Tools for Editing and Checking the label_encodings File

The label_encodings file is a flat text file. Its label is ADMIN_HIGH to prevent normal users from reading it. The maximum line length in the label_encodings file is 256 bytes. The file can be edited with any text editor. During development of the file, the labels and their relationships can be checked by using the chk_encodings(1M) command with the -a option on the command line in a terminal. The file must pass chk_encodings(1M) before it is installed on the working system.

The Security Administrator role uses one of the two actions shown in Table 2-1. The actions are in the System_Admin folder within the Application Manager.

Table 2-1 Administrative Actions for Editing the label_encodings File

Action Name	Purpose
Edit Encodings	Edits and checks the specified label_encodings file.
Check Encodings	Checks the specified label_encodings. If the file specified for editing is not the installed version, after the file passes the check, Check Encodings offers the option of installing the checked file. Before overwriting an existing file, Check Encodings creates a backup of the installed label_encodings file, while preserving the required DAC attributes.

---

Note -

Starting with release 7, the Trusted Solaris environment does not support information labels. However, a label_encodings file still needs information labels defined. The chk_encodings(1M) utility fails unless the label_encodings(4) contains an INFORMATION LABELS WORDS section that defines the same bits defined SENSITIVITY LABELS WORDS section.

---

---

Note -

The label_encodings file may be created or edited on any system. However, it must be checked and tested on a host running the Trusted Solaris operating environment.

---