Preface

This Trusted Solaris Administrator's Procedures guide provides procedures for managing users and hosts while maintaining the security of information within the Trusted Solaris^TM environment.

Who Should Use This Book

This book is used by administrators who are able to assume any of the Trusted Solaris administrative roles. This book describes how to do the unique Trusted Solaris administrative tasks that are an essential part of protecting the security of the system.

Before You Read This Book

Understand Solaris 8 administration, CDE, Solaris Management Console^TM, and NIS+.

The procedures in this guide are unique to Trusted Solaris administration, and often add to Solaris procedures. An administrator should already understand how to administer the Solaris operating environment, how to use and administer the Common Desktop Environment (CDE) window system, how to use Solaris Management Console administration tools, and administer a name service.

---

Note -

AnswerBooks for the above-mentioned products that are bundled into Trusted Solaris are available on the Trusted Solaris 8 4/01 AnswerBook CD, which is shipped with the Trusted Solaris 8 4/01 product CD.

---

Read and understand the basic concepts and procedures for using the system, as described in the Trusted Solaris User's Guide.

Administrators should know how to work in the Trusted Solaris environment as a normal user.

Read and understand the administrative concepts described in the Trusted Solaris Administration Overview.

Understand how administrative tasks are divided among roles at your site.

Each procedure identifies which role is assigned to the task in the default configuration. The Security Administrator role is responsible for informing administrators if the default administrative roles have been reconfigured.

How This Book Is Organized

Chapter 1, Administering in a Role reviews how to work in an administrative role.

Chapter 2, Administering Security Requirements describes general security mechanisms and common procedures to harden the system.

Chapter 3, Managing User Accounts describes how to prepare for setting up user and role accounts, and how to administer startup files and batch jobs.

Chapter 4, Managing Users and Rights With SMC describes how to manage rights, roles, and users using the Solaris Management Console.

Chapter 5, Managing Roles describes how to modify and extend the powers of a role.

Chapter 6, Managing Mail describes the differences between standard Solaris and Trusted Solaris mail administration.

Chapter 7, Managing Computers and Networks reviews concepts that apply to managing communications and shows how trusted communications are configured between a Trusted Solaris system and multiple networks.

Chapter 8, Specifying Routing and Security for Remote Computers describes how to specify the security attributes for hosts and how to set up routing for trusted network communications.

Chapter 9, Managing Files and File Systems describes the extended file system security attributes, how to set up mounts, and how to specify extended security attributes.

Chapter 10, Managing Name Services describes how NIS and NIS+ name services can be used to centrally administer a Trusted Solaris network.

Chapter 11, Managing Printing describes how to configure printing for labeled and unlabeled jobs.

Chapter 12, Managing Devices describes how to manage devices, and includes how to set the label range on printers and computers.

Chapter 13, Adding Software describes how to assess software for trustworthiness. Software includes Sun software products, other UNIX® applications, new trusted programs, CDE actions, and shell scripts. The chapter also describes the Trusted Solaris privilege mechanism.

Related Books

• Trusted Solaris User's Guide

The rest of the Trusted Solaris administrator's document set:

• Trusted Solaris Administration Overview

• Trusted Solaris Audit Administration

• Trusted Solaris Developer's Guide

• Trusted Solaris Installation and Configuration

• Trusted Solaris 8 4/01 Installation and Configuration on the Sun Enterprise 10000

• Trusted Solaris Label Administration

• Trusted Solaris 8 4/01 Reference Manual

• Trusted Solaris 8 4/01 Release Notes

• Trusted Solaris 8 4/01 Transition Guide

• Compartmented Mode Workstation Labeling: Encodings Format

Ordering Sun Documents

Fatbrain.com stocks documentation from Sun Microsystems, Inc.

For a list of available documents and how to order them, visit http://www1.fatbrain.com/documentation/sun.

Accessing Sun Documentation Online

The docs.sun.com^SM Web site enables you to access Sun technical documentation online. You can browse the docs.sun.com archive or search for a specific book title or subject. The URL is http://docs.sun.com.

Type Styles Used in Text and Examples

The following table shows and explains the type styles used in this guide.

Table P-1 Typographic Conventions

Type Face	Meaning	Example
Literal	The names of commands, files, and directories, on-screen computer output	Edit your .login file. Use ls -a to list all files. hostname% You have mail.
UserType	What you type, contrasted with on-screen computer output	hostname% su Password:
Variable	Argument name in a command-line.	To delete a file, enter rm filename.
	You replace the argument with a real name or value.	hostname% rm myfile
Title or Emphasis	Book titles, new words or terms, or words to be emphasized	Read Chapter 6 in User's Guide. These are called class options.
		You must be root to do this.

Trusted Solaris Prompts

The following table shows the Trusted Solaris prompts.

Shell	Prompt
C shell prompt	hostname%
Bourne shell and Korn shell prompt	$
Profile shell prompt	$
root prompt	#