Creating Labeled Zones
The instructions in this section configure labeled zones. You have the
option of creating two labeled zones automatically or manually creating zones.
Tip -
To create a kernel or an immutable zone that is running
Trusted Extensions, follow the instructions for creating a kernel or
immutable zone:
As part of zone configuration, add the Trusted Extensions packages,
enable Trusted Extensions, and then complete the configuration required for
Trusted Extensions. Do not make a zone immutable until after configuration
is complete.
Table 4 Creating Labeled Zones
| | |
|---|
1a. Create a default Trusted Extensions configuration.
| The txzonemgr -c command creates two labeled zones from the
label_encodings file. This command can be run on a system that does not have a
desktop.
|
|
1b. Create a default Trusted Extensions configuration by using a GUI.
| The txzonemgr script creates a GUI that presents
the appropriate tasks as you configure your system.
|
|
1c. Manually step through zone creation.
| The txzonemgr script creates a GUI that presents
the appropriate tasks as you configure your system.
|
|
|
Create a labeled zone by using zone commands.
|
Creates one labeled zone. This procedure can be run on a system that does not have a
desktop.
|
|
2. Create a working labeled environment.
| In the default configuration, label two workspaces as PUBLIC and
INTERNAL USE ONLY. This procedure works on a desktop system only.
|
|
3. (Optional) Link to other systems on your network.
| Configure labeled zone network interfaces and connect the global zone
and labeled zones to other systems.
|
|
|