This procedure creates a working Trusted Extensions system with two labeled zones. Remote hosts have not been assigned to the system's security templates, so this system cannot communicate with any remote hosts.
Before You Begin
Either you are in the global zone on a system that does not have a desktop, or you have logged in remotely by using the ssh command. You have assumed the root role.
# man txzonemgr
# /usr/sbin/txzonemgr -c
This command copies the Oracle Solaris OS and Trusted Extensions software to a zone, creates a snapshot of the zone, labels the original zone, then uses the snapshot to create a second labeled zone. The zones are booted.
The first labeled zone is based on the value of Default User Sensitivity Label in the label_encodings file.
The second labeled zone is based on the value of Default User Clearance in the label_encodings file.
This step can take about 20 minutes. To install the zones, the script uses the root password from the global zone for the labeled zones.