The Application Manager contains a folder that holds administrative applications for the local machine, System_Admin and an action, Solaris Management Console, for administering local and distributed databases. The Application Manager icon is shown below.
The System_Admin folder contains CDE actions for administering the local system. See the following table for a list of actions used during installation and configuration. For a full list of System_Admin actions, read the CDE online help. The System_Admin folder icon is shown below.
Table 9-1 Trusted Solaris Actions in the System_Admin Folder
Action Name |
Action Behavior |
---|---|
Add Allocatable Device |
Edit /etc/security/device_maps |
Add to NIS+ Administrative Group |
Run the nisgrpadm -a command |
Admin Editor |
Create or edit any file |
Audit Classes |
Edit /etc/security/audit_class |
Audit Control |
Edit /etc/security/audit_control |
Audit Events |
Edit /etc/security/audit_event |
Audit Startup |
Edit /etc/security/audit_startup |
Audit Users |
Edit /etc/security/audit_user |
Check Encodings |
Check syntax (and install) a label encodings file |
Check TN Files |
Check local tnrhdb and tnrhtp files |
Check TN NIS+ Tables |
Check NIS+ tnrhdb and tnrhtp databases |
Configure Selection Confirmation |
Edit /usr/dt/config/sel_config |
Create NIS Client |
Make this host a NIS client |
Create NIS Server |
Establish a NIS server with NIS maps |
Create NIS+ Administrative Group |
Run the nisgrpadm -c command |
Create NIS+ Client |
Make this host a NIS+ client |
Create NIS+ Server |
Establish a NIS+ domain |
Delete from NIS+ Administrative Group |
Run the nisgrpadm -r command |
Delete NIS+ Administrative Group |
Run the nisgrpadm -d command |
Edit Encodings |
Edit a label encodings file |
List Administrative Group |
Run the nisgrpadm -l command |
Name Service Switch |
Edit /etc/nsswitch.conf |
Populate NIS+ Tables |
Populate NIS+ tables from a files directory |
Printer Administrator |
Set up printers |
Set Default Routes |
Edit /etc/defaultrouter |
Set DNS Servers |
Edit /etc/resolv.conf |
Set Mail Options |
Edit the TSOL option in the sendmail.cf file |
Set Mount Attributes |
Edit /etc/security/tsol/vfstab_adjunct |
Set Mount Points |
Edit /etc/vfstab |
Set TSOL Gateways |
Edit /etc/tsolgateways |
Share Filesystems |
Edit /etc/dfs/dfstab |
View NIS Map |
View NIS map |
View Table Attributes |
View NIS+ table attributes |
View Table Contents |
View NIS+ table contents |
In an administrative role, open the Application Manager by right-clicking the background to bring up the Workspace menu. Choose Applications -> Application Manager from the top of the menu.
Double-click the appropriate action. For more details, see "To Create or Open a File from the Trusted Editor", "To Open a File that has a Defined Action" and "To Run a Script from the System_Admin Folder".
Actions that open files in an editor use the Admin Editor icon shown below.
To create or open a file that does not have its own action, double-click the Admin Editor action.
A prompt appears for you to specify the file to be opened.
Enter the name of the file to be opened.
If the file exists, it is opened. If the file does not exist, it is created. You can create an empty file (touch) by exiting the editor.
You cannot save a file to a different name from the trusted editor.
To open a file that has its own action, double-click its action in the System_Admin folder.
The file associated with the action appears in the trusted editor.
Enter the required information, write the file, and exit the editor.
To run a script that has its own action, double-click the action in the System_Admin folder.
When the script requires input, the prompts are displayed.
Follow the instructions.
The script is finished when all prompt windows have been dismissed.
The Solaris Management Console action in the Application Manager folder invokes a Java-based administrative GUI for configuring and maintaining a Trusted Solaris environment. The GUI lists toolboxes in a Navigation pane, as shown in the following figure.
The following can be configured through the Solaris Management Console, using the Trusted Solaris Management Console > Trusted Solaris Configuration toolboxes in the Navigation pane:
User Accounts--Part of the Users tool, for administering users.
Administrative Roles--Part of the Users tool, for administering roles.
Rights--Part of the Users tool, for constructing rights profiles. A user account is not usable until the user's Rights have been assigned.
Mailing Lists--Part of the Users tool, for administering mail aliases.
Computers and Networks--For setting up networks.
Computers--Part of the Computers and Networks tool, for setting up hosts (the hosts database).
Security Families--Part of the Computers and Networks tool, for creating and assigning remote host templates (the tnrhtp(4) and tnrhdb(4) databases)
Interface Manager--For securing network interfaces (the tnidb(4) database). Accessible only when Scope=Files.
--
The following are configured through the Solaris Management Console, using Trusted Solaris Management Console toolboxes:
Mounts--Part of the Storage tool, for mounting file systems. Accessible only when Scope=Files.
Shares--Part of the Storage tool, for sharing file systems. Accessible only when Scope=Files.
Scope=Files and Scope=name-service contain different tools. Read the online help for what the tool does and how to use it.
To find and use a tool in this-host: Scope=Files, Policy=TSOL in the Navigation pane:
Click the System Status key to view the Processes and Log Viewer tools.
Click the Trusted Solaris Configuration key to view the Users, Computers and Networks, and Interface Manager tools.
Click the Services key to view the SMC Server and the Scheduled Jobs tools.
Click the Storage key to view the Mounts and Shares and Disks tools.
Click the Devices and Hardware key to view the Serial Ports tool.
To find and use a tool in the name-server: Scope=name-service, Policy=TSOL toolbox in the Navigation pane, click the Trusted Solaris Configuration key.
The Users and the Computers and Networks tools are available in the name-server: Scope=name-service, Policy=TSOL scope.
In the Navigation pane, click a toolset icon, such as Users.
When prompted, enter the role password in the Role Login prompt.
Double-click the tool, such as User Accounts.
Read and follow the online help for assistance with each tool.