Creating Labeled Zones - Trusted Extensions Configuration and Administration

Trusted Extensions Configuration and Administration

Exit Print View

» ...Documentation Home » Oracle Solaris 11.2 Information Library » Trusted Extensions Configuration and ... » Initial Configuration of Trusted Extensions » Configuring Trusted Extensions » Creating Labeled Zones

Updated: July 2014

Trusted Extensions Configuration and Administration

Document Information

Using This Documentation

Part I Initial Configuration of Trusted Extensions

Chapter 1 Security Planning for Trusted Extensions

What's New in Trusted Extensions in Oracle Solaris 11.2

Planning for Security in Trusted Extensions

Results of Enabling Trusted Extensions From an Administrator's Perspective

Chapter 2 Configuration Roadmap for Trusted Extensions

Task Map: Preparing for and Enabling Trusted Extensions

Task Map: Choosing a Trusted Extensions Configuration

Task Map: Configuring Trusted Extensions With the Provided Defaults

Task Map: Configuring Trusted Extensions to Meet Your Site's Requirements

Chapter 3 Adding the Trusted Extensions Feature to Oracle Solaris

Initial Setup Team Responsibilities

Resolving Security Issues Before Installing Trusted Extensions

Installing and Enabling Trusted Extensions

Chapter 4 Configuring Trusted Extensions

Setting Up the Global Zone in Trusted Extensions

Creating Labeled Zones

Configuring the Network Interfaces in Trusted Extensions

Creating Roles and Users in Trusted Extensions

Creating Centralized Home Directories in Trusted Extensions

Troubleshooting Your Trusted Extensions Configuration

Additional Trusted Extensions Configuration Tasks

Chapter 5 Configuring LDAP for Trusted Extensions

Configuring LDAP on a Trusted Extensions Network

Configuring an LDAP Proxy Server on a Trusted Extensions System

Configuring the Oracle Directory Server Enterprise Edition on a Trusted Extensions System

Creating a Trusted Extensions Proxy for an Existing Oracle Directory Server Enterprise Edition

Creating a Trusted Extensions LDAP Client

Part II Administration of Trusted Extensions

Appendix A Site Security Policy

Appendix B Configuration Checklist for Trusted Extensions

Appendix C Quick Reference to Trusted Extensions Administration

Appendix D List of Trusted Extensions Man Pages

Language:

Creating Labeled Zones

The instructions in this section configure labeled zones. You have the option of creating two labeled zones automatically or manually creating zones.

Note - If you plan to use LDAP, go to Chapter 5, Configuring LDAP for Trusted Extensions. You must configure LDAP before you create labeled zones.

Table 4-2 Creating Labeled Zones

Task	Description	For Instructions
1a. Create a default Trusted Extensions configuration.	The `txzonemgr -c` command creates two labeled zones from the `label_encodings` file. This command can be run on a system that does not have a desktop.	How to Create a Default Trusted Extensions System
1b. Create a default Trusted Extensions configuration by using a GUI.	The `txzonemgr` script creates a GUI that presents the appropriate tasks as you configure your system.	How to Create Labeled Zones Interactively
1c. Manually step through zone creation.	The `txzonemgr` script creates a GUI that presents the appropriate tasks as you configure your system.	How to Create Labeled Zones Interactively
Create a labeled zone by using zone commands.	Creates one labeled zone. This procedure can be run on a system that does not have a desktop.	How to Create Labeled Zones by Using the zonecfg Command
2. Create a working labeled environment.	In the default configuration, label two workspaces as `PUBLIC` and `INTERNAL USE ONLY`. This procedure works on a desktop system only.	How to Assign Labels to Two Zone Workspaces
3. (Optional) Link to other systems on your network.	Configure labeled zone network interfaces and connect the global zone and labeled zones to other systems.	Configuring the Network Interfaces in Trusted Extensions

Copyright © 1992, 2014, Oracle and/or its affiliates. All rights reserved. Legal Notices