Trusted Solaris Installation and Configuration

Set Up the Staging Area

  1. As root, create a staging area for files you plan to use to populate the NIS files.

    You can place the staging area wherever you have enough space. Usually a few megabytes is more than enough room to store some files temporarily.


    # mkdir -p /setup/files/security/tsol
    

  2. Copy the sample /etc files into the /setup/files directory of the staging area.

    Most of the files you need already exist on the installed system and have enough data in them to get you started. The following files in the /etc directory are usually not found on a newly installed system: bootparams, ethers, netgroup, netmasks, and timezone. You can create these with an editor, load them from a backup diskette, or merely create empty versions of these files, so that the NIS databases are created all at once. If you choose not to create these files, you can create them later, but the ypinit(1M) command may print out a few warning messages.


    # cd /etc
    # touch bootparams ethers netgroup netmasks timezone
    
    # cp bootparams ethers netgroup netmasks timezone \
    aliases auto_home auto_master group hosts networks \
    protocols publickey rpc services /setup/files
    
    # cd /etc/inet
    # cp ipnodes /setup/files
    

  3. Create empty files in the /setup/files directory of the staging area for files whose contents should not be distributed.


    # cd /setup/files
    # touch passwd shadow user_attr
    

    All entries in the passwd, shadow, and user_attr files on a newly-installed system are users who should be restricted to local access. The name service will create empty databases from the empty files, and will not print spurious warning messages.

  4. Copy the *attr files from the /etc/security directory into the /setup/files/security directory of the staging area.


    # cd /setup/files/security
    # cp /etc/security/*attr /setup/files/security
    

  5. Add an empty audit_user file to the /setup/files/security directory and count the files in the directory.


    # pwd
    /setup/files/security
    # touch audit_user
    # ls -F /setup/files | grep -v "/" | wc -l
    4

  6. Copy the tnrhdb and tnrhtp files from the /etc/security/tsol directory into the /setup/files/security/tsol directory of the staging area. List and count the files.


    # cd /setup/files/security/tsol
    # cp /etc/security/tsol/tnrh* .
    # ls ; ls | wc -l
    tnrhdb tnrhtp
           2

  7. Check that a total of 25 files are now in your staging area.

    There are 4 in the security directory, 2 in the tsol directory, and 19 in the files directory.


    # cd /setup/files
    # ls -F /setup/files | grep -v "/" | wc -l
          19

  8. Edit the hosts file in your staging area.

    1. Open the Admin Editor and enter /setup/files/hosts for editing.

      The file already contains the NIS master server (that is, this host's address) and the static routers, if any.

    2. Add every workstation that will be in the Trusted Solaris 8 domain.

      There is no wildcard mechanism here. The IP address of every workstation to be contacted must be in this file.


      Caution - Caution -

      Failure to include a workstation will cause client connection to fail.


    3. Add every other workstation with which the domain can communicate.

    4. Use the :wq! command to write the file and exit the editor.

    There is enough information in your staging area to convert your host to a NIS master.


    Caution - Caution -

    If you have edited any files, you must be very careful to provide all of the information necessary in the correct formats before populating the NIS maps. Failure to do so can result in the inability to further administer or use the system.