特別なオプションを指定せずにインストールする
-
オプションを指定せずに install-ldm インストールスクリプトを実行します。
インストールスクリプトは、SUNWldm パッケージの一部で、Install サブディレクトリにあります。
# Install/install-ldm
-
1 つ以上のパッケージがすでにインストールされている場合は、次のメッセージが表示されます。
# Install/install-ldm ERROR: One or more packages are already installed: SUNWldm SUNWjass. If packages SUNWldm.v and SUNWjass are factory pre-installed, run install-ldm -p to perform post-install actions. Otherwise remove the package(s) and restart install-ldm.
インストール後の処理のみを実行する場合は、「Logical Domains Manager デーモンを有効にして Solaris Security Toolkit のみを実行する」 に進みます。
-
処理が正常に実行されると、次の例のようなメッセージが表示されます。
-
例 3–1 は、次のデフォルトのセキュリティープロファイルを選択した場合に、install-ldm スクリプトが正常に実行されたことを示しています。
a) Hardened Solaris configuration for LDoms (recommended)
-
例 3–2 は、次のセキュリティープロファイルを選択した場合に、install-ldm スクリプトが正常に実行されたことを示しています。
c) Your custom-defined Solaris security configuration profile
選択肢として表示されるドライバは、名前が -secure.driver で終わるドライバです。名前が -secure.driver で終わらない、カスタマイズしたドライバを書き込む場合は、install-ldm -d オプションでカスタマイズしたドライバを指定する必要があります。「カスタマイズされた強化ドライバとともにインストールする」 を参照してください。
-
例 3–1 LDoms 用に強化された Solaris 構成の場合の出力
# Install/install-ldm Welcome to the LDoms installer. You are about to install the domain manager package that will enable you to create, destroy and control other domains on your system. Given the capabilities of the domain manager, you can now change the security configuration of this Solaris instance using the Solaris Security Toolkit. Select a security profile from this list: a) Hardened Solaris configuration for LDoms (recommended) b) Standard Solaris configuration c) Your custom-defined Solaris security configuration profile Enter a, b, or c [a]: a The changes made by selecting this option can be undone through the Solaris Security Toolkit's undo feature. This can be done with the `/opt/SUNWjass/bin/jass-execute -u' command. Installing LDoms and Solaris Security Toolkit packages. pkgadd -n -d "/var/tmp/install/Product/Logical_Domain_Manager" -a pkg_admin SUNWldm.v Copyright 2006 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms. Installation of <SUNWldm> was successful. pkgadd -n -d "/var/tmp/install/Product/Solaris_Security_Toolkit" -a pkg_admin SUNWjass Copyright 2005 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms. Installation of <SUNWjass> was successful. Verifying that all packages are fully installed. OK. Enabling services: svc:/ldoms/ldmd:default Running Solaris Security Toolkit 4.2.0 driver ldm_control-secure.driver. Please wait. . . /opt/SUNWjass/bin/jass-execute -q -d ldm_control-secure.driver Executing driver, ldm_control-secure.driver Solaris Security Toolkit hardening executed successfully; log file /var/opt/SUNWjass/run/20070208142843/jass-install-log.txt. It will not take effect until the next reboot. Before rebooting, make sure SSH or the serial line is setup for use after the reboot. |
例 3–2 カスタマイズされた構成プロファイルを選択した場合の出力
# Install/install-ldm Welcome to the LDoms installer. You are about to install the domain manager package that will enable you to create, destroy and control other domains on your system. Given the capabilities of the domain manager, you can now change the security configuration of this Solaris instance using the Solaris Security Toolkit. Select a security profile from this list: a) Hardened Solaris configuration for LDoms (recommended) b) Standard Solaris configuration c) Your custom-defined Solaris security configuration profile Enter a, b, or c [a]: c Choose a Solaris Security Toolkit .driver configuration profile from this list 1) ldm_control-secure.driver 2) secure.driver 3) server-secure.driver 4) suncluster3x-secure.driver 5) sunfire_15k_sc-secure.driver Enter a number 1 to 5: 2 The driver you selected may not perform all the LDoms-specific operations specified in the LDoms Administration Guide. Is this OK (yes/no)? [no] y The changes made by selecting this option can be undone through the Solaris Security Toolkit's undo feature. This can be done with the `/opt/SUNWjass/bin/jass-execute -u' command. Installing LDoms and Solaris Security Toolkit packages. pkgadd -n -d "/var/tmp/install/Product/Logical_Domain_Manager" -a pkg_admin SUNWldm.v Copyright 2006 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms. Installation of <SUNWldm> was successful. pkgadd -n -d "/var/tmp/install/Product/Solaris_Security_Toolkit" -a pkg_admin SUNWjass Copyright 2005 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms. Installation of <SUNWjass> was successful. Verifying that all packages are fully installed. OK. Enabling services: svc:/ldoms/ldmd:default Running Solaris Security Toolkit 4.2.0 driver secure.driver. Please wait. . . /opt/SUNWjass/bin/jass-execute -q -d secure.driver Executing driver, secure.driver Solaris Security Toolkit hardening executed successfully; log file /var/opt/SUNWjass/run/20070102142843/jass-install-log.txt. It will not take effect until the next reboot. Before rebooting, make sure SSH or the serial line is setup for use after the reboot. |
- © 2010, Oracle Corporation and/or its affiliates