Skip Navigation Links | |
Exit Print View | |
Oracle Solaris Trusted Extensions Configuration and Administration Oracle Solaris 11 Express 11/10 |
Part I Initial Configuration of Trusted Extensions
1. Security Planning for Trusted Extensions
2. Configuration Roadmap for Trusted Extensions
3. Adding Trusted Extensions Software to the Oracle Solaris OS (Tasks)
Initial Setup Team Responsibilities
Preparing the Oracle Solaris OS and Adding Trusted Extensions
Install an Oracle Solaris System Securely
Prepare an Installed Oracle Solaris System for Trusted Extensions
Add Trusted Extensions Packages to an Oracle Solaris System
Collecting Information and Making Decisions Before Enabling Trusted Extensions
Collect System Information Before Enabling Trusted Extensions
Secure System Hardware and Make Security Decisions Before Enabling Trusted Extensions
4. Configuring Trusted Extensions (Tasks)
5. Configuring LDAP for Trusted Extensions (Tasks)
6. Configuring a Headless System With Trusted Extensions (Tasks)
Part II Administration of Trusted Extensions
7. Trusted Extensions Administration Concepts
8. Trusted Extensions Administration Tools
9. Getting Started as a Trusted Extensions Administrator (Tasks)
10. Security Requirements on a Trusted Extensions System (Overview)
11. Administering Security Requirements in Trusted Extensions (Tasks)
12. Users, Rights, and Roles in Trusted Extensions (Overview)
13. Managing Users, Rights, and Roles in Trusted Extensions (Tasks)
14. Remote Administration in Trusted Extensions (Tasks)
15. Trusted Extensions and LDAP (Overview)
16. Managing Zones in Trusted Extensions (Tasks)
17. Managing and Mounting Files in Trusted Extensions (Tasks)
18. Trusted Networking (Overview)
19. Managing Networks in Trusted Extensions (Tasks)
20. Multilevel Mail in Trusted Extensions (Overview)
21. Managing Labeled Printing (Tasks)
22. Devices in Trusted Extensions (Overview)
23. Managing Devices for Trusted Extensions (Tasks)
24. Trusted Extensions Auditing (Overview)
25. Software Management in Trusted Extensions (Reference)
Creating and Managing a Security Policy
Site Security Policy and Trusted Extensions
Computer Security Recommendations
Physical Security Recommendations
Personnel Security Recommendations
Additional Security References
B. Configuration Checklist for Trusted Extensions
Checklist for Configuring Trusted Extensions
C. Quick Reference to Trusted Extensions Administration
Administrative Interfaces in Trusted Extensions
Oracle Solaris Interfaces Extended by Trusted Extensions
Tighter Security Defaults in Trusted Extensions
Limited Options in Trusted Extensions
D. List of Trusted Extensions Man Pages
Trusted Extensions Man Pages in Alphabetical Order
Oracle Solaris Man Pages That Are Modified by Trusted Extensions
In the Oracle Solaris OS, Trusted Extensions is a service that is managed by the service management facility (SMF). The name of the service is svc:/system/labeld:default. By default, the labeld service is disabled.
Note - Trusted Extensions systems can run with no network connections. You can use the standalone system, and later add the printers, gateways, and servers.
The labeld service attaches labels to communications endpoints. For example, the following are labeled:
All zones and the directories and files within each zone
All processes including window processes
All network communications
You have completed the tasks in Preparing the Oracle Solaris OS and Adding Trusted Extensions and Collecting Information and Making Decisions Before Enabling Trusted Extensions.
Caution - If you fail to move the panel, you might not be able to reach the desktop's main menu or panels when you log in to Trusted Extensions. |
# svcadm enable -s labeld
The labeld service adds labels to the system and starts the Oracle Solaris audit and device allocation services.
Caution - Do not perform other tasks on the system until the cursor returns to the prompt. |
# svcs -x labeld svc:/system/labeld:default (Trusted Extensions) State: online since weekday month date hour:minute:second year See: labeld(1M) Impact: None.
To perform any of these tasks, see Setting Up the Global Zone and Logging In to Trusted Extensions. You will reboot after these tasks are accomplished.