The choice of Oracle Solaris installation options can affect the use and security of Trusted Extensions:

To properly support Trusted Extensions, you must install the underlying Oracle Solaris OS securely. For Oracle Solaris installation choices that affect Trusted Extensions, see Install an Oracle Solaris System Securely.
If you have been using the Oracle Solaris OS, check your current configuration against the requirements for Trusted Extensions. For factors that affect Trusted Extensions, see Prepare an Installed Oracle Solaris System for Trusted Extensions.

Install an Oracle Solaris System Securely

This task applies to fresh installations of the Oracle Solaris OS. If you are upgrading, see Prepare an Installed Oracle Solaris System for Trusted Extensions.

When installing the Oracle Solaris OS, create a user account and the root role account.
In Trusted Extensions, you use the root role, or roles that you create, to configure the system.
When you first log in to the Oracle Solaris OS, assign a password to the root role account.
1. Open a terminal window.
2. Assume the root role.
  At the prompt, provide a password that is different from your user account password.
```
% su -
Your password has expired. Create a new password.
Enter new password: Type a password for root
Retype the password: Retype the root password
#
```

Prepare an Installed Oracle Solaris System for Trusted Extensions

This task applies to Oracle Solaris systems that have been in use, and on which you plan to run Trusted Extensions.

Trusted Extensions cannot be enabled in an alternate boot environment (BE). Trusted Extensions can only be enabled in the current boot environment.

If non-global zones are installed on your system, remove them.
The labeled brand is an exclusive brand of zones. Refer to the brands(5) and trusted_extensions(5) man pages.
If your system does not have a root password, create one.
Administration tools in Trusted Extensions require passwords. If the root role does not have a password, then root cannot configure the system.

Note - Users must not disclose their passwords to another person, as that person might then have access to the data of the user and will not be uniquely identified or accountable. Note that disclosure can be direct, through the user deliberately disclosing her/his password to another person, or indirect, for example, through writing it down, or choosing an insecure password. The Oracle Solaris OS provides protection against insecure passwords, but cannot prevent a user from disclosing her or his password, or from writing it down.

You must be assigned the Software Installation rights profile.

After logging in as the initial user, assume the root role in a terminal window.
```
% su -
Enter Password: Type root password
#
```
Download and install the Trusted Extensions package.
Use either the command line or the Package Manager GUI.
- In the terminal window, use the pkg install command.
```
$ pkg install trusted-extensions &
```
  To install trusted locales, specify the short name for the locale. For example, the following command installs the Japanese locale.
```
$ pkg install trusted/locale/ja &
```
- In the terminal window, start the Package Manager GUI.
```
$ packagemanager
```
  1. Select the Trusted Extensions packages.
    1. Show the categories in the Desktop (GNOME) category.
    2. Select the Trusted Extensions category.
    3. In the list of packages, click the checkbox for trusted-extensions.
    4. (Optional) In the list of packages, click the checkbox for any locales that you want to install.
  2. Click the Install/Update icon.

Skip Navigation Links
Exit Print View
	Oracle Solaris Trusted Extensions Configuration and Administration Oracle Solaris 11 Express 11/10