Use the Trusted Solaris information that follows to modify the procedures in "Using Optional Custom JumpStart Features" in Solaris 8 Advanced Installation Guide.
Use this information to modify the procedures in "Creating Begin Scripts" in Solaris 8 Advanced Installation Guide and "Creating Finish Scripts" in Solaris 8 Advanced Installation Guide.
In the admin role at label ADMIN_LOW
, create and modify scripts using the Admin Editor action.
Make sure that the scripts invoke a profile shell, such as pfsh or pfksh.
See the pfexec(1) man page.
The following procedures expand on and modify procedures in "To Add Files With a Finish Script" in Solaris 8 Advanced Installation Guide.
The first line in the script must invoke a profile shell.
#!/bin/pfsh ... |
The last line in the finish script reboots the computer.
#!/bin/pfsh ... /usr/sbin/reboot |
In the admin role at label ADMIN_HIGH
, place a copy of the site's label_encodings file into the JumpStart directory on the diskette.
$ cp /etc/security/tsol/label_encodings ${SI_CONFIG_DIR}/label_encodings |
Copy the label_encodings file onto the system during installtion.
For example, if you are using a custom JumpStart diskette to install Trusted Solaris software, the following finish script copies the file from the JumpStart directory into a system's /etc/security/tsol directory during a custom JumpStart installation:
#!/bin/pfsh cp ${SI_CONFIG_DIR}/label_encodings /a/etc/security/tsol |
This example modifies the procedures in "Setting the System's Root Password With a Finish Script" in Solaris 8 Advanced Installation Guide.
In the admin role at label ADMIN_LOW
, set the variable PASSWD to an encrypted root password obtained from an existing entry in a system's /etc/shadow file.
If you set your root password by using a finish script, be sure to safeguard against those who will try to discover the root password from the encrypted password in the finish script.