The following tables list the CDE actions that roles in Trusted Extensions can run. These trusted CDE actions are available from the Trusted_Extensions folder. The Trusted_Extensions folder is available from the Application Manager folder on the CDE desktop.
Table 2–2 Administrative Actions in Trusted CDE, Their Purpose, and Associated Rights Profiles
Action Name |
Purpose of Action |
Default Rights Profile |
---|---|---|
Creates devices by adding entries to device databases. See add_allocatable(1M). |
Device Security |
|
Edits the specified file. See How to Edit Administrative Files in Trusted Extensions. |
Object Access Management |
|
Edits the audit_class file. See audit_class(4). |
Audit Control |
|
Edits the audit_control file. See audit_control(4). |
Audit Control |
|
Edits the audit_event file. See audit_event(4). |
Audit Control |
|
Edits the audit_startup.sh script. See audit_startup(1M). |
Audit Control |
|
Runs the chk_encodings command on specified encodings file. See chk_encodings(1M). |
Object Label Management |
|
Runs the tnchkdb command on tnrhdb, tnrhtp, and tnzonecfg databases. See tnchkdb(1M). |
Network Management |
|
Edits /usr/dt/config/sel_config file. See sel_config(4). |
Object Label Management |
|
Makes the global zone an LDAP client of an existing LDAP directory service. |
Information Security |
|
Edits the specified label_encodings file and runs the chk_encodings command. See chk_encodings(1M). |
Object Label Management |
|
Edits the nsswitch.conf file. See nsswitch.conf(4). |
Network Management |
|
Edits the resolv.conf file. See resolv.conf(4). |
Network Management |
|
Edits the /etc/motd file. At login, the contents of this file display in the Last Login dialog box. |
Network Management |
|
Network Management |
||
Edits the dfstab file. Does not run the share command. See dfstab(4). |
File System Management |
The following actions are used by the initial setup team during zone creation. Some of these actions can be used for maintenance and troubleshooting.
Table 2–3 Installation Actions in Trusted CDE, Their Purpose, and Associated Rights Profiles