How to Enable Remote Administrative Access to an Immutable Zone by Using RAD

Perform this task to enable access to the immutable zone by using the Remote Access Daemon (RAD). The rad:remote SMF service is enabled to perform TPD authentication over RAD connections.

1. Assume the root role.

   For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.4.

2. Modify the rad:remote SMF service to run in the TPD.

   # svccfg -s rad:remote
   svc:/system/rad:remote> setprop method_context/trusted_path = true
   svc:/system/rad:remote> refresh
   svc:/system/rad:remote> exit

3. Verify that the trusted_path attribute is set for the rad:remote service.

   # svcprop -p method_context/trusted_path rad:remote
   true

4. Restart the remote RAD service.

   # svcadm restart rad:remote

5. Enable one or more administrators to access the TPD over a RAD connection.

   $ usermod -K tpd=yes username

   These administrators can now log in to the immutable zone remotely over RAD.

See Also

For information about RAD access, see Chapter 3, Managing User Accounts Interactively in Managing User Accounts and User Environments in Oracle Solaris 11.4.

To add an SMF service to run in the TPD, see Adding the Puppet Service to the Trusted Path.