Setting Up Labels

The default label_encodings file is useful for demos, but it is not a good choice for use by a customer site. However, if you plan to use it, you can skip this step.

The Trusted Solaris label_encodings(4) file has been checked and is installed. Note that it must be compatible with any Trusted Solaris host with which you are communicating.

If you are familiar with label encodings files, you can use the following procedure. However, if you are not familiar with label encodings files, consult Trusted Solaris Label Administration for requirements, procedures, and examples.

You can edit the placeholder label_encodings(4) file that the Trusted Solaris installation program installed, or install your own. The security administrator is responsible for editing, checking, and maintaining the label_encodings file.

You must successfully install labels before continuing or the installation will fail.

Create an Admin_High Workspace

The label_encodings file is protected at the label ADMIN_HIGH. For security, you copy, edit, check and install your label encodings file at ADMIN_HIGH.

1. Click the right menu button over the root workspace switch to bring up the TP menu, and select Add Workspace.

   A second workspace, named root_1, is created and active.

2. Click the right menu button over the root_1 workspace switch, and choose Change Workspace Label from the menu.

3. Click the ADMIN_HIGH label in the Label Builder and click OK.

   The color of the workspace switch changes to the color associated with the label ADMIN_HIGH. Actions, terminals, commands and windows originating from this workspace run at the label ADMIN_HIGH.

Allocate the Appropriate Device

1. In the ADMIN_HIGH workspace, click the left mouse button on the triangle above the Style Manager icon on the Front Panel.

   Its Tools subpanel includes the Device Allocation icon.

   

2. Click the Device Allocation icon once.

3. Double-click the device you want to allocate.

   floppy_0 indicates a diskette.

4. Click Yes to mount the device.

   A File Manager pops up showing the mount point. If it does not pop up, open a File Manager from the Front Panel, navigate to /, and double-click floppy.

Check and Install Your Label Encodings File

1. If you plan to tweak the label encodings file, make sure that the file itself is writable.

2. In the ADMIN_HIGH workspace, open the Application Manager by clicking the right mouse button on the background to bring up the Workspace menu.

3. Choose Applications -> Application Manager from the top of the menu.

4. Double-click the System_Admin folder icon --

   

5. Check the syntax of the new label encodings file by double-clicking the Check Encodings action.

   You can ignore any Trash Can Error dialog error messages.

6. In the dialog box, enter the full path name to the file:

   /floppy/floppy0/label-encodings-filename

7. Read the contents of the Check Encodings dialog box that is displayed.

   The chk_encodings(1M) command checks the syntax of the file.

8. If the file passes the check, answer yes to overwrite the currently-installed label_encodings file.

   The Check Encodings action creates a backup copy (naming it label_encodings.orig), installs the checked version, then restarts the label daemon.

   CONTINUE

   Only if it reports no errors can you continue installing.

   RESOLVE ERRORS

   If it reports errors, they must be resolved before continuing with installation.

   Consult "Creating or Editing the Encodings File" in Trusted Solaris Label Administration for troubleshooting assistance.

   ---

   Caution -

   Your label encodings file must pass the Check Encodings test before you continue.

   ---

Deallocate the Device

1. In the workspace where the Device Allocation action is displayed, double-click the device to be deallocated from the list of allocated devices.

2. Remove the diskette and click OK in the Deallocation dialog box.

3. Return to root's ADMIN_LOW workspace by clicking the root workspace switch.