workstations
System Information for Each Machine
Security Information for Each Machine
Appendix C Example Worksheets
How to Use the Examples
Root NIS+ Master Installation Program Example
Root NIS+ Master Disk Partitioning Example
Services Provided by Servers Example
Audit Server Installation Program Example
Audit Server Disk Partitioning Example
Audit Server Configuration Worksheet
Glossary
Index
A
B
C
D
E
F
H
I
J
L
M
N
O
P
R
S
T
U
V
W
© 2010, Oracle Corporation and/or its affiliates