Go to main content

Trusted Extensions Configuration and Administration

Exit Print View

Updated: November 2020

How to Modify Default User Label Attributes

You can modify the default user label attributes during the configuration of the first system. Use the modified encodings file when installing additional Trusted Extensions systems.

Caution  -  You must complete this task before any regular users access the system.

  1. Review the default user attribute settings in the /etc/security/tsol/label_encodings file.

    For the defaults, see Figure 2, Table 2, Trusted Extensions Security Defaults for User Accounts in Planning User Security in Trusted Extensions.

  2. Edit a copy of the active encodings file.
    1. Locate the active file.
      # labeladm encodings
      Label encodings file: /var/tsol/encodings/label_encodings.fSaG.L
    2. Edit a copy of the active file.
      # cp /var/tsol/encodings/label_encodings.fSaG.L /tmp/tmp-encodings
      # pfedit /tmp/tmp-encodings
  3. Replace the system's label encodings file and reboot the system.
    # labeladm encodings /tmp/tmp-encodings
    # /usr/sbin/reboot
  4. Repeat the procedure on every Trusted Extensions system.

    Caution  -  The contents of the active label encodings file must be the same on all systems.