Trusted Solaris Administrator's Procedures

To Change Configurable Kernel Switch Settings

Assume the Security Administrator role and go to an ADMIN_LOW workspace.

Use the Admin Editor action from the System_Admin folder in the Application Manager to open /etc/system for editing.

Set the configurable switches as desired, then save the file.

See Table 2-3 for a description of the switches.

Reboot the system for the values to go into effect.

The following table shows the customer-configurable kernel switches in the system(4) file.

Table 2-3 Configurable Trusted Solaris Switches in /etc/system


tsol_admin_high_to_cipso	The `tsol_admin_high_to_cipso` switch is not in the default `/etc/system` file, but it can be added if needed. The default setting in the kernel is 0. To enable communications with TSIX-type hosts that have the IP Label Field specified as CIPSO, this switch must be set to 1. This causes the label on a packet to be mapped to a valid CIPSO label with the highest classification and all compartments turned on, instead of being dropped. See "CIPSO Labels in Packets" for more information.
tsol_clean_windows	To support object reuse, the `tsol_clean_windows` switch is set to l by default, to clear inactive register windows on return from each system call. Setting the switch to 0 disables the cleaning of inactive windows after each system call, allowing the possibility that a system call can return kernel information from an inactive register window.
tsol_flush_buffers	Between the time when blocks are linked to an inode and written to disk, a crash could leave old disk blocks (possibly of a higher label) linked to a file system after fsck(1M) recovers the file system. To ensure that data blocks are flushed before inodes are updated on disk, the `tsol_flush_buffers` switch is set to 1 by default. There is a small performance penalty. Setting this switch to 0 disables the forced data flushing before inode updates.
tsol_hide_upgraded_names	Actions by users with the Upgrade File Label authorization and by processes with the `file_mac_write` and `file_upgrade_sl` privileges can either create a new file or subdirectory or relabel an existing file or subdirectory at a label that dominates the label of the containing directory. Such files and subdirectories are said to be upgraded and the names of the upgraded files and subdirectories are referred to as upgraded names. At sites that consider upgraded names to be sensitive information, the `tsol_hide_upgraded_names` switch enables the Security Administrator role to hide upgraded names. Setting this flag prevents getdents(2) from returning upgraded file names. Because all directory entries are examined before the results are returned, there is a performance penalty. Upgraded names display by default.
tsol_privs_debug	The `tsol_privs_debug` switch allows the administrative use of runpd(1M) to characterize a program`s use of privilege. See Chapter 13, Adding Software under "To Find Out Which Privileges a Program Needs" for the complete setup procedure. After the application(s) have been privileged debugged, this variable should be reset and the machine rebooted. Privilege debugging is disabled by default.

© 2010, Oracle Corporation and/or its affiliates