Many interfaces changed between the Trusted Solaris 8 releases and the current release. For a list of new interfaces, see New Interfaces in Trusted Extensions Software.
The following tables list every interface change, the current man page, and the reason for the change. Changes can be one of the following:
No change – The interface is originally a Trusted Solaris interface, and has not significantly changed for this release.
Remains unsupported – Due to security issues, the interface is not supported in Solaris Trusted Extensions software.
Removed - Due to changes in the architecture, the interface was removed. A None entry in the second column indicates a removed interface. The Note column contains Removed or an explanation.
Replaced – The interface is renamed.
Has new options - For a Solaris interface, the interface provides options that are specific to Trusted Extensions software. For an interface that is unique to Trusted Extensions, the Solaris Trusted Extensions options are different from the options in Trusted Solaris software.
Obsolete – A Trusted Solaris interface has been replaced with a Trusted Extensions interface with a new name and new parameters. Many label interfaces have been replaced with interfaces that hide the internals of the label. Although recompiled programs that use the obsolete interfaces might work, programs and scripts should be written to use the new interfaces.
Support removed – Support for a feature, such as CMW labels, was removed entirely, or removed from this interface.
Use interface – Use an equivalent Solaris interface.
Works as in Solaris OS – Due to changes in the architecture, Solaris Trusted Extensions software does not modify the Solaris OS interface.
Privilege Identifier in Trusted Solaris 8 |
Current Privilege Name |
Note |
|
---|---|---|---|
1 |
FILE_AUDIT |
None |
Removed. |
2 |
FILE_CHOWN |
FILE_CHOWN, FILE_CHOWN_SELF |
|
3 |
FILE_DAC_EXECUTE |
FILE_DAC_EXECUTE | |
4 |
FILE_DAC_READ |
FILE_DAC_READ | |
5 |
FILE_DAC_SEARCH |
FILE_DAC_SEARCH | |
6 |
FILE_DAC_WRITE |
FILE_DAC_WRITE | |
8 |
FILE_DOWNGRADE_SL |
FILE_DOWNGRADE_SL | |
9 |
FILE_LOCK |
None |
Removed. |
10 |
FILE_MAC_READ |
None |
Removed. |
11 |
FILE_MAC_SEARCH |
None |
Removed. |
12 |
FILE_MAC_WRITE |
None |
Removed. |
14 |
FILE_OWNER |
FILE_OWNER | |
15 |
FILE_SETDAC |
None |
Removed. |
16 |
FILE_SETID |
FILE_SETID | |
17 |
FILE_SETPRIV |
None |
Removed. |
19 |
FILE_UPGRADE_SL |
FILE_UPGRADE_SL | |
20 |
IPC_DAC_READ |
IPC_DAC_READ | |
21 |
IPC_DAC_WRITE |
IPC_DAC_WRITE | |
23 |
IPC_MAC_READ |
None |
Removed. |
24 |
IPC_MAC_WRITE |
None |
Removed. |
26 |
IPC_OWNER |
IPC_OWNER | |
30 |
NET_BROADCAST |
None |
Removed. |
32 |
NET_DOWNGRADE_SL |
None |
Removed. |
33 |
NET_MAC_READ |
NET_MAC_AWARE, NET_BINDMLP |
Slightly different privilege that enforces current security architecture. |
35 |
NET_PRIVADDR |
NET_PRIVADDR | |
36 |
NET_RAWACCESS |
NET_RAWACCESS | |
37 |
NET_REPLY_EQUAL |
NET_MAC_AWARE |
Slightly different privilege that enforces current security architecture. |
38 |
NET_SETCLR |
None |
Removed. |
39 |
NET_SETID |
None |
Removed. |
40 |
NET_SETPRIV |
None |
Removed. |
42 |
NET_UPGRADE_SL |
None |
Removed. |
43 |
PROC_AUDIT_APPL |
PROC_AUDIT | |
44 |
PROC_AUDIT_TCB |
PROC_AUDIT | |
45 |
PROC_CHROOT |
PROC_CHROOT | |
46 |
PROC_DUMPCORE |
None |
Removed. |
47 |
PROC_MAC_READ |
PROC_ZONE |
Provides equivalent functionality. |
48 |
PROC_MAC_WRITE |
PROC_ZONE |
Provides equivalent functionality. |
49 |
PROC_NODELAY |
None |
Removed. |
51 |
PROC_OWNER |
PROC_OWNER | |
52 |
PROC_SETCLR |
None |
Removed. |
53 |
PROC_SETID |
PROC_SETID | |
55 |
PROC_SETSL |
None |
Removed. |
29 |
PROC_DEBUG_NONTRANQUIL |
None |
Removed. |
56 |
PROC_TRANQUIL |
None |
Removed. |
57 |
SYS_AUDIT |
SYS_AUDIT | |
58 |
SYS_BOOT |
None |
Removed. |
59 |
SYS_CONFIG |
SYS_CONFIG | |
60 |
SYS_CONSOLE |
None |
Removed. |
61 |
SYS_DEVICES |
SYS_DEVICES | |
63 |
SYS_FS_CONFIG |
None |
Removed. |
64 |
SYS_IPC_CONFIG |
SYS_IPC_CONFIG | |
65 |
SYS_MAXPROC |
SYS_RESOURCE | |
66 |
SYS_MINFREE |
SYS_RESOURCE | |
67 |
SYS_MOUNT |
SYS_MOUNT | |
68 |
SYS_NET_CONFIG |
SYS_NET_CONFIG | |
69 |
SYS_NFS |
SYS_NFS | |
70 |
SYS_SUSER_COMPAT |
SYS_SUSER_COMPAT | |
28 |
SYS_SYSTEM_DOOR |
None |
Removed. |
71 |
SYS_TRANS_LABEL |
SYS_TRANS_LABEL | |
72 |
WIN_COLORMAP |
WIN_COLORMAP | |
73 |
WIN_CONFIG |
WIN_CONFIG | |
74 |
WIN_DAC_READ |
WIN_DAC_READ | |
75 |
WIN_DAC_WRITE |
WIN_DAC_WRITE | |
76 |
WIN_DGA |
WIN_DGA | |
77 |
WIN_DEVICES |
WIN_DEVICES | |
79 |
WIN_DOWNGRADE_SL |
WIN_DOWNGRADE_SL | |
80 |
WIN_FONTPATH |
WIN_FONTPATH | |
81 |
WIN_MAC_READ |
WIN_MAC_READ | |
82 |
WIN_MAC_WRITE |
WIN_MAC_WRITE | |
84 |
WIN_SELECTION |
WIN_SELECTION | |
86 |
WIN_UPGRADE_SL |
WIN_UPGRADE_SL |
Table 2 User Command Correspondences Between the Trusted Solaris 8 and Solaris Trusted Extensions Releases
Trusted Solaris 8 Command |
Current Man Page |
Note |
---|---|---|
adornfc |
None |
Files are no longer adorned. |
allocate |
Has new options. |
|
at |
Works as in Solaris OS. |
|
atq |
Works as in Solaris OS. |
|
atrm |
Works as in Solaris OS. |
|
batch |
Works as in Solaris OS. |
|
cancel |
Caller must be equal to cancel job. |
|
chgrp |
Works as in Solaris OS. |
|
chmod |
Works as in Solaris OS. |
|
chown |
Works as in Solaris OS. |
|
crle |
Works as in Solaris OS. |
|
crontab |
Works as in Solaris OS. |
|
date |
Works as in Solaris OS. |
|
deallocate |
Has new options. |
|
disable |
Works as in Solaris OS. |
|
dtappsession |
No change. |
|
du |
Works as in Solaris OS. |
|
enable |
Works as in Solaris OS. |
|
find |
Works as in Solaris OS. |
|
getfattrflag |
None |
Files no longer have flags. |
getfpriv |
None |
Files no longer have forced privileges. |
getlabel |
Gets the sensitivity label of the containing file system. |
|
getmldadorn |
None |
Files are no longer adorned. |
getsldname |
Renamed. Gets the zone root of the file. |
|
ipcrm |
Works as in Solaris OS. |
|
ipcs |
Works as in Solaris OS. |
|
kbd |
Works as in Solaris OS. |
|
ld |
Works as in Solaris OS. |
|
list_devices |
Has new options. |
|
login |
Works as in Solaris OS. |
|
lp |
Extended to require authorization for suppressing banners and labels. |
|
lpstat |
Except for listing, caller must dominate the job's label. For listing, caller must equal the job's label. |
|
mkdir |
Works as in Solaris OS. |
|
mldpwd |
None |
MLDs and SLDs are removed. |
mldrealpath |
None |
MLDs and SLDs are removed. |
nca |
Remains unsupported. |
|
ncakmod |
Remains unsupported. |
|
nispasswd |
None |
NIS+ is not a supported name service for Solaris Trusted Extensions software. For LDAP information, see ldap(1). |
passwd |
Works as in Solaris OS. |
|
pattr |
None |
Processes no longer have attribute flags. |
pclear |
None |
No longer needed. |
pcred, pfiles, pflags |
Work as in Solaris OS. |
|
pfsh |
Works as in Solaris OS. |
|
plabel |
Only returns the sensitivity label. |
|
pldd, pmap |
Work as in Solaris OS. |
|
ppriv |
Works as in Solaris OS. |
|
pprivtest |
Use the ppriv -D command. |
|
proc |
Works as in Solaris OS. |
|
profiles |
Works as in Solaris OS. |
|
prun, psig, pstack, pstop, ptime, ptree, pwait, pwdx |
Work as in Solaris OS. |
|
rm |
Works as in Solaris OS. |
|
rmdir |
Works as in Solaris OS. |
|
roles |
Works as in Solaris OS. |
|
setfattrflag |
None |
Files no longer have flags. |
setfpriv |
None |
Files no longer have forced privileges. |
setlabel |
Files are moved between labeled zones. |
|
snca |
Remains unsupported. |
|
tar |
Has new options. |
|
testfpriv |
None |
Files no longer have forced privileges. |
tfind |
None |
MLDs and SLDs are removed. |
uname |
Works as in Solaris OS. |
|
vacation |
Works as in Solaris OS. |
Table 3 User Command Correspondences Between the Trusted Solaris 8 and Solaris Trusted Extensions Releases – 1b Interfaces
Trusted Solaris 8 Command |
Current Man Page |
Note |
---|---|---|
lpc |
Works as in Solaris OS. |
|
lpq |
Caller must dominate label of jobs. |
|
lpr |
Works as in Solaris OS. |
|
lprm |
Caller must dominate label of job. |
Table 4 System Administration Command Correspondences Between the Trusted Solaris 8 and Solaris Trusted Extensions Releases
Trusted Solaris 8 Command |
Current Man Page |
Note |
---|---|---|
add_allocatable |
Has new options. |
|
add_drv |
Works as in Solaris OS. |
|
adminvi |
|
Removed. |
arp |
Works as in Solaris OS. |
|
atohexlabel |
CMW support removed. Returns label in shortened hexadecimal format. |
|
audit |
Works as in Solaris OS. |
|
audit_startup |
Works as in Solaris OS. |
|
audit_warn |
Works as in Solaris OS. |
|
auditconfig |
Adds Trusted Extensions policies. |
|
auditd |
Works as in Solaris OS. |
|
auditreduce |
Adds -l option. |
|
auditstat |
Works as in Solaris OS. |
|
automount |
Extended to automount home directories in labeled zones. |
|
automountd |
Works as in Solaris OS. |
|
autopush |
Works as in Solaris OS. |
|
bootparamd |
Works as in Solaris OS. |
|
bsmconv, bsmunconv |
Works as in Solaris OS. |
|
chk_encodings |
Enhanced to check for CIPSO labels. Adds the -a option to provide a detailed report. |
|
chroot |
Works as in Solaris OS. |
|
coreadm |
Works as in Solaris OS. |
|
cron |
Works as in Solaris OS. |
|
devfsadm |
Works as in Solaris OS. |
|
devfsadmd |
Works as in Solaris OS. |
|
device_clean |
Has new options. Change in man page section. |
|
devpolicy |
Works as in Solaris OS. |
|
dfmounts |
Works as in Solaris OS. |
|
dfshares |
Works as in Solaris OS. |
|
dispadmin |
Works as in Solaris OS. |
|
dminfo |
Works as in Solaris OS. |
|
dl_booting |
None |
Removed in Solaris OS. |
dl_restore |
None |
Removed in Solaris OS. |
drvconfig |
Works as in Solaris OS. |
|
eeprom |
Works as in Solaris OS. |
|
format |
Works as in Solaris OS. |
|
fsdb_ufs |
Works as in Solaris OS. |
|
ftpd |
Works as in Solaris OS. |
|
fuser |
Works as in Solaris OS. |
|
getfsattr, getfsattr_ufs |
None |
File system attributes have been removed. |
halt |
Works as in Solaris OS. |
|
hextoalabel |
CMW support removed. |
|
ifconfig |
Adds all-zones flag. |
|
in.ftpd |
Works as in Solaris OS. |
|
in.named |
None |
Removed in Solaris OS. |
in.rarpd |
Works as in Solaris OS. |
|
in.rdisc |
Works as in Solaris OS. |
|
in.rexecd |
Works as in Solaris OS. |
|
in.rlogind |
Works as in Solaris OS. |
|
in.routed |
Works as in Solaris OS. |
|
in.rshd |
Works as in Solaris OS. |
|
in.tftpd |
Works as in Solaris OS. |
|
inetd |
Works as in Solaris OS. |
|
init |
Works as in Solaris OS. |
|
init.wbem |
Works as in Solaris OS. |
|
install |
Works as in Solaris OS. |
|
ipsecconf |
Works as in Solaris OS. |
|
ipseckey |
Works as in Solaris OS. |
|
lockd |
Works as in Solaris OS. |
|
lpadmin |
Caller must dominate to view, be equal to change a job. |
|
lpfilter |
Works as in Solaris OS. |
|
lpforms |
Works as in Solaris OS. |
|
lpmove |
Caller must be equal to move a job. |
|
lpsched |
Caller must dominate to view, be equal to change the print service. |
|
lpshut |
Works as in Solaris OS. |
|
lpsystem |
Works as in Solaris OS. |
|
lpusers |
Works as in Solaris OS. |
|
mkdevalloc |
Works as in Solaris OS. |
|
mkdevdb |
None |
Removed. |
mkdevmaps |
Works as in Solaris OS. |
|
modload, modunload |
Works as in Solaris OS. |
|
mount |
Works as in Solaris OS. |
|
mount_hsfs |
Works as in Solaris OS. |
|
mount_nfs |
Works as in Solaris OS. |
|
mount_pcfs |
Works as in Solaris OS. |
|
mount_tmpfs |
Works as in Solaris OS. |
|
mount_ufs |
Works as in Solaris OS. |
|
mountall |
Works as in Solaris OS. |
|
mountd |
Works as in Solaris OS. |
|
named |
Works as in Solaris OS. |
|
netstat |
Adds -R option. |
|
newsecfs |
None |
File system attributes have been removed. |
nfsd |
Works as in Solaris OS. |
|
nfsstat |
Works as in Solaris OS. |
|
All NIS+ commands: nis_cachemgr, nisclient, nisd, nisd_resolv, nispasswdd, nispopulate, nissetup, nslookup |
None |
NIS+ is no longer a supported naming service for Solaris Trusted Extensions software. |
nscd |
Works as in Solaris OS. |
|
pbind |
Works as in Solaris OS. |
|
pkgchk |
Works as in Solaris OS. |
|
poweroff |
Works as in Solaris OS. |
|
praudit |
Works as in Solaris OS. |
|
prtconf |
Works as in Solaris OS. |
|
psradm |
Works as in Solaris OS. |
|
rarp |
Works as in Solaris OS. |
|
rdate |
Works as in Solaris OS. |
|
rdisc |
Works as in Solaris OS. |
|
reboot |
Works as in Solaris OS. |
|
reject |
Works as in Solaris OS. |
|
rem_drv |
Works as in Solaris OS. |
|
remove_allocatable |
Has new options. |
|
rexecd |
Works as in Solaris OS. |
|
rlogind |
Works as in Solaris OS. |
|
rmmount |
Works as in Solaris OS. |
|
route |
Adds -secattr option. |
|
routed |
Works as in Solaris OS. |
|
rpc.bootparamd |
Works as in Solaris OS. |
|
rpc.getpeerinfod |
Replaced with Solaris OS function. |
|
rpc.nisd |
None |
NIS+ is no longer a supported naming service for Solaris Trusted Extensions software. |
rpc.nisd_resolv |
None |
No longer supported. |
rpc.nispasswdd |
None |
No longer supported. |
rpc.tbootparamd |
None |
No longer needed. |
rpc.yppasswdd |
Works as in Solaris OS. |
|
rpc.ypupdated |
Works as in Solaris OS. |
|
rpcbind |
Works as in Solaris OS. |
|
rpcinfo |
Works as in Solaris OS. |
|
rshd |
Works as in Solaris OS. |
|
runpd |
Use ppriv -d command. |
|
rwall |
Works as in Solaris OS. |
|
sendmail |
Works as in Solaris OS. |
|
setaudit |
Use the -setaudit option. |
|
setfsattr |
None |
File system attributes have been removed. |
setuname |
Works as in Solaris OS. |
|
share |
Works as in Solaris OS. |
|
share_nfs |
Works as in Solaris OS. |
|
shareall |
Works as in Solaris OS. |
|
showmount |
Works as in Solaris OS. |
|
smc |
Works as in Solaris OS. |
|
smcron |
Works as in Solaris OS. |
|
smexec |
Extended to support Trusted Extensions toolboxes and CDE actions. |
|
smgroup |
Works as in Solaris OS. |
|
smhost |
|
Removed. |
smmaillist |
Works as in Solaris OS. |
|
smmultiuser |
Works as in Solaris OS. |
|
smnetidb |
Changed to work with current security architecture. |
|
smnettmpl |
Changed to work with current security architecture. |
|
smnetwork |
Changed to work with current security architecture. |
|
smprofile |
Works as in Solaris OS. |
|
smrole |
Extended to support label information and Trusted Extensions toolboxes. |
|
smuser |
Extended to support label information and Trusted Extensions toolboxes. |
|
snoop |
Works as in Solaris OS. |
|
spray |
Works as in Solaris OS. |
|
statd |
Works as in Solaris OS. |
|
su |
Works as in Solaris OS. |
|
swap |
Works as in Solaris OS. |
|
sysdef |
Works as in Solaris OS. |
|
sysh |
Use the Solaris 10 service management framework. |
|
tbootparam |
None |
No longer needed. |
telinit |
Works as in Solaris OS. |
|
tftpd |
Works as in Solaris OS. |
|
tnchkdb |
Has new options. |
|
tnctl |
Has new options. Is now managed by the service management framework. |
|
tnd |
Has new options. Is now managed by the service management framework. |
|
tninfo |
Has new options. |
|
tokmapctl |
None |
TSIX functionality has been removed. |
tokmapd |
None |
TSIX functionality has been removed. |
uadmin |
Works as in Solaris OS. |
|
umount |
Works as in Solaris OS. |
|
umountall |
Works as in Solaris OS. |
|
unshare |
Works as in Solaris OS. |
|
unshare_nfs |
Works as in Solaris OS. |
|
unshareall |
Works as in Solaris OS. |
|
updatehome |
No change. |
|
writeaudit |
None |
Use Solaris OS audit interfaces. |
ypbind |
Works as in Solaris OS. |
|
yppasswdd |
Works as in Solaris OS. |
|
ypserv |
Works as in Solaris OS. |
|
ypupdated |
Works as in Solaris OS. |
|
ypxfr |
Works as in Solaris OS. |
|
ypxfr_1perday |
Works as in Solaris OS. |
|
ypxfr_1perhour |
Works as in Solaris OS. |
|
ypxfrd |
Works as in Solaris OS. |
Table 5 System Call Correspondences Between the Trusted Solaris 8 and Solaris Trusted Extensions Releases
Trusted Solaris 8 System Call |
Current Man Page |
Note |
---|---|---|
access() |
Works as in Solaris OS. |
|
acct() |
Remains unsupported. |
|
acl() |
Works as in Solaris OS. |
|
adjtime() |
Works as in Solaris OS. |
|
audit() |
Works as in Solaris OS. |
|
auditon() |
Adds Trusted Extensions policies. |
|
auditsvc() |
None |
No longer a public interface. |
chdir() |
Works as in Solaris OS. |
|
chmod() |
Works as in Solaris OS. |
|
chown() |
Works as in Solaris OS. |
|
chroot() |
Works as in Solaris OS. |
|
chstate() |
None |
Removed from Solaris OS. |
creat() |
Works as in Solaris OS. |
|
devpolicy() |
None |
No longer needed. |
exec(), execl(), execle(), execlp(), execv(), execve(), execvp() |
Works as in Solaris OS. |
|
facl() |
Works as in Solaris OS. |
|
fchdir() |
Works as in Solaris OS. |
|
fchmod() |
Works as in Solaris OS. |
|
fchown() |
Works as in Solaris OS. |
|
fchroot() |
Works as in Solaris OS. |
|
fgetcmwfsrange() |
None |
File systems no longer have attributes. |
fgetcmwlabel() |
Replaced. |
|
fgetfattrflag() |
None |
Files no longer have flags. |
fgetfpriv() |
None |
Files no longer have forced privileges. |
fgetfsattr() |
None |
File systems no longer have attributes. |
fgetmldadorn() |
None |
Files are no longer adorned. |
fgetsldname() |
None |
MLDs and SLDs are removed. |
fork(), fork1() |
Works as in Solaris OS. |
|
fpathconf() |
Works as in Solaris OS. |
|
fsetcmwlabel() |
None |
Files no longer have attributes. |
fsetfattrflag() |
None |
Files no longer have flags. |
fsetfpriv() |
None |
Files no longer have forced privileges. |
fstat() |
Works as in Solaris OS. |
|
fstatvfs() |
Works as in Solaris OS. |
|
getaudit(), getaudit_addr() |
Works as in Solaris OS. |
|
getauid() |
Works as in Solaris OS. |
|
getclearance() |
None |
In Solaris Trusted Extensions software, the process clearance is the same as the label. |
getcmwfsrange() |
None |
File systems no longer have attributes. |
getcmwlabel() |
Replaced. |
|
getcmwplabel() |
Process label is zone's label. |
|
getdents() |
Works as in Solaris OS. |
|
getfattrflag() |
None |
Files no longer have flags. |
getfpriv() |
None |
Files no longer have forced privileges. |
getfsattr() |
None |
File systems no longer have attributes. |
getgroups() |
Works as in Solaris OS. |
|
getmldadorn() |
None |
Files are no longer adorned. |
getmsgqcmwlabel() |
None |
No longer needed. |
getpattr() |
Returns a different set of flags. |
|
getpgid(), getpgrp(), getpid(), getppid() |
Works as in Solaris OS. |
|
getppriv() |
Works as in Solaris OS. |
|
getrlimit() |
Works as in Solaris OS. |
|
getsemcmwlabel() |
None |
No longer needed. |
getshmcmwlabel() |
None |
No longer needed. |
getsid() |
Works as in Solaris OS. |
|
getsldname() |
getzonerootbyid(3TSOL), getzonerootbylabel(3TSOL), getzonerootbyname(3TSOL) |
MLDs and SLDs are replaced by zone root paths. |
kill() |
Works as in Solaris OS. |
|
lchown() |
Works as in Solaris OS. |
|
lgetcmwlabel() |
None |
Files no longer have attributes. |
link() |
Works as in Solaris OS. |
|
llseek() |
Works as in Solaris OS. |
|
lseek() |
Works as in Solaris OS. |
|
lsetcmwlabel() |
None |
Files no longer have attributes. |
lstat() |
Works as in Solaris OS. |
|
mkdir() |
Works as in Solaris OS. |
|
mknod() |
Works as in Solaris OS. |
|
mldgetfattrflag() |
None |
Files no longer have flags. |
mldsetfattrflag() |
None |
Files no longer have flags. |
mount() |
Works as in Solaris OS. |
|
msgctl() |
Works as in Solaris OS. |
|
msgget() |
Works as in Solaris OS. |
|
msggetl() |
None |
No longer needed. |
msgrcv() |
Works as in Solaris OS. |
|
msgsnd() |
Works as in Solaris OS. |
|
nice() |
Works as in Solaris OS. |
|
open() |
Works as in Solaris OS. |
|
p_online() |
Works as in Solaris OS. |
|
pathconf() |
Works as in Solaris OS. |
|
pread() |
Works as in Solaris OS. |
|
preadl() |
None |
No longer needed. |
priocntl() |
Works as in Solaris OS. |
|
priocntlset() |
Works as in Solaris OS. |
|
processor_bind() |
Works as in Solaris OS. |
|
pwrite() |
Works as in Solaris OS. |
|
pwritel() |
None |
No longer needed. |
read() |
Works as in Solaris OS. |
|
readl() |
None |
Removed. |
readlink() |
Works as in Solaris OS. |
|
readv() |
Works as in Solaris OS. |
|
readvl() |
None |
No longer needed. |
rename() |
Works as in Solaris OS. |
|
rmdir() |
Works as in Solaris OS. |
|
secconf() |
None |
Removed. |
semctl() |
Works as in Solaris OS. |
|
semget() |
Works as in Solaris OS. |
|
semgetl() |
None |
No longer needed. |
semop(), semtimedop() |
Works as in Solaris OS. |
|
setaudit(), setaudit_addr() |
Works as in Solaris OS. |
|
setauid() |
Works as in Solaris OS. |
|
setclearance() |
None |
In Trusted Extensions, the process clearance is the same as the label. |
setcmwlabel() |
Replaced with a library call. |
|
setcmwplabel() |
None |
Files no longer have attributes. |
setegid(), seteuid() |
Works as in Solaris OS. |
|
setfattrflag() |
None |
Files no longer have flags. |
setfpriv() |
None |
Files no longer have forced privileges. |
setgid() |
Works as in Solaris OS. |
|
setgroups() |
Works as in Solaris OS. |
|
setpattr() |
Can set Trusted Extensions set of flags. |
|
setppriv() |
Works as in Solaris OS. |
|
setregid() |
Works as in Solaris OS. |
|
setreuid() |
Works as in Solaris OS. |
|
setrlimit() |
Works as in Solaris OS. |
|
setuid() |
Works as in Solaris OS. |
|
shmat() |
Works as in Solaris OS. |
|
shmctl() |
Works as in Solaris OS. |
|
shmdt() |
Works as in Solaris OS. |
|
shmget() |
Works as in Solaris OS. |
|
shmgetl() |
None |
No longer needed. |
shmop() |
Works as in Solaris OS. |
|
sigsend(), sigsendset() |
Works as in Solaris OS. |
|
stat() |
Works as in Solaris OS. |
|
statvfs() |
Works as in Solaris OS. |
|
stime() |
Works as in Solaris OS. |
|
swapctl() |
Works as in Solaris OS. |
|
symlink() |
Works as in Solaris OS. |
|
sysinfo() |
Works as in Solaris OS. |
|
tokmapper() |
None |
TSIX functionality has been removed. |
uadmin() |
Works as in Solaris OS. |
|
ulimit() |
Works as in Solaris OS. |
|
umount(), umount2() |
Works as in Solaris OS. |
|
unlink() |
Works as in Solaris OS. |
|
utimes() |
Works as in Solaris OS. |
|
vfork() |
Works as in Solaris OS. |
|
write() |
Works as in Solaris OS. |
|
writel() |
None |
No longer needed. |
writev() |
Works as in Solaris OS. |
|
writevl() |
None |
No longer needed. |
Table 6 Library Function Correspondences Between the Trusted Solaris 8 and Solaris Trusted Extensions Releases
Trusted Solaris 8 Function |
Current Man Page |
Note |
---|---|---|
au_preselect() |
Works as in Solaris OS. |
|
au_user_mask() |
Works as in Solaris OS. |
|
endac() |
Works as in Solaris OS. |
|
endauclass() |
Works as in Solaris OS. |
|
endauevent() |
Works as in Solaris OS. |
|
endauuser() |
Works as in Solaris OS. |
|
getacdir(), getacflg(), getacinfo(), getacmin(), getacna() |
Works as in Solaris OS. |
|
getauclassent(), getauclassent_r(), getauclassnam(), getauclassnam_r() |
Works as in Solaris OS. |
|
getauditflags(), getauditflagsbin(), getauditflagschar() |
Works as in Solaris OS. |
|
getauevent(), getauevent_r(), getauevnam(), getauevnam_r(), getauevnonam(), getauevnum(), getauevnum_r() |
Works as in Solaris OS. |
|
getauuserent(), getauusernam() |
Works as in Solaris OS. |
|
getfauditflags() |
Works as in Solaris OS. |
|
setac() |
Works as in Solaris OS. |
|
setauclass() |
Works as in Solaris OS. |
|
setauevent() |
Works as in Solaris OS. |
|
setauuser() |
Works as in Solaris OS. |
|
endutent() |
Works as in Solaris OS. |
|
endutxent() |
Works as in Solaris OS. |
|
ftw() |
Works as in Solaris OS. |
|
getutent(), getutid(), getutline() |
Works as in Solaris OS. |
|
getutmp(), getutmpx(), getutxent() getutxid(), getutxline() |
Works as in Solaris OS. |
|
grantpt() |
Works as in Solaris OS. |
|
initgroups() |
Works as in Solaris OS. |
|
mlock() |
Works as in Solaris OS. |
|
mlockall() |
Works as in Solaris OS. |
|
nftw() |
Works as in Solaris OS. |
|
plock() |
Works as in Solaris OS. |
|
pututline() |
Works as in Solaris OS. |
|
pututxline() |
Works as in Solaris OS. |
|
setutent() |
Works as in Solaris OS. |
|
setutxent() |
Works as in Solaris OS. |
|
updwtmp(), updwtmpx() |
Works as in Solaris OS. |
|
utmpname() |
Works as in Solaris OS. |
|
utmpxname() |
Works as in Solaris OS. |
|
door_create() |
Works as in Solaris OS. |
|
door_tcred() |
Works as in Solaris OS. |
|
kstat_read(), kstat_write() |
Works as in Solaris OS. |
|
clnt_call() |
Works as in Solaris OS. |
|
clnt_control(), clnt_create(), clnt_create_timed(), clnt_create_vers(), clnt_create_vers_timed(), clnt_destroy(), clnt_dg_create() |
Works as in Solaris OS. |
|
clnt_freeres(), clnt_geterr() |
Works as in Solaris OS. |
|
clnt_pcreateerror() |
Works as in Solaris OS. |
|
clnt_perrno(), clnt_perror() |
Works as in Solaris OS. |
|
clnt_raw_create(), clnt_spcreateerror() |
Works as in Solaris OS. |
|
clnt_sperrno(), clnt_sperror() |
Works as in Solaris OS. |
|
clnt_tli_create(), clnt_tp_create(), clnt_tp_create_timed(), clnt_vc_create() |
Works as in Solaris OS. |
|
libt6() |
ucred_getlabel() reads the socket label. setsockopt() with SO_MAC_EXEMPT option enables labeled communication. |
|
NIS+ functions: nis_add(), nis_add_entry(), nis_addmember(), nis_checkpoint(), nis_creategroup(), nis_destroygroup(), nis_first_entry(), nis_freeresult(), nis_freeservlist(), nis_freetags(), nis_getservlist(), nis_groups(), nis_ismember(), nis_list(), nis_lookup() nis_mkdir() nis_modify(), nis_modify_entry(), nis_names(), nis_next_entry(), nis_ping(), nis_print_group_entry(), nis_remove(), nis_remove_entry(), nis_removemember(), nis_rmdir(), nis_server(), nis_servstate(), nis_stats(), nis_tables(), nis_verifygroup() |
None |
NIS+ is no longer a supported naming service. |
rpc() |
Works as in Solaris OS. |
|
rpc_broadcast(), rpc_broadcast_exp(), rpc_call(), rpc_clnt_calls() |
Works as in Solaris OS. |
|
rpc_clnt_create(), rpc_createerr() |
Works as in Solaris OS. |
|
rpc_reg() |
Works as in Solaris OS. |
|
rpc_svc_calls() |
Works as in Solaris OS. |
|
rpc_svc_create() |
Works as in Solaris OS. |
|
rpc_svc_reg() |
Works as in Solaris OS. |
|
rpcb_getaddr() |
Works as in Solaris OS. |
|
rpcb_getallmaps() |
None | |
rpcb_getmaps(), rpcb_gettime(), rpcb_rmtcall(), rpcb_set(), rpcb_unset(), rpcbind() |
Works as in Solaris OS. |
|
svc_auth_reg() |
Works as in Solaris OS. |
|
svc_control(), svc_create(), svc_destroy(), svc_dg_create() |
Works as in Solaris OS. |
|
svc_dg_enablecache(), svc_done(), svc_exit() |
Works as in Solaris OS. |
|
svc_fd_create() |
Works as in Solaris OS. |
|
svc_fdset(), svc_freeargs(), svc_getargs(), svc_getreq_common(), svc_getreq_poll(), svc_getreqset(), svc_getrpccaller(), svc_max_pollfd(), svc_pollfd() |
Works as in Solaris OS. |
|
svc_raw_create() |
Works as in Solaris OS. |
|
svc_reg() |
Works as in Solaris OS. |
|
svc_run(), svc_sendreply() |
Works as in Solaris OS. |
|
svc_tli_create(), svc_tp_create() |
Works as in Solaris OS. |
|
svc_unreg() |
Works as in Solaris OS. |
|
svc_vc_create() |
Works as in Solaris OS. |
|
T6 functions: t6alloc_blk(), t6attr_query(), t6clear_blk(), t6cmp_blk(), t6copy_blk(), t6dup_blk(), t6ext_attr(), t6free_blk(), t6get_attr(), t6get_endpt_default(), t6get_endpt_mask(), t6last_attr(), t6new_attr(), t6peek_attr(), t6recvfrom(), t6sendto(), t6set_attr(), t6set_endpt_default(), t6set_endpt_mask(), t6size_attr() |
Replaced with ucred_getlabel(), getsockopt(), and setsockopt(). |
|
t_accept() |
Works as in Solaris OS. |
|
t_bind() |
Works as in Solaris OS. |
|
t_optmgmt() |
Works as in Solaris OS. |
|
t_snd() |
Works as in Solaris OS. |
|
t_sndudata() |
Works as in Solaris OS. |
|
xprt_register(), xprt_unregister() |
Works as in Solaris OS. |
|
dn_comp(), dn_expand(), fp_resstat(), herror(), hstrerror(), res_hostalias(), res_init(), res_mkquery(), res_nclose(), res_ninit(), res_nmkquery(), res_npquery(), res_nquery(), res_nquerydomain(), res_nsearch(), res_nsend(), res_nsendsigned(), res_query(), res_search(), res_send(), resolver() |
Works as in Solaris OS. |
|
clock_getres(), clock_gettime(), clock_settime() |
Works as in Solaris OS. |
|
accept() |
Works as in Solaris OS. |
|
bind() |
Works as in Solaris OS. |
|
getsockopt() |
Adds SO_MAC_EXEMPT option. |
|
listen() |
Works as in Solaris OS. |
|
send(), sendmsg(), sendto() |
Works as in Solaris OS. |
|
setsockopt() |
Adds SO_MAC_EXEMPT option. |
|
socket() |
Works as in Solaris OS. |
Table 7 TSOL Library Function Correspondences Between the Trusted Solaris 8 and Solaris Trusted Extensions Releases
Trusted Solaris 8 Function |
Current Man Page |
Note |
---|---|---|
Xbcleartos() |
Obsolete. |
|
Xbcltos() |
None |
CMW support removed. |
Xbsltos() |
|
|
adornfc() |
None |
Files are no longer adorned. |
auditwrite() |
None |
Use the Solaris OS audit functions. This function is now private. |
aw_errno(), aw_geterrno(), aw_perror(), aw_perror_r(), aw_strerror() |
None |
auditwrite() is now private. Use the au* equivalents. |
bclearhigh(), bclearlow() |
Removed. |
|
bcleartoh(), bcleartoh_r(), bcleartos() |
Obsolete. Label interfaces are now opaque. |
|
bclearundef(), bclearvalid() |
None |
Removed. |
| ||
bclhigh(), bcllow() |
None |
CMW support removed. |
bcltobanner() |
Removed. Use new label translation functions. |
|
bcltoh(), bcltoh_r() |
None |
CMW support removed. |
bcltos(), bcltosl() |
None |
CMW support removed. |
bclundef() |
None |
CMW support removed. |
blcompare(), bldominates(), blequal(), blinrange() |
No change. |
|
blinset(), blmanifest() |
None |
Removed. |
blmaximum(), blminimum(), blminmax() |
No change. |
|
blportion() |
None |
CMW support removed. |
blstrictdom() |
No change. |
|
bltocolor(), bltocolor_r() |
Obsolete. Label interfaces are now opaque. |
|
bltype(), blvalid() |
None |
Removed. |
bslhigh(), bsllow() |
Replaced. |
|
bsltoh(), bsltoh_r(), bsltos() |
Obsolete. Label interfaces are now opaque. |
|
bslundef(), bslvalid() |
None |
Removed. |
btohex() |
Obsolete. Label interfaces are now opaque. |
|
get_priv_text() |
Replaced with Solaris function. |
|
getcsl() |
None |
CMW support removed. |
getpeerinfo() |
Replaced with Solaris function. |
|
getvfsaent(), getvfsafile() |
None |
vfstab_adjunct file has been removed. |
h_alloc(), h_free() |
Obsolete. Label interfaces are now opaque. |
|
hextob(), htobclear(), htobsl() |
Obsolete. Label interfaces are now opaque. |
|
htobcl() |
None |
CMW support removed. |
labelbuilder() |
IL and CMW modes removed. |
|
labelclipping() |
IL and CMW modes removed. |
|
labelinfo() |
|
Removed. |
labelvers() |
|
Removed. |
mldgetcwd() |
None |
No MLDs. |
mldlstat() |
None |
No MLDs. |
mldrealpath() |
None |
No MLDs. |
mldrealpathl() |
Changed, and name changed to reflect new architecture. |
|
mldstat() |
None |
No MLDs. |
priv_set_to_str(), priv_to_str() |
Replaced with Solaris functions. |
|
randomword() |
None |
No longer supported. |
sbcltos() |
None |
CMW support removed. |
sbcleartos(), sbltos(), sbsltos() |
Obsolete. Label interfaces are now opaque. |
|
set_effective_priv(), set_inheritable_priv(), set_permitted_priv() |
None |
Use Solaris OS privilege interfaces. |
setbltype() |
None |
Removed. |
setcsl(), stobcl() |
None |
CMW support removed. |
stobclear(), stobl(), stobsl() |
Obsolete. Label interfaces are now opaque. |
|
str_to_priv(), str_to_priv_set() |
None |
Privileges are already strings. |
tsol_lbuild_create(), tsol_lbuild_destroy(), tsol_lbuild_get(), tsol_lbuild_set() |
IL and CMW modes removed. |
The include file for the XTSOL library functions has been moved. Also, the man pages are now in the default $MANPATH directory.
Table 8 XTSOL Library Function Correspondences Between the Trusted Solaris 8 and Solaris Trusted Extensions Releases
Trusted Solaris 8 Function |
Current Man Page |
Note |
---|---|---|
XTSOLMakeTPWindow() |
See preceding paragraph for changes common to all functions. |
|
XTSOLShutdown() |
None |
Removed. |
XTSOLgetClientAttributes() |
|
|
XTSOLgetPropAttributes() |
|
|
XTSOLgetPropLabel() |
Acts on sensitivity label. |
|
XTSOLgetPropUID() |
|
|
XTSOLgetResAttributes() |
|
|
XTSOLgetResLabel() |
Acts on sensitivity label. |
|
XTSOLgetResUID() |
|
|
XTSOLgetWorkstationOwner() |
|
|
XTSOLsetPropLabel() |
Acts on sensitivity label. |
|
XTSOLsetPropUID() |
|
|
XTSOLsetResLabel() |
Acts on sensitivity label. |
|
XTSOLsetResUID() |
|
|
XTSOLsetSessionHI() |
|
|
XTSOLsetSessionLO() |
|
|
XTSOLsetWorkstationOwner() |
|
|
XTSOLIsWindowTrusted() |
|
|
XTSOLgetSSHeight() |
|
|
XTSOLsetSSHeight() |
|
|
XTSOLsetPolyInstInfo() |
|
Table 9 Man Page Section 4 Correspondences Between the Trusted Solaris 8 and Solaris Trusted Extensions Releases
Trusted Solaris 8 File |
Current Man Page |
Note |
---|---|---|
audit.log |
Works as in Solaris OS. |
|
audit_class |
Trusted Extensions changes the X audit class masks. |
|
audit_control |
Works as in Solaris OS. |
|
audit_data |
Works as in Solaris OS. |
|
audit_event |
Works as in Solaris OS. |
|
audit_user |
Works as in Solaris OS. |
|
config.privs |
Replaced. |
|
device_allocate |
None |
The Device Allocation Manager is used to make changes to the device databases. |
device_maps |
Works as in Solaris OS. |
|
device_policy |
None |
No longer needed. |
exec_attr |
Style of entries are changed. Trusted Extensions uses the solaris policy keyword. |
|
fbtab |
Works as in Solaris OS. |
|
inetd.conf |
Works as in Solaris OS. |
|
inittab |
Works as in Solaris OS. |
|
label_encodings |
No change. Trusted Extensions installs a different default encodings file. |
|
logindevperm |
Remains unsupported. |
|
mnttab |
Works as in Solaris OS. |
|
nca.if |
Remains unsupported. |
|
nsswitch.conf |
Works as in Solaris OS. |
|
policy.conf |
Works as in Solaris OS. |
|
priv_desc, priv_name |
Use privileges interface. |
|
proc |
Works as in Solaris OS. |
|
resolv.conf |
Works as in Solaris OS. |
|
rmtab |
Works as in Solaris OS. |
|
sel_config |
Replaced. |
|
shadow |
Works as in Solaris OS. |
|
sharetab |
Works as in Solaris OS. |
|
tndlog |
None |
Removed. |
tnidb |
None |
Removed. |
tnrhdb |
Same format. |
|
tnrhtp |
Different format, two templates defined. |
|
tsolgateways |
None |
Use the Solaris static routing mechanism. |
tsolinfo |
None |
Special packaging utilities are no longer required. |
user_attr |
Trusted Extensions adds the idlecmd, idletime, clearance, labelview, and min_label keywords. |
|
vfstab |
Works as in Solaris OS. |
|
vfstab_adjunct |
None |
File systems no longer have attributes. |
Table 10 Man Page Section 5 Correspondences Between the Trusted Solaris 8 and Solaris Trusted Extensions Releases
Trusted Solaris 8 Interface |
Current Man Page |
Note |
---|---|---|
pam_tp_auth |
None |
Removed. |
pam_tsol |
Trusted Extensions provides an authentication module only. |
|
pam_unix |
None |
Replaced in Solaris OS. See pam(3PAM). |
priv_macros, PRIV_ASSERT, PRIV_CLEAR, PRIV_EMPTY, PRIV_EQUAL, PRIV_FILL, PRIV_INTERSECT, PRIV_INVERSE, PRIV_ISASSERT, PRIV_ISEMPTY, PRIV_ISFULL, PRIV_ISSUBSET, PRIV_TEST, PRIV_UNION, PRIV_XOR |
None |
Use the Solaris privilege interfaces, as described in Privileges in Trusted Extensions. See also Privileges (Overview) in System Administration Guide: Security Services. |
device_clean |
Has new options. Changed man page section. |
Table 11 Device and Driver Interface Correspondences Between the Trusted Solaris 8 and Solaris Trusted Extensions Releases
Trusted Solaris 8 Device or Driver Interface |
Current Man Page |
Note |
---|---|---|
sad() |
Works as in Solaris OS. |
|
wscons() |
Works as in Solaris OS. |
|
kb() |
Works as in Solaris OS. |
|
copyb() |
Works as in Solaris OS. |
|
copymsg() |
Works as in Solaris OS. |
|
dupb() |
Works as in Solaris OS. |
|
dupmsg() |
Works as in Solaris OS. |
|
insq() |
Works as in Solaris OS. |
|
kstat_create() |
Works as in Solaris OS. |
|
linkb() |
Works as in Solaris OS. |
|
msgpullup() |
Works as in Solaris OS. |
|
put() |
Works as in Solaris OS. |
|
putctl() |
Works as in Solaris OS. |
|
putctl1() |
Works as in Solaris OS. |
|
putnext() |
Works as in Solaris OS. |
|
putnextctl() |
Works as in Solaris OS. |
|
putnextctl1() |
Works as in Solaris OS. |
|
putq() |
Works as in Solaris OS. |
|
tsol_get_strattr(), tsol_set_strattr() |
None |
Removed. |