Skip Navigation Links | |
Exit Print View | |
Trusted Extensions Configuration Guide Oracle Solaris 10 8/11 Information Library |
1. Security Planning for Trusted Extensions
2. Configuration Roadmap for Trusted Extensions
3. Adding Trusted Extensions Software to the Oracle Solaris OS (Tasks)
Initial Setup Team Responsibilities
Installing or Upgrading the Oracle Solaris Operating System for Trusted Extensions
Install an Oracle Solaris System to Support Trusted Extensions
Prepare an Installed Oracle Solaris System for Trusted Extensions
Collecting Information and Making Decisions Before Enabling Trusted Extensions
Collect System Information Before Enabling Trusted Extensions
Make System and Security Decisions Before Enabling Trusted Extensions
4. Configuring Trusted Extensions (Tasks)
5. Configuring LDAP for Trusted Extensions (Tasks)
6. Configuring a Headless System With Trusted Extensions (Tasks)
B. Using CDE Actions to Install Zones in Trusted Extensions
Starting in the Solaris 10 5/08 release, Trusted Extensions is a service that is managed by the service management facility (SMF). The name of the service is svc:/system/labeld:default. By default, the labeld service is disabled.
The labeld service attaches labels to communications endpoints. For example, the following are labeled:
All zones and the directories and files within each zone
All processes including window processes
All network communications
Before You Begin
You have completed the tasks in Installing or Upgrading the Oracle Solaris Operating System for Trusted Extensions and Collecting Information and Making Decisions Before Enabling Trusted Extensions.
# svcadm enable -s svc:/system/labeld:default
The labeld service adds labels to the system and starts the auditing service and device allocation. Do not perform other tasks until the cursor returns to the prompt.
# svcs -x labeld svc:/system/labeld:default (Trusted Extensions) State: online since weekday month date hour:minute:second year See: labeld(1M) Impact: None.
Note - The labels do not appear until after you reboot the system. Setting Up the Global Zone in Trusted Extensions includes tasks that you might want to perform before rebooting.
Troubleshooting
The following message indicates that you are not running an Oracle Solaris release that supports Trusted Extensions as a service: svcs: Pattern 'labeld' doesn't match any instances.
To run Trusted Extensions on an Oracle Solaris system that does not support the labeld service, follow the instructions in the Solaris Trusted Extensions Installation and Configuration guide.