JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle Solaris Administration: Network Interfaces and Network Virtualization     Oracle Solaris 11 Express 11/10
search filter icon
search icon

Document Information


Part I Network Auto-Magic

1.  Introduction to NWAM

2.  NWAM Configuration and Administration (Overview)

Overview of NWAM Configuration

What Are Network Profiles?

Description of an NCP

Description of an NCU

Description of the Automatic and User NCPs

Description of a Location Profile

Description of an ENM

About Known WLANs

NWAM Configuration Data

NCU Property Values

Property Values of System-Defined Locations

How NWAM Profiles Are Activated

NCP Activation Policy

Example of an NCP Policy

NCU Activation Properties

Location Activation Selection Criteria

Using the nwamcfg Command to Configure Profiles

nwamcfg Interactive Mode

nwamcfg Command-Line Mode

nwamcfg Command-File Mode

nwamcfg Supported Subcommands

Using the nwamadm Command to Administer Profiles

Overview of the NWAM Daemons

Description of the NWAM Policy Engine Daemon (nwamd)

Description of the NWAM Repository Daemon (netcfgd)

SMF Network Services and the NWAM Process

Refresh and Restart Behavior of the NWAM Service

Overview of NWAM Security

Authorizations and Profiles That Are Related to NWAM

Authorizations That Are Required to Use the NWAM User Interfaces

3.  NWAM Profile Configuration (Tasks)

4.  NWAM Profile Administration (Tasks)

5.  About the NWAM Graphical User Interface

Part II Administering Single Interfaces

6.  Overview of the Networking Stack

7.  Datalink Configuration and Administration

8.  Configuring an IP Interface

9.  Configuring Wireless Interface Communications on Oracle Solaris

Part III Administering Interface Groups

10.  Administering Bridges

11.  Administering Link Aggregations

12.  Administering VLANs

13.  Introducing IPMP

14.  Administering IPMP

Part IV  Network Virtualization and Resource Management

15.  Introducing Network Virtualization and Resource Control (Overview)

16.  Planning for Network Virtualization and Resource Control

17.  Configuring Virtual Networks (Tasks)

18.  Using Link Protection in Virtualized Environments

19.  Managing Network Resources

20.  Monitoring Network Traffic and Resource Usage



Overview of NWAM Security

Security for NWAM is designed to encompass the following components:

The netcfgd daemon controls the repository where all of the network configuration is stored. The nwamcfg command, the NWAM GUI, and the nwamd daemon all send requests to thenetcfgd daemon to access the repository. These functional components make requests through the NWAM library, libnwam.

The nwamd daemon is the policy engine that receives system events, configures the network, and reads network configuration information. The NWAM GUI and the nwamcfg command are configuration tools that can be used to view and modify the network configuration. These components are also used to refresh the NWAM service when a new configuration needs to be applied to the system.

Authorizations and Profiles That Are Related to NWAM

In the current NWAM implementation, the authorization is split into more specific components:

These authorizations are registered in the auth_attr database. For more information, see the auth_attr(4) man page.

The initial NWAM implementation also introduced the Network Autoconf profile, which is assigned the authorization. There are now two profiles: Network Autoconf User and Network Autoconf Admin. The User profile has read, select, and wlan authorizations. The Admin profile adds the write authorization. The Network Autoconf User profile is assigned to the Console User profile. Therefore, by default, anyone who logged in to the console can view, enable, and disable profiles. Because the Console User is not assigned the authorization, this user cannot create or modify NCPs, NCUs, locations, or ENMs. However, the Console User can view, create, and modify WLANs.

Authorizations That Are Required to Use the NWAM User Interfaces

The NWAM command-line utilities, nwamcfg and nwamadm, can be used by anyone who has Console User privileges. These privileges are automatically assigned to any user who is logged in to the system from /dev/console. For more information about the privileges that are included in the Console User profile, see Console User Rights Profile in System Administration Guide: Security Services.

The NWAM GUI includes the following three components, which are not privileged. These components are granted authorizations, depending on how they are started and the tasks they need to perform:

You can obtain additional authorization in one of the following ways: