test

Trusted Solaris 8 HW 7/03 Transition Guide

Changes From the Trusted Solaris 8 4/01 to the Trusted Solaris 8 HW 12/02 Release

The following table lists features that changed between the Trusted Solaris 8 4/01 and Trusted Solaris 8 HW 12/02 releases. The table also lists differences between the software that the Solaris 8 2/02 release supports and the software that the Trusted Solaris 8 HW 12/02 release supports.

Table 1–2 Trusted Solaris 8 HW 12/02 Changes to Trusted Solaris 8 4/01 Software

Area of Change 

Description of Change 

Audit Token 

The praudit output for the header token in earlier Trusted Solaris releases had the following form:


header,131,4,login - local,,Wed Dec 11 14:23:54 
2002, + 471 msec

The header token in this release includes the machine name, as shown in the following example:.


header,162,4,login - local,,enigma,Fri Mar 07 22:27:49
2003, + 770 msec

The host audit token is no longer generated. Instead, the expanded header token contains host information. Customized scripts or tools which parse praudit output might need to be updated to handle this change.

Hardware 

The Trusted Solaris 8 HW 12/02 release supports the hardware platforms that the Solaris 8 HW 12/02 release supports. 

On the Sun Fire 15K and the Sun Fire 12K servers, Trusted Solaris software installs on domains and runs domains. To run on the system controller, install Solaris software. 

Licensing 

A Trusted Solaris License Agreement dialog box displays when the install user enters CDE. When the user clicks Accept, the dialog box does not display again. Until the license agreement is accepted, the Window Manager displays “Not Licensed” at the far right on the trusted stripe.

After the license agreement is accepted, the trusted stripe shows which edition of the Trusted Solaris release is running. This information is also available by using the uname -v command.

Packaging 

The Solaris packages that the Trusted Solaris product does not enhance remain unmodified. Therefore, you can apply Solaris patches to those Solaris packages that remain unmodified. 

Use the showrev -p command in a terminal window to list the patches that have been applied to the system.

Patches 

Use the patchadd command to install patches. The patchadd command prevents the installation of a patch that would overwrite a Trusted Solaris feature.

KCMS server 

The kcms_server service is disabled by default in the inetd.conf file. The server is vulnerable to security violations.

Upgrade 

Upgrade is supported from Trusted Solaris 8 releases to the Trusted Solaris 8 HW 12/02 release. 

x86 Network Boot 

Trusted Solaris software does not support x86 network boot.