Solaris Trusted Extensions Installation and Configuration for Solaris 10 11/06 and Solaris 10 8/07 Releases

ProcedureUse the rlogin Command to Log In to a Headless System in Trusted Extensions

This procedure enables you to use the command line and Trusted Extensions GUIs to administer a headless system by assuming a role.

Before You Begin

The headless system must have enough memory to use the Solaris Management Console. The requirements are the same as for the Solaris OS. For details, see System Requirements and Recommendations in Solaris 10 11/06 Installation Guide: Basic Installations.

If the administrator's desktop system is configured with Trusted Extensions, the headless system is identified as a CIPSO system on the desktop system. For details, see How to Assign a Security Template to a Host or a Group of Hosts in Solaris Trusted Extensions Administrator’s Procedures.

You have completed Enable Remote Login in Trusted Extensions.

You are a user who is enabled to log in to the headless system.

  1. On the desktop system, enable processes from the headless system to display.

    1. Enable the headless system to access the X server.

      desktop $ xhost + headless-host
    2. Determine the value of the desktop's DISPLAY variable.

      desktop $ echo $DISPLAY
  2. On the Trusted Extensions desktop system, open a Trusted Path workspace.

    • If your user account has direct access to the global zone, create a Trusted Path workspace, then open a terminal window.

    • If your user account does not have direct access to the global zone, assume a role, then open a terminal window.

  3. From this terminal window, remotely log in to the headless system.

    desktop # rlogin headless
    Password: Type the headless user's password
  4. Assume a role.

    If you are logged in to the headless system as an unprivileged user, assume a role with administrative privileges. Use the same terminal window. For example, assume the root role.

    headless $ su - root
    Password: Type the root password

    You are now in the global zone.

  5. Enable processes on the headless system to display on the desktop system.

    headless $ setenv DISPLAY desktop:n.n
    headless $ export DISPLAY=n:n

    You can now administer the headless system by using Trusted Extensions GUIs.

  6. Administer the headless system.

    • Start the Solaris Management Console.

      headless $ /usr/sbin/smc &

      The Solaris Management Console displays on the desktop system. From the list of toolboxes, choose the Scope=Files, Policy=TSOL for the headless system.

    • Start the txzonemgr.

      headless $ /usr/sbin/txzonemgr
    • Access Trusted CDE actions.

      headless # /usr/dt/bin/dtappsession desktop
      Password: Type the remote password