Additional Steps to Set up Software Installation

To install from a CD-ROM, users who can assume administrative roles must be present. The secadmin role gives all allowed privileges to the CD-ROM device and modifies profiles where necessary. The admin role allocates the device, changes the permissions on the parent of the mount point, and installs the software.

Give Mounted Media All Allowed Privileges

1. Log in as a user who can assume the secadmin role and assume it.

2. Open the Admin Editor from the System_Admin folder.

3. Assign all allowed privileges to mounted removable media in the /etc/rmmount.conf file, as in:

   mount * hsfs udfs ufs -o nosuid allowed=all

4. Write the file with :wq! and exit the editor.

Modify Permissions of Mount Point Parent

In the admin role, after allocating the CD-ROM, a File Manager will pop up showing the mount point of the CD-ROM. If it does not appear, bring up a File Manager from the Front Panel.

For Trusted Solaris software, the mount point should be /cdrom/admin-cdrom_0/trusted_sol_8_sparc or /cdrom/admin-cdrom_0/trusted_sol_8_ia.

1. In the File Manager, highlight /cdrom/admin-cdrom_0, the parent of the mount point.

2. From the Selected menu, choose Properties.

   Note that the directory, named CD-ROM_FOLDER, has mode 700, so it is not searchable. The following steps will fix that.

3. Click the Show Access Control List button, then Add ...

4. Highlight the Mask entry and click Change.

5. Change the Mask to Read and Execute, and click Change.

6. Click Add..., and enter root in the User field, giving it Read and Execute.

7. Click Add, then click OK to exit the dialog.

8. Leave the File Manager up, available for the installation setup commands.

Load Trusted Solaris Images from CDs

1. In the File Manager, open the Tools folder, one of /cdrom/admin-cdrom_0/trusted_sol_8_sparc/Trusted_Solaris_8/Tools or /cdrom/admin-cdrom_0/trusted_sol_8_ia/Trusted_Solaris_8/Tools.

2. From the File menu select Open Terminal.

3. Still in the admin role, transfer the files from the first CD to the install server by typing

   $ ./setup_install_server /export/install/ts8_{sparc,ia}

   ---

   Note -

   Do not double-click on this tool because the command must be started in a profile shell, not the shell defined in the File Manager.

   ---

   By default, the Software Installation profile contains the exact pathname for this command, assuming that the role name is called "admin". This profile must be modified if a different mount point is used. To modify a profile, see "How to Modify a Role's Rights".

4. When the pound sign (#) prompt displays, deallocate the CD.

5. Insert the second CD and allocate it.

6. For the second CD, still in the admin role, repeat Step 1 through Step 8.

7. In the File Manager, open the Tools folder on the second CD, one of /cdrom/admin-cdrom_0/trusted_sol_8_sparc/Solaris_8/Tools or /cdrom/admin-cdrom_0/trusted_sol_8_ia/Solaris_8/Tools.

8. From the File menu select Open Terminal.

9. Transfer the files from the second CD to the install server by typing

   $ ./add_to_install_server /export/install/ts8_{sparc,ia}

   ---

   Note -

   Do not double-click on this tool because the command must be started in a profile shell, not the shell defined in the File Manager.

   ---

Set up the Network Install Server for Installation Clients

To complete client installation, editing files and executing commands must be done in the admin role. Follow the instructions for Solaris network installation setup, using the following procedures when needed.

1. To share the server's network install directories so that they are available to the clients, in the admin role at label ADMIN_LOW, do the following:

   1. Run the Share Filesystems action from the System_Admin folder in the Application Manager.

      The Share Filesystems action opens the /etc/dfs/dfstab file.

   2. Enter the network install directory, and any relevant options.

      For example,

      ---

         share -F nfs -o ro,anon=0 -d "netinstall dir" /export/ts8_sparc_install

      ---

   3. Write the file and quit the editor.

   4. Open a terminal to run the share(1M) command to share the file systems.

      For example,

      $ share /export/ts8_sparc_install $ share /jumpstart

   5. Verify that the directories are shared by running the showmount command:

      $ showmount -e export list for install_server: /export/ts8_sparc_install /jumpstart

   6. If it returns the following error: showmount: server: RPC: Program not registered, start the nfs.server daemon, and verify the directories are shared.

      $ /etc/init.d/nfs.server stop $ /etc/init.d/nfs.server start $ showmount -e export list for install_server: /export/ts8_sparc_install /jumpstart

2. To modify or create files in the /etc directory, use the Admin Editor from the System_Admin folder in the Application Manager in order to give the file the correct security attributes.

   See "To Create or Open a File from the Trusted Editor" for how to create or modify a file using the Admin Editor. For example, to create an empty ethers file, do the following:

   1. In the admin role in an ADMIN_LOW workspace, invoke the Admin Editor.

   2. Enter the full path to the file, /etc/ethers.

   3. Once the editor is open, type :wq to save the empty file.

3. Run the Name Service Switch action from the System_Admin folder.

4. Run the Admin Editor action, and enter /etc/nsswitch.conf as the file to edit.

5. Change the ethers, netmasks, and bootparams entries in the file to read as follows:

      ethers: files nisplus dns
   netmasks: files nisplus dns
   bootparams: files nisplus dns

   ---

   Note -

   After adding clients to the network install server, reboot the server before attempting to install the clients over the network.

   ---