Skip Navigation Links | |
Exit Print View | |
Oracle Solaris Trusted Extensions Configuration and Administration Oracle Solaris 11 Express 11/10 |
Part I Initial Configuration of Trusted Extensions
1. Security Planning for Trusted Extensions
2. Configuration Roadmap for Trusted Extensions
3. Adding Trusted Extensions Software to the Oracle Solaris OS (Tasks)
Initial Setup Team Responsibilities
Preparing the Oracle Solaris OS and Adding Trusted Extensions
Install an Oracle Solaris System Securely
Prepare an Installed Oracle Solaris System for Trusted Extensions
Collecting Information and Making Decisions Before Enabling Trusted Extensions
Collect System Information Before Enabling Trusted Extensions
Secure System Hardware and Make Security Decisions Before Enabling Trusted Extensions
Enabling the Trusted Extensions Service
4. Configuring Trusted Extensions (Tasks)
5. Configuring LDAP for Trusted Extensions (Tasks)
6. Configuring a Headless System With Trusted Extensions (Tasks)
Part II Administration of Trusted Extensions
7. Trusted Extensions Administration Concepts
8. Trusted Extensions Administration Tools
9. Getting Started as a Trusted Extensions Administrator (Tasks)
10. Security Requirements on a Trusted Extensions System (Overview)
11. Administering Security Requirements in Trusted Extensions (Tasks)
12. Users, Rights, and Roles in Trusted Extensions (Overview)
13. Managing Users, Rights, and Roles in Trusted Extensions (Tasks)
14. Remote Administration in Trusted Extensions (Tasks)
15. Trusted Extensions and LDAP (Overview)
16. Managing Zones in Trusted Extensions (Tasks)
17. Managing and Mounting Files in Trusted Extensions (Tasks)
18. Trusted Networking (Overview)
19. Managing Networks in Trusted Extensions (Tasks)
20. Multilevel Mail in Trusted Extensions (Overview)
21. Managing Labeled Printing (Tasks)
22. Devices in Trusted Extensions (Overview)
23. Managing Devices for Trusted Extensions (Tasks)
24. Trusted Extensions Auditing (Overview)
25. Software Management in Trusted Extensions (Reference)
Creating and Managing a Security Policy
Site Security Policy and Trusted Extensions
Computer Security Recommendations
Physical Security Recommendations
Personnel Security Recommendations
Additional Security References
B. Configuration Checklist for Trusted Extensions
Checklist for Configuring Trusted Extensions
C. Quick Reference to Trusted Extensions Administration
Administrative Interfaces in Trusted Extensions
Oracle Solaris Interfaces Extended by Trusted Extensions
Tighter Security Defaults in Trusted Extensions
Limited Options in Trusted Extensions
D. List of Trusted Extensions Man Pages
Trusted Extensions Man Pages in Alphabetical Order
Oracle Solaris Man Pages That Are Modified by Trusted Extensions
The choice of Oracle Solaris installation options can affect the use and security of Trusted Extensions:
To properly support Trusted Extensions, you must install the underlying Oracle Solaris OS securely. For Oracle Solaris installation choices that affect Trusted Extensions, see Install an Oracle Solaris System Securely.
If you have been using the Oracle Solaris OS, check your current configuration against the requirements for Trusted Extensions. For factors that affect Trusted Extensions, see Prepare an Installed Oracle Solaris System for Trusted Extensions.
This task applies to fresh installations of the Oracle Solaris OS. If you are upgrading, see Prepare an Installed Oracle Solaris System for Trusted Extensions.
In Trusted Extensions, you use the root role, or roles that you create, to configure the system.
At the prompt, provide a password that is different from your user account password.
% su - Your password has expired. Create a new password. Enter new password: Type a password for root Retype the password: Retype the root password #
Continue with Add Trusted Extensions Packages to an Oracle Solaris System.
This task applies to Oracle Solaris systems that have been in use, and on which you plan to run Trusted Extensions.
Trusted Extensions cannot be enabled in an alternate boot environment (BE). Trusted Extensions can only be enabled in the current boot environment.
The labeled brand is an exclusive brand of zones. Refer to the brands(5) and trusted_extensions(5) man pages.
Administration tools in Trusted Extensions require passwords. If the root role does not have a password, then root cannot configure the system.
Note - Users must not disclose their passwords to another person, as that person might then have access to the data of the user and will not be uniquely identified or accountable. Note that disclosure can be direct, through the user deliberately disclosing her/his password to another person, or indirect, for example, through writing it down, or choosing an insecure password. The Oracle Solaris OS provides protection against insecure passwords, but cannot prevent a user from disclosing her or his password, or from writing it down.
Continue with Add Trusted Extensions Packages to an Oracle Solaris System.
You have completed either Prepare an Installed Oracle Solaris System for Trusted Extensions or Install an Oracle Solaris System Securely.
You must be assigned the Software Installation rights profile.
% su - Enter Password: Type root password #
Use either the command line or the Package Manager GUI.
$ pkg install trusted-extensions &
To install trusted locales, specify the short name for the locale. For example, the following command installs the Japanese locale.
$ pkg install trusted/locale/ja &
$ packagemanager