The zone must not be sharing an IP address with the global zone. You must be in the System Administrator role in the global zone.
Add a workspace.
For details, see How to Add a Workspace at a Particular Label in Oracle Solaris Trusted Extensions User’s Guide.
Change the label of the new workspace to the label of the zone that will be the print server for that label.
For details, see How to Change the Label of a Workspace in Oracle Solaris Trusted Extensions User’s Guide.
Define the characteristics of the connected printers.
At the label of zone, start the Print Manager.
By default, the “Use PPD” checkbox is selected. The system finds the appropriate driver for the printer.
(Optional) To specify a different printer driver, do the following:
Remove the check from “Use PPD”.
Define the make and model of the printer that uses a different driver.
In the Print Manager, you supply the values for the first two fields, then the Print Manager supplies the driver name.
Printer Make manufacturer Printer Model manufacturer-part-number Printer Driver automatically filled in |
Assign a printer model script to each printer that is connected to the zone.
The model script activates the banner and trailer pages for the specified printer.
For your choices of scripts, see Printer Model Scripts. If the driver name for the printer starts with Foomatic, then specify one of the foomatic model scripts. Use the following command:
$ lpadmin -p printer -m model |
The attached printers can print jobs only at the label of the zone.
Test the printer.
Starting in the Solaris 10 7/10 release, files with an administrative label, either ADMIN_HIGH or ADMIN_LOW, print ADMIN_HIGH on the body of the printout. The banner and trailer pages are labeled with the highest label and compartments in the label_encodings file.
As root and as a regular user, perform the following steps:
Prevent labeled output – Reducing Printing Restrictions in Trusted Extensions (Task Map)