Contenues dans
Trouver plus de documentation
Ressources d'assistance comprises
|  Télécharger cet ouvrage au format PDF (3722 Ko)
| | | | |
| Numbers and Symbols |
| |
| | -o nobanner option to lp command (  ) |
| | | | |
| A |
| |
| | access, See computer access |
| |
| | access policy |
| | | devices ( ) |
| | | Discretionary Access Control (DAC) ( ) ( ) |
| | | Mandatory Access Control (MAC) ( ) |
| |
| | accessing |
| | | Admin Editor action ( ) |
| | | administrative tools ( ) |
| | | audit records by label ( ) |
| | | devices ( ) |
| | | global zone ( ) |
| | | home directories ( ) |
| | | printers ( ) |
| | | remote multilevel desktop ( ) |
| | | Solaris Management Console ( ) |
| | | trusted CDE actions ( ) |
| | | ZFS dataset mounted in lower-level zone from higher-level zone ( ) |
| |
| | accessing the X server ( ) |
| |
| | account locking, preventing ( ) |
| |
| | accounts |
| | | See roles | |
| | | See also users | |
| | | creating ( ) |
| | | planning ( ) |
| |
| | accreditation checks ( ) |
| |
| | accreditation ranges, label_encodings file ( ) |
| |
| | Action failed. Reconnect to Solaris Zone? ( ) |
| |
| | actions |
| | | See administrative actions | |
| | | See also individual actions by name | |
| | | adding new Trusted CDE actions ( ) |
| | | Admin Editor ( ) |
| | | Device Allocation Manager ( ) |
| | | list of trusted CDE ( ) |
| | | Name Service Switch ( ) |
| | | Print Manager ( ) |
| | | restricted by rights profiles ( ) |
| | | use differences between CDE and Trusted CDE ( ) |
| |
| | add_allocatable command ( ) |
| |
| | Add Allocatable Device action ( ) |
| |
| | adding |
| | | default routes for labeled zones ( ) |
| | | LDAP toolbox ( ) |
| | | local role with roleadd ( ) |
| | | local user with useradd ( ) |
| | | network databases to LDAP server ( ) |
| | | nscd daemon to every labeled zone ( ) |
| | | roles ( ) |
| | | shared network interfaces ( ) |
| | | Trusted Extensions to a Solaris system ( ) |
| | | users by using lpaddent ( ) |
| | | users who can assume roles ( ) |
| | | zone-specific network interface ( ) |
| | | zone-specific nscd daemon ( ) |
| |
| | Additional Trusted Extensions Configuration Tasks ( ) |
| |
| | addresses |
| | | sharing between global and labeled zones ( ) |
| | | specifying one IP address per system ( ) ( ) |
| |
| | Admin Editor action ( ) |
| | | opening ( ) |
| |
| | ADMIN_HIGH label ( ) |
| |
| | ADMIN_LOW label |
| | | lowest label ( ) |
| | | protecting administrative files ( ) |
| |
| | administering |
| | | account locking ( ) |
| | | assigning device authorizations ( ) |
| | | audio device to play music ( ) |
| | | auditing in Trusted Extensions ( ) |
| | | changing label of information ( ) |
| | | convenient authorizations for users ( ) |
| | | device allocation ( ) |
| | | device authorizations ( ) |
| | | devices ( ) ( ) |
| | | file systems |
| | | | mounting ( ) |
| | | | overview ( ) |
| | | | troubleshooting ( ) |
| | | files |
| | | | backing up ( ) |
| | | | restoring ( ) |
| | | from the global zone ( ) |
| | | hiding labels from users ( ) |
| | | labeled printing ( ) |
| | | LDAP ( ) |
| | | mail ( ) |
| | | multilevel ports ( ) |
| | | network in Trusted Extensions ( ) |
| | | network of users ( ) |
| | | PostScript printing ( ) |
| | | printing in Trusted Extensions ( ) |
| | | printing interoperability with Trusted Solaris 8 ( ) |
| | | quick reference for administrators ( ) |
| | | remote host database ( ) |
| | | remote host templates ( ) |
| | | remotely ( ) |
| | | remotely by a role ( ) |
| | | remotely from command line ( ) |
| | | remotely with dtappsession ( ) |
| | | remotely with Solaris Management Console ( ) ( ) |
| | | routes with security attributes ( ) |
| | | serial line for login ( ) |
| | | sharing file systems ( ) |
| | | startup files for users ( ) |
| | | system files ( ) |
| | | third-party software ( ) |
| | | timeout when relabeling information ( ) |
| | | trusted network databases ( ) |
| | | trusted networking ( ) |
| | | unlabeled printing ( ) |
| | | user privileges ( ) |
| | | users ( ) ( ) |
| | | zones ( ) |
| | | zones from Trusted JDS ( ) |
| |
| | Administering Trusted Extensions Remotely (Task Map) ( ) |
| |
| | administrative actions |
| | | See also actions | |
| | | accessing ( ) |
| | | Check Encodings ( ) |
| | | Clone Zone ( ) |
| | | Configure Zone ( ) |
| | | Copy Zone ( ) |
| | | Create LDAP Client ( ) |
| | | in CDE ( ) |
| | | in Trusted_Extensions folder ( ) |
| | | Initialize Zone for LDAP ( ) |
| | | Install Zone ( ) |
| | | list of trusted CDE ( ) |
| | | naming services ( ) |
| | | Share Logical Interface ( ) |
| | | Share Physical Interface ( ) |
| | | Shut Down Zone ( ) |
| | | Start Zone ( ) |
| | | starting remotely ( ) ( ) |
| | | trusted ( ) |
| | | Zone Terminal Console ( ) ( ) ( ) |
| |
| | administrative labels ( ) |
| |
| | administrative roles, See roles |
| |
| | Administrative Roles tool ( ) |
| |
| | administrative tools |
| | | accessing ( ) |
| | | commands ( ) |
| | | description ( ) |
| | | Device Allocation Manager ( ) |
| | | in Trusted_Extensions folder ( ) |
| | | label builder ( ) |
| | | Labeled Zone Manager ( ) |
| | | Solaris Management Console ( ) ( ) |
| | | Trusted CDE actions ( ) |
| | | txzonemgr script ( ) |
| |
| | allocate command ( ) |
| |
| | Allocate Device authorization ( ) ( ) ( ) ( ) |
| |
| | allocate error state, correcting ( ) |
| |
| | allocating, using Device Allocation Manager ( ) |
| |
| | allocating devices |
| | | for copying data ( ) |
| | | tape drive ( ) |
| |
| | Always Print Banner checkbox ( ) |
| |
| | applications |
| | | evaluating for security ( ) |
| | | installing ( ) |
| | | trusted and trustworthy ( ) |
| |
| | assigning |
| | | editor as the trusted editor ( ) |
| | | privileges to users ( ) |
| | | rights profiles ( ) |
| |
| | Associating Network Interfaces With Zones by Using CDE Actions (Task Map) ( ) |
| |
| | Assume Role menu item ( ) |
| |
| | assuming, roles ( ) |
| |
| | atohexlabel command ( ) ( ) |
| |
| | audio devices |
| | | automatically starting an audio player ( ) |
| | | preventing remote allocation ( ) |
| |
| | audit_class file, action for editing ( ) |
| |
| | Audit Classes action ( ) |
| |
| | audit classes for Trusted Extensions, list of new X audit classes ( ) |
| |
| | Audit Control action ( ) |
| |
| | audit_control file, action for editing ( ) |
| |
| | audit_event file ( ) |
| |
| | Audit Events action ( ) |
| |
| | audit events for Trusted Extensions, list of ( ) |
| |
| | audit planning ( ) |
| |
| | audit policy in Trusted Extensions ( ) |
| |
| | audit records in Trusted Extensions, policy ( ) |
| |
| | Audit Review profile, reviewing audit records ( ) |
| |
| | Audit Startup action ( ) |
| |
| | audit_startup command, action for editing ( ) |
| |
| | Audit Tasks of the System Administrator ( ) |
| |
| | audit tokens for Trusted Extensions |
| | | label token ( ) |
| | | list of ( ) |
| | | xatom token ( ) |
| | | xclient token ( ) |
| | | xcolormap token ( ) |
| | | xcursor token ( ) |
| | | xfont token ( ) |
| | | xgc token ( ) |
| | | xpixmap token ( ) |
| | | xproperty token ( ) |
| | | xselect token ( ) |
| | | xwindow token ( ) |
| |
| | auditconfig command ( ) |
| |
| | auditing, planning ( ) |
| |
| | auditing in Trusted Extensions |
| | | additional audit events ( ) |
| | | additional audit policies ( ) |
| | | additional audit tokens ( ) |
| | | additions to existing auditing commands ( ) |
| | | differences from Solaris auditing ( ) |
| | | reference ( ) |
| | | roles for administering ( ) |
| | | security administrator tasks ( ) |
| | | system administrator tasks ( ) |
| | | tasks ( ) |
| | | X audit classes ( ) |
| |
| | auditreduce command ( ) |
| |
| | authorizations |
| | | adding new device authorizations ( ) |
| | | Allocate Device ( ) ( ) ( ) |
| | | assigning ( ) |
| | | assigning device authorizations ( ) |
| | | authorizing a user or role to change label ( ) |
| | | Configure Device Attributes ( ) |
| | | convenient for users ( ) |
| | | creating customized device authorizations ( ) |
| | | creating local and remote device authorizations ( ) |
| | | customizing for devices ( ) |
| | | granted ( ) |
| | | Print Postscript ( ) |
| | | Print PostScript ( ) |
| | | profiles that include device allocation authorizations ( ) |
| | | Revoke or Reclaim Device ( ) ( ) |
| | | solaris.print.nobanner ( ) |
| | | solaris.print.ps ( ) |
| |
| | authorizing |
| | | device allocation ( ) |
| | | PostScript printing ( ) |
| | | unlabeled printing ( ) |
| |
| | automount command ( ) |
| | | | |
| B |
| |
| | backing up, previous system before installation ( ) |
| |
| | Backing Up, Sharing, and Mounting Labeled Files (Task Map) ( ) |
| |
| | banner pages |
| | | description of labeled ( ) |
| | | difference from trailer page ( ) |
| | | printing without labels ( ) |
| | | typical ( ) |
| |
| | body pages |
| | | description of labeled ( ) |
| | | unlabeled for all users ( ) |
| | | unlabeled for specific users ( ) |
| |
| | booting |
| | | zones ( ) ( ) |
| | | | |
| C |
| |
| | Cannot reach global zone ( ) |
| |
| | CD-ROM drives |
| | | accessing ( ) |
| | | playing music automatically ( ) |
| |
| | CDE actions, See actions |
| |
| | Change Password menu item |
| | | description ( ) |
| | | using to change root password ( ) |
| |
| | changing |
| | | IDLETIME keyword ( ) |
| | | labels by authorized users ( ) |
| | | rules for label changes ( ) |
| | | security level of data ( ) |
| | | Selection Confirmer defaults ( ) |
| | | system security defaults ( ) |
| | | user privileges ( ) |
| |
| | Check Encodings action ( ) ( ) |
| |
| | Check TN Files action ( ) |
| |
| | checking |
| | | label_encodings file ( ) |
| | | roles are working ( ) |
| |
| | checklists for initial setup team ( ) |
| |
| | chk_encodings command ( ) ( ) |
| | | action for invoking ( ) |
| |
| | choosing, See selecting |
| |
| | classification label component ( ) |
| |
| | clearances, label overview ( ) |
| |
| | Clone Zone action ( ) ( ) |
| |
| | collecting information |
| | | before enabling Trusted Extensions ( ) |
| | | for LDAP service ( ) |
| | | planning Trusted Extensions configuration ( ) |
| |
| | colors, indicating label of workspace ( ) |
| |
| | commands |
| | | executing with privilege ( ) |
| | | troubleshooting networking ( ) |
| | | trusted_edit trusted editor ( ) |
| |
| | commercial applications, evaluating ( ) |
| |
| | Common Tasks in Trusted Extensions (Task Map) ( ) |
| |
| | compartment label component ( ) |
| |
| | component definitions, label_encodings file ( ) |
| |
| | computer access |
| | | administrator responsibilities ( ) |
| | | restricting ( ) |
| |
| | Computers and Networks tool |
| | | adding known hosts ( ) ( ) |
| | | modifying tnrhdb database ( ) |
| |
| | Computers and Networks tool set ( ) |
| |
| | configuration files, copying ( ) |
| |
| | Configure Device Attributes authorization ( ) |
| |
| | Configure Selection Confirmation action ( ) |
| |
| | Configure Zone action ( ) ( ) |
| |
| | configuring |
| | | access to headless Trusted Extensions ( ) |
| | | as a role or as superuser? ( ) |
| | | audio device to play music ( ) |
| | | auditing ( ) |
| | | authorizations for devices ( ) |
| | | devices ( ) |
| | | labeled printing ( ) |
| | | LDAP for Trusted Extensions ( ) |
| | | LDAP proxy server for Trusted Extensions clients ( ) |
| | | network interfaces ( ) |
| | | routes with security attributes ( ) |
| | | serial line for login ( ) |
| | | Solaris Management Console for LDAP ( ) |
| | | startup files for users ( ) |
| | | Trusted Extensions labeled zones ( ) ( ) |
| | | Trusted Extensions software ( ) |
| | | trusted network ( ) |
| |
| | Configuring an LDAP Proxy Server on a Trusted Extensions Host (Task Map) ( ) |
| |
| | Configuring an LDAP Server on a Trusted Extensions Host (Task Map) ( ) |
| |
| | Configuring Labeled Printing (Task Map) ( ) |
| |
| | Configuring Routes and Checking Network Information in Trusted Extensions (Task Map) ( ) |
| |
| | Configuring the Solaris Management Console for LDAP (Task Map) ( ) |
| |
| | configuring Trusted Extensions |
| | | checklist for install team ( ) |
| | | headless access ( ) |
| | | initial procedures ( ) |
| | | labeled zones ( ) ( ) |
| | | task maps ( ) |
| |
| | Configuring Trusted Network Databases (Task Map) ( ) |
| |
| | console window, troubleshooting not opening ( ) |
| |
| | controlling, See restricting |
| |
| | .copy_files file |
| | | description ( ) |
| | | setting up for users ( ) ( ) |
| | | startup file ( ) |
| |
| | Copy Zone action ( ) ( ) |
| |
| | Create a new zone menu item ( ) ( ) |
| |
| | Create LDAP Client action ( ) ( ) |
| |
| | creating |
| | | accounts ( ) |
| | | accounts during or after configuration ( ) |
| | | authorizations for devices ( ) |
| | | home directories ( ) ( ) |
| | | home directory server ( ) |
| | | labeled zones ( ) |
| | | LDAP client ( ) |
| | | LDAP proxy server for Trusted Extensions clients ( ) |
| | | LDAP toolbox ( ) |
| | | local role with roleadd ( ) |
| | | local user with useradd ( ) |
| | | roles ( ) |
| | | users who can assume roles ( ) |
| | | zones ( ) ( ) |
| |
| | Creating Labeled Zones ( ) |
| |
| | Creating the Labeled Zones by Using CDE Actions (Task Map) ( ) |
| |
| | credentials, registering LDAP with the Solaris Management Console ( ) |
| |
| | customizing |
| | | device authorizations ( ) |
| | | label_encodings file ( ) |
| | | unlabeled printing ( ) |
| | | user accounts ( ) |
| |
| | Customizing Device Authorizations in Trusted Extensions (Task Map) ( ) |
| |
| | Customizing User Environment for Security (Task Map) ( ) |
| |
| | cut and paste, and labels ( ) |
| |
| | cutting and pasting, configuring rules for label changes ( ) |
| | | | |
| D |
| |
| | DAC, See discretionary access control (DAC) |
| |
| | databases |
| | | devices ( ) |
| | | in LDAP ( ) |
| | | trusted network ( ) |
| |
| | datasets, See ZFS |
| |
| | deallocate command ( ) |
| |
| | deallocating, forcing ( ) |
| |
| | debugging, See troubleshooting |
| |
| | deciding |
| | | to configure as a role or as superuser ( ) |
| | | to use a Sun-supplied encodings file ( ) |
| |
| | decisions to make |
| | | based on site security policy ( ) |
| | | before enabling Trusted Extensions ( ) |
| |
| | default routes, specifying for labeled zones ( ) |
| |
| | deleting, labeled zones ( ) |
| |
| | desktops |
| | | accessing multilevel remotely ( ) |
| | | logging in to a failsafe session ( ) |
| | | workspace color changes ( ) |
| |
| | /dev/kmem kernel image file, security violation ( ) |
| |
| | developer responsibilities ( ) |
| |
| | device allocation |
| | | authorizing ( ) |
| | | overview ( ) |
| | | preventing File Manager display ( ) |
| | | profiles that include allocation authorizations ( ) |
| |
| | Device Allocation Manager |
| | | administrative tool ( ) |
| | | description ( ) |
| | | use by administrators ( ) |
| |
| | device-clean scripts |
| | | adding to devices ( ) |
| | | requirements ( ) |
| |
| | device databases, action for editing ( ) |
| |
| | devices |
| | | access policy ( ) |
| | | accessing ( ) |
| | | adding customized authorizations ( ) |
| | | adding device_clean script ( ) |
| | | administering ( ) |
| | | administering with Device Allocation Manager ( ) |
| | | allocating ( ) |
| | | automatically starting an audio player ( ) |
| | | configuring devices ( ) |
| | | configuring serial line ( ) |
| | | creating new authorizations ( ) |
| | | in Trusted Extensions ( ) |
| | | policy defaults ( ) |
| | | preventing remote allocation of audio ( ) |
| | | protecting ( ) |
| | | protecting nonallocatable ( ) |
| | | reclaiming ( ) |
| | | setting label range for nonallocatable ( ) |
| | | setting policy ( ) |
| | | setting up audio ( ) |
| | | troubleshooting ( ) |
| | | using ( ) |
| |
| | dfstab file |
| | | action for editing ( ) |
| | | for public zone ( ) |
| |
| | differences |
| | | administrative interfaces in Trusted Extensions ( ) |
| | | between Trusted Extensions and Solaris auditing ( ) |
| | | between Trusted Extensions and Solaris OS ( ) |
| | | defaults in Trusted Extensions ( ) |
| | | extending Solaris interfaces ( ) |
| | | limited options in Trusted Extensions ( ) |
| |
| | directories |
| | | accessing lower-level ( ) |
| | | authorizing a user or role to change label of ( ) |
| | | for naming service setup ( ) |
| | | mounting ( ) |
| | | sharing ( ) |
| |
| | disabling, Trusted Extensions ( ) |
| |
| | discretionary access control (DAC) ( ) |
| |
| | diskettes, accessing ( ) |
| |
| | displaying |
| | | labels of file systems in labeled zone ( ) |
| | | status of every zone ( ) |
| |
| | DOI, remote host templates ( ) |
| |
| | domain of interpretation (DOI), entry in /etc/system file ( ) |
| |
| | dominance of labels ( ) |
| |
| | Downgrade DragNDrop or CutPaste Info authorization ( ) |
| |
| | Downgrade File Label authorization ( ) |
| |
| | downgrading labels, configuring rules for selection confirmer ( ) |
| |
| | dpadm service ( ) |
| |
| | DragNDrop or CutPaste without viewing contents authorization ( ) |
| |
| | dsadm service ( ) |
| |
| | dtappsession command ( ) |
| |
| | dtsession command, running updatehome ( ) |
| |
| | dtterm terminal, forcing the sourcing of .profile ( ) |
| |
| | dtwm command ( ) |
| | | | |
| E |
| |
| | Edit Encodings action ( ) |
| |
| | editing |
| | | system files ( ) |
| | | using trusted editor ( ) |
| |
| | enabling |
| | | DOI different from 1 ( ) ( ) |
| | | dpadm service ( ) |
| | | dsadm service ( ) |
| | | IPv6 network ( ) |
| | | keyboard shutdown ( ) |
| | | labeld service ( ) |
| | | LDAP administration from a client ( ) |
| | | login to labeled zone ( ) |
| | | Trusted Extensions on a Solaris system ( ) |
| |
| | encodings file, See label_encodings file |
| |
| | error messages |
| | | troubleshooting ( ) ( ) |
| |
| | /etc/default/kbd file, how to edit ( ) |
| |
| | /etc/default/login file, how to edit ( ) |
| |
| | /etc/default/passwd file, how to edit ( ) |
| |
| | /etc/default/print file ( ) |
| |
| | /etc/dfs/dfstab file ( ) |
| |
| | /etc/dfs/dfstab file for public zone ( ) |
| |
| | /etc/dt/config/sel_config file ( ) ( ) |
| |
| | /etc/hosts file ( ) ( ) |
| |
| | /etc/motd file, action for editing ( ) |
| |
| | /etc/nsswitch.conf file ( ) |
| |
| | /etc/resolv.conf file ( ) |
| |
| | /etc/rmmount.conf file ( ) ( ) |
| |
| | /etc/security/audit_class file ( ) |
| |
| | /etc/security/audit_control file ( ) |
| |
| | /etc/security/audit_event file ( ) |
| |
| | /etc/security/audit_startup file ( ) |
| |
| | /etc/security/policy.conf file |
| | | defaults ( ) |
| | | enabling PostScript printing ( ) |
| | | how to edit ( ) |
| | | modifying ( ) |
| |
| | /etc/security/tsol/label_encodings file ( ) |
| |
| | /etc/system file |
| | | modifying for DOI different from 1 ( ) |
| | | modifying for IPv6 network ( ) |
| |
| | evaluating programs for security ( ) |
| |
| | exporting, See sharing |
| | | | |
| F |
| |
| | failsafe session, logging in ( ) |
| |
| | fallback mechanism |
| | | for remote hosts ( ) |
| | | in tnrhdb ( ) |
| | | using for network configuration ( ) |
| |
| | File Manager, preventing display after device allocation ( ) |
| |
| | file systems |
| | | mounting in global and labeled zones ( ) |
| | | NFS mounts ( ) |
| | | NFSv3 ( ) |
| | | sharing ( ) |
| | | sharing in global and labeled zones ( ) |
| |
| | files |
| | | accessing from dominating labels ( ) |
| | | authorizing a user or role to change label of ( ) |
| | | backing up ( ) |
| | | .copy_files ( ) ( ) ( ) |
| | | copying from removable media ( ) |
| | | editing with trusted editor ( ) |
| | | /etc/default/kbd ( ) |
| | | /etc/default/login ( ) |
| | | /etc/default/passwd ( ) |
| | | /etc/default/print ( ) |
| | | /etc/dfs/dfstab ( ) |
| | | /etc/dt/config/sel_config ( ) |
| | | /etc/motd ( ) |
| | | /etc/nsswitch.conf ( ) |
| | | /etc/resolv.conf ( ) |
| | | /etc/rmmount.conf ( ) |
| | | /etc/security/audit_class ( ) |
| | | /etc/security/audit_control ( ) |
| | | /etc/security/audit_event ( ) |
| | | /etc/security/audit_startup ( ) |
| | | /etc/security/policy.conf ( ) ( ) ( ) |
| | | /etc/security/tsol/label_encodings ( ) |
| | | getmounts ( ) |
| | | getzonelabels ( ) |
| | | .gtkrc-mine ( ) |
| | | .link_files ( ) ( ) ( ) |
| | | loopback mounting ( ) |
| | | office-install-directory/VCL.xcu ( ) |
| | | policy.conf ( ) |
| | | PostScript ( ) |
| | | preventing access from dominating labels ( ) |
| | | relabeling privileges ( ) |
| | | resolv.conf ( ) |
| | | restoring ( ) |
| | | sel_config file ( ) |
| | | startup ( ) |
| | | /usr/dt/config/sel_config ( ) ( ) |
| | | /usr/lib/lp/postscript/tsol_separator.ps ( ) |
| | | /usr/sbin/txzonemgr ( ) ( ) |
| | | VCL.xcu ( ) |
| |
| | files and file systems |
| | | mounting ( ) |
| | | naming ( ) |
| | | sharing ( ) |
| |
| | finding |
| | | label equivalent in hexadecimal ( ) |
| | | label equivalent in text format ( ) |
| |
| | Firefox, lengthening timeout when relabeling ( ) |
| |
| | floppies, See diskettes |
| |
| | floppy disks, See diskettes |
| |
| | Front Panel, Device Allocation Manager ( ) |
| | | | |
| G |
| |
| | gateways |
| | | accreditation checks ( ) |
| | | example of ( ) |
| |
| | getlabel command ( ) |
| |
| | getmounts script ( ) |
| |
| | Getting Started as a Trusted Extensions Administrator (Task Map) ( ) |
| |
| | getzonelabels script ( ) |
| |
| | getzonepath command ( ) |
| |
| | global zone |
| | | difference from labeled zones ( ) |
| | | entering ( ) |
| | | exiting ( ) |
| | | remote login by users ( ) |
| |
| | GNOME ToolKit (GTK) library, lengthening timeout when relabeling ( ) |
| |
| | groups |
| | | deletion precautions ( ) |
| | | security requirements ( ) |
| |
| | .gtkrc-mine file ( ) |
| | | | |
| H |
| |
| | Handling Devices in Trusted Extensions (Task Map) ( ) |
| |
| | Handling Other Tasks in the Solaris Management Console (Task Map) ( ) |
| |
| | hardware planning ( ) |
| |
| | Headless System Configuration in Trusted Extensions (Task Map) ( ) |
| |
| | hextoalabel command ( ) ( ) |
| |
| | hiding labels from users ( ) |
| |
| | home directories |
| | | accessing ( ) |
| | | creating ( ) ( ) |
| | | creating server for ( ) |
| | | logging in and getting ( ) |
| |
| | host types |
| | | networking ( ) ( ) |
| | | remote host templates ( ) |
| | | table of templates and protocols ( ) |
| |
| | hosts |
| | | assigning a template ( ) ( ) |
| | | assigning to security template ( ) |
| | | entering in network files ( ) |
| | | networking concepts ( ) |
| | | specifying labels ( ) |
| |
| | hot key, regaining control of desktop focus ( ) |
| | | | |
| I |
| |
| | icon visibility |
| | | in the File Manager ( ) |
| | | in the Workspace Menu ( ) |
| |
| | IDLECMD keyword, changing default ( ) |
| |
| | IDLETIME keyword, changing default ( ) |
| |
| | ifconfig command ( ) ( ) |
| |
| | importing, software ( ) |
| |
| | initial setup team, checklist for configuring Trusted Extensions ( ) |
| |
| | Initialize Zone for LDAP action ( ) ( ) |
| |
| | initializing |
| | | Solaris Management Console ( ) |
| | | zones ( ) |
| | | zones for LDAP ( ) |
| |
| | Install Zone action ( ) ( ) |
| | | troubleshooting ( ) |
| |
| | installation menu |
| | | Create a new zone ( ) ( ) |
| | | Zone Console ( ) |
| |
| | installing |
| | | label_encodings file ( ) |
| | | Solaris OS for Trusted Extensions ( ) |
| | | Sun Java System Directory Server ( ) |
| | | zones ( ) ( ) |
| |
| | interfaces |
| | | assigning to security template ( ) |
| | | verifying they are up ( ) |
| |
| | internationalizing, See localizing |
| |
| | interoperability, Trusted Solaris 8 and printing ( ) |
| |
| | IP addresses |
| | | fallback mechanism in tnrhdb ( ) |
| | | in tnrhdb database ( ) |
| | | in tnrhdb file ( ) |
| |
| | IPv6 |
| | | entry in /etc/system file ( ) |
| | | troubleshooting ( ) |
| | | | |
| J |
| |
| | Java archive (JAR) files, installing ( ) |
| | | | |
| K |
| |
| | key combinations, testing if grab is trusted ( ) |
| |
| | keyboard shutdown, enabling ( ) |
| |
| | kmem kernel image file ( ) |
| | | | |
| L |
| |
| | label audit token ( ) |
| |
| | label_encodings file |
| | | action for editing and checking ( ) |
| | | checking ( ) |
| | | contents ( ) |
| | | installing ( ) |
| | | localizing ( ) |
| | | modifying ( ) |
| | | reference for labeled printing ( ) |
| | | source of accreditation ranges ( ) |
| |
| | label ranges |
| | | restricting printer label range ( ) |
| | | setting on frame buffers ( ) |
| | | setting on printers ( ) |
| |
| | labeld service ( ) |
| | | disabling ( ) |
| | | troubleshooting ( ) |
| |
| | labeled printing |
| | | banner pages ( ) |
| | | body pages ( ) |
| | | PostScript files ( ) |
| | | removing label ( ) |
| | | removing PostScript restriction ( ) |
| | | without banner page ( ) ( ) |
| |
| | Labeled Zone Manager, See txzonemgr script |
| |
| | labeled zones, See zones |
| |
| | labeling |
| | | turning on labels ( ) |
| | | zones ( ) ( ) |
| |
| | labels |
| | | See also label ranges | |
| | | assigning to named zones ( ) ( ) |
| | | authorizing a user or role to change label of data ( ) |
| | | classification component ( ) |
| | | compartment component ( ) |
| | | configuring rules for label changes ( ) |
| | | default in remote host templates ( ) |
| | | described ( ) |
| | | determining text equivalents ( ) |
| | | displaying in hexadecimal ( ) |
| | | displaying labels of file systems in labeled zone ( ) |
| | | dominance ( ) |
| | | downgrading and upgrading ( ) |
| | | hiding from users ( ) |
| | | of processes ( ) |
| | | of user processes ( ) |
| | | on printer output ( ) |
| | | on trusted stripe ( ) |
| | | overview ( ) |
| | | planning ( ) |
| | | printing without page labels ( ) |
| | | relationships ( ) |
| | | repairing in internal databases ( ) |
| | | specifying for hosts ( ) |
| | | specifying for zones ( ) ( ) |
| | | troubleshooting ( ) |
| | | well-formed ( ) |
| |
| | LDAP |
| | | action for creating global zone clients ( ) |
| | | displaying entries ( ) |
| | | enabling administration from a client ( ) |
| | | naming service for Trusted Extensions ( ) |
| | | planning ( ) |
| | | starting ( ) |
| | | stopping ( ) |
| | | troubleshooting ( ) |
| | | Trusted Extensions databases ( ) |
| |
| | LDAP configuration |
| | | creating client ( ) |
| | | for Trusted Extensions ( ) |
| |
| | LDAP server |
| | | collecting information for ( ) |
| | | configuring multilevel port ( ) |
| | | configuring naming service ( ) |
| | | configuring proxy for Trusted Extensions clients ( ) |
| | | creating proxy for Trusted Extensions clients ( ) |
| | | installing in Trusted Extensions ( ) |
| | | planning for separation of duty ( ) |
| | | protecting log files ( ) |
| | | registering credentials with Solaris Management Console ( ) |
| |
| | lengthening timeout, for relabeling ( ) |
| |
| | limiting, defined hosts on the network ( ) |
| |
| | .link_files file |
| | | description ( ) |
| | | setting up for users ( ) |
| | | startup file ( ) |
| |
| | list_devices command ( ) |
| |
| | localizing, changing labeled printer output ( ) |
| |
| | log files, protecting Directory Server logs ( ) |
| |
| | logging in |
| | | to a home directory server ( ) |
| | | using rlogin command ( ) |
| |
| | login |
| | | by roles ( ) |
| | | configuring serial line ( ) |
| | | remote ( ) |
| | | remote by roles ( ) |
| |
| | logout, requiring ( ) |
| |
| | lpaddent command ( ) |
| | | | |
| M |
| |
| | MAC, See mandatory access control (MAC) |
| |
| | mail |
| | | administering ( ) |
| | | implementation in Trusted Extensions ( ) |
| | | multilevel ( ) |
| |
| | man pages, quick reference for Trusted Extensions administrators ( ) |
| |
| | managing, See administering |
| |
| | Managing Devices in Trusted Extensions (Task Map) ( ) |
| |
| | Managing Printing in Trusted Extensions (Task Map) ( ) |
| |
| | Managing Software in Trusted Extensions (Tasks) ( ) |
| |
| | Managing Trusted Networking (Task Map) ( ) |
| |
| | Managing Users and Rights With the Solaris Management Console (Task Map) ( ) |
| |
| | Managing Zones (Task Map) ( ) |
| |
| | mandatory access control (MAC) |
| | | enforcing on the network ( ) |
| | | in Trusted Extensions ( ) |
| |
| | maximum labels, remote host templates ( ) |
| |
| | media, copying files from removable ( ) |
| |
| | minimum labels, remote host templates ( ) |
| |
| | MLPs, See multilevel ports (MLPs) |
| |
| | modifying |
| | | label_encodings file ( ) |
| | | sel_config file ( ) |
| |
| | motd file, action for editing ( ) |
| |
| | mounting |
| | | file systems ( ) |
| | | files by loopback mounting ( ) |
| | | NFSv3 file systems ( ) |
| | | overview ( ) |
| | | troubleshooting ( ) |
| | | ZFS dataset on labeled zone ( ) |
| |
| | Mozilla, lengthening timeout when relabeling ( ) |
| |
| | multiheaded system, trusted stripe ( ) |
| |
| | multilevel mounts, NFS protocol versions ( ) |
| |
| | multilevel ports (MLPs) |
| | | administering ( ) |
| | | example of NFSv3 MLP ( ) |
| | | example of web proxy MLP ( ) |
| |
| | multilevel printing |
| | | accessing by print client ( ) |
| | | configuring ( ) |
| |
| | multilevel server, planning ( ) |
| | | | |
| N |
| |
| | name service cache daemon, See nscd daemon |
| |
| | Name Service Switch action ( ) ( ) |
| |
| | names |
| | | specifying for zones ( ) ( ) |
| |
| | names of file systems ( ) |
| |
| | naming |
| | | zones ( ) ( ) |
| |
| | naming services |
| | | actions for managing ( ) |
| | | databases unique to Trusted Extensions ( ) |
| | | LDAP ( ) |
| |
| | net_mac_aware privilege ( ) |
| |
| | netstat command ( ) ( ) ( ) |
| |
| | network |
| | | See Trusted Extensions network | |
| | | See trusted network | |
| |
| | network databases |
| | | action for checking ( ) |
| | | description ( ) |
| | | in LDAP ( ) |
| |
| | network packets ( ) |
| |
| | networking concepts ( ) |
| |
| | NFS mounts |
| | | accessing lower-level directories ( ) |
| | | in global and labeled zones ( ) |
| |
| | No route available ( ) |
| |
| | nonallocatable devices |
| | | protecting ( ) |
| | | setting label range ( ) |
| |
| | nscd daemon, adding to every labeled zone ( ) |
| |
| | nsswitch.conf file, action for editing ( ) |
| | | | |
| O |
| |
| | office-install-directory/VCL.xcu ( ) |
| |
| | OpenOffice, See StarOffice |
| | | | |
| P |
| |
| | packages, accessing the media ( ) |
| |
| | passwords |
| | | assigning ( ) |
| | | Change Password menu item ( ) ( ) |
| | | changing for root ( ) |
| | | changing user passwords ( ) |
| | | storage ( ) |
| | | testing if password prompt is trusted ( ) |
| |
| | plabel command ( ) |
| |
| | planning |
| | | See also Trusted Extensions use | |
| | | account creation ( ) |
| | | administration strategy ( ) |
| | | auditing ( ) |
| | | data migration ( ) |
| | | hardware ( ) |
| | | labels ( ) |
| | | LDAP naming service ( ) |
| | | network ( ) |
| | | NFS server ( ) |
| | | printing ( ) |
| | | Trusted Extensions ( ) |
| | | Trusted Extensions configuration strategy ( ) |
| | | zones ( ) |
| |
| | policy.conf file |
| | | changing defaults ( ) |
| | | changing Trusted Extensions keywords ( ) |
| | | defaults ( ) |
| | | how to edit ( ) |
| |
| | PostScript |
| | | enabling to print ( ) |
| | | printing restrictions in Trusted Extensions ( ) |
| |
| | Preparing to Create Zones by Using CDE Actions (Task Map) ( ) |
| |
| | preventing, See protecting |
| |
| | Print Manager action, Always Print Banner checkbox ( ) |
| |
| | Print Postscript authorization ( ) ( ) ( ) |
| |
| | Print without Banner authorization ( ) ( ) |
| |
| | Print without Label authorization ( ) |
| |
| | printer output, See printing |
| |
| | printers, setting label range ( ) |
| |
| | printing |
| | | adding conversion filters ( ) |
| | | and label_encodings file ( ) |
| | | authorizations for unlabeled output from a public system ( ) |
| | | configuring for multilevel labeled output ( ) |
| | | configuring for print client ( ) |
| | | configuring labeled zone ( ) |
| | | configuring labels and text ( ) |
| | | configuring public print jobs ( ) |
| | | in local language ( ) |
| | | internationalizing labeled output ( ) |
| | | interoperability with Trusted Solaris 8 ( ) |
| | | labeling a Solaris print server ( ) |
| | | localizing labeled output ( ) |
| | | managing ( ) |
| | | model scripts ( ) |
| | | planning ( ) |
| | | PostScript files ( ) |
| | | PostScript restrictions in Trusted Extensions ( ) |
| | | preventing labels on output ( ) |
| | | public jobs from a Solaris print server ( ) |
| | | removing PostScript restriction ( ) |
| | | restricting label range ( ) |
| | | using a Solaris print server ( ) |
| | | without labeled banners and trailers ( ) ( ) |
| | | without page labels ( ) ( ) |
| |
| | privileges |
| | | changing defaults for users ( ) |
| | | non-obvious reasons for requiring ( ) |
| | | removing proc_info from basic set ( ) |
| | | restricting users' ( ) |
| | | when executing commands ( ) |
| |
| | proc_info privilege, removing from basic set ( ) |
| |
| | procedures, See tasks and task maps |
| |
| | processes |
| | | labels of ( ) |
| | | labels of user processes ( ) |
| | | preventing users from seeing others' processes ( ) |
| |
| | profiles, See rights profiles |
| |
| | programs, See applications |
| |
| | protecting |
| | | devices ( ) ( ) |
| | | devices from remote allocation ( ) |
| | | file systems by using non-proprietary names ( ) |
| | | files at lower labels from being accessed ( ) |
| | | from access by arbitrary hosts ( ) |
| | | information with labels ( ) |
| | | labeled hosts from contact by arbitrary unlabeled hosts ( ) |
| | | nonallocatable devices ( ) |
| |
| | publications, security and UNIX ( ) |
| | | | |
| R |
| |
| | real UID of root, required for applications ( ) |
| |
| | rebooting |
| | | activating labels ( ) |
| | | enabling login to labeled zone ( ) |
| |
| | Reducing Printing Restrictions in Trusted Extensions (Task Map) ( ) |
| |
| | regaining control of desktop focus ( ) |
| |
| | registering, LDAP credentials with the Solaris Management Console ( ) |
| |
| | regular users, See users |
| |
| | relabeling information ( ) |
| |
| | remote administration |
| | | defaults ( ) |
| | | methods ( ) |
| |
| | remote host templates |
| | | assigning ( ) |
| | | assigning to hosts ( ) |
| | | creating ( ) |
| | | tool for administering ( ) |
| |
| | remote hosts, using fallback mechanism in tnrhdb ( ) |
| |
| | Remote Login authorization ( ) |
| |
| | remote logins, enabling for roles ( ) |
| |
| | remote multilevel desktop, accessing ( ) |
| |
| | removable media, mounting ( ) |
| |
| | remove_allocatable command ( ) |
| |
| | removing |
| | | labels on printer output ( ) |
| | | zone-specific nscd daemon ( ) |
| |
| | removing Trusted Extensions, See disabling |
| |
| | repairing, labels in internal databases ( ) |
| |
| | requirements for Trusted Extensions |
| | | Solaris installation options ( ) |
| | | Solaris installed systems ( ) |
| |
| | resolv.conf file |
| | | action for editing ( ) |
| | | loading during configuration ( ) |
| |
| | Restart Zone action ( ) |
| |
| | restoring control of desktop focus ( ) |
| |
| | restricting |
| | | access to computer based on label ( ) |
| | | access to devices ( ) |
| | | access to global zone ( ) |
| | | access to lower-level files ( ) |
| | | access to printers with labels ( ) |
| | | actions by rights profiles ( ) |
| | | mounts of lower-level files ( ) |
| | | printer access with labels ( ) |
| | | printer label range ( ) |
| | | remote access ( ) |
| |
| | Revoke or Reclaim Device authorization ( ) ( ) |
| |
| | rights, See rights profiles |
| |
| | rights profiles |
| | | assigning ( ) |
| | | controlling the use of actions ( ) |
| | | Convenient Authorizations ( ) |
| | | customizing for separation of duty ( ) |
| | | with Allocate Device authorization ( ) |
| | | with device allocation authorizations ( ) |
| | | with new device authorizations ( ) |
| |
| | Rights tool ( ) |
| |
| | rmmount.conf file ( ) ( ) |
| |
| | roadmaps |
| | | Task Map: Configuring Trusted Extensions ( ) |
| | | Task Map: Preparing a Solaris System for Trusted Extensions ( ) |
| | | Task Map: Preparing For and Enabling Trusted Extensions ( ) |
| |
| | role workspace, global zone ( ) |
| |
| | roleadd command ( ) |
| |
| | roles |
| | | adding local role with roleadd ( ) |
| | | administering auditing ( ) |
| | | administering remotely ( ) ( ) |
| | | assigning rights ( ) |
| | | assuming ( ) ( ) |
| | | creating ( ) |
| | | creating Security Administrator ( ) |
| | | determining when to create ( ) |
| | | leaving role workspace ( ) |
| | | logging in remotely ( ) |
| | | remote login ( ) |
| | | role assumption from unlabeled host ( ) |
| | | separation of duty ( ) ( ) |
| | | trusted application access ( ) |
| | | verifying they work ( ) |
| | | workspaces ( ) |
| |
| | root passwords, required in Trusted Extensions ( ) |
| |
| | root UID, required for applications ( ) |
| |
| | route command ( ) ( ) |
| |
| | routing ( ) |
| | | accreditation checks ( ) |
| | | commands in Trusted Extensions ( ) |
| | | concepts ( ) |
| | | example of ( ) |
| | | specifying default routes for labeled zones ( ) |
| | | static with security attributes ( ) |
| | | tables ( ) ( ) |
| | | using route command ( ) |
| | | | |
| S |
| |
| | screens, initial display ( ) |
| |
| | scripts |
| | | getmounts ( ) |
| | | getzonelabels ( ) |
| | | /usr/sbin/txzonemgr ( ) ( ) |
| |
| | secure attention, key combination ( ) |
| |
| | security |
| | | initial setup team ( ) |
| | | publications ( ) |
| | | root password ( ) |
| | | site security policy ( ) |
| |
| | Security Administrator role |
| | | administering network of users ( ) |
| | | administering PostScript restriction ( ) |
| | | administering printer security ( ) |
| | | assigning authorizations to users ( ) |
| | | audit tasks ( ) |
| | | configuring a device ( ) |
| | | configuring serial line for login ( ) |
| | | creating ( ) |
| | | creating Convenient Authorizations rights profile ( ) |
| | | enabling unlabeled body pages from a public system ( ) |
| | | enforcing security ( ) |
| | | modifying window configuration files ( ) |
| | | protecting nonallocatable devices ( ) |
| |
| | security administrators, See Security Administrator role |
| |
| | security attributes ( ) |
| | | modifying defaults for all users ( ) |
| | | modifying user defaults ( ) |
| | | setting for remote hosts ( ) |
| | | using in routing ( ) |
| |
| | security information, on printer output ( ) |
| |
| | security label set, remote host templates ( ) |
| |
| | security mechanisms |
| | | extensible ( ) |
| | | Solaris ( ) |
| |
| | security policy |
| | | auditing ( ) |
| | | training users ( ) |
| | | users and devices ( ) |
| |
| | security templates, See remote host templates |
| |
| | Security Templates tool ( ) ( ) |
| | | assigning templates ( ) |
| | | modifying tnrhdb ( ) ( ) |
| | | using ( ) |
| |
| | sel_config file ( ) |
| | | action for editing ( ) |
| | | configuring selection transfer rules ( ) |
| |
| | selecting, audit records by label ( ) |
| |
| | Selection Confirmer, changing defaults ( ) |
| |
| | Selection Manager |
| | | changing timeout ( ) |
| | | configuring rules for selection confirmer ( ) |
| |
| | separation of duty |
| | | creating rights profiles ( ) |
| | | planning for ( ) |
| | | planning for LDAP ( ) |
| |
| | serial line, configuring for logins ( ) |
| |
| | service management facility (SMF), Trusted Extensions service ( ) |
| |
| | service management framework (SMF) |
| | | dpadm ( ) |
| | | dsadm ( ) |
| | | labeld service ( ) |
| |
| | session range ( ) |
| |
| | sessions, failsafe ( ) |
| |
| | Set Daily Message action ( ) |
| |
| | Set Default Routes action ( ) |
| |
| | Set DNS Servers action ( ) |
| |
| | setlabel command ( ) |
| |
| | Share Filesystems action ( ) |
| |
| | Share Logical Interface action ( ) ( ) |
| |
| | Share Physical Interface action ( ) ( ) |
| |
| | sharing, ZFS dataset from labeled zone ( ) |
| |
| | Shut Down Zone action ( ) ( ) |
| |
| | Shutdown authorization ( ) |
| |
| | similarities |
| | | between Trusted Extensions and Solaris auditing ( ) |
| | | between Trusted Extensions and Solaris OS ( ) |
| |
| | single-label operation ( ) |
| |
| | single-label printing, configuring for a zone ( ) |
| |
| | site security policy |
| | | common violations ( ) |
| | | personnel recommendations ( ) |
| | | physical access recommendations ( ) |
| | | recommendations ( ) |
| | | tasks involved ( ) |
| | | Trusted Extensions configuration decisions ( ) |
| | | understanding ( ) |
| |
| | smtnrhdb command ( ) |
| |
| | smtnrhtp command ( ) |
| |
| | smtnzonecfg command ( ) |
| |
| | snoop command ( ) ( ) |
| |
| | software |
| | | administering third-party ( ) |
| | | importing ( ) |
| | | installing Java programs ( ) |
| |
| | Solaris installation options, requirements ( ) |
| |
| | Solaris installed systems, requirements for Trusted Extensions ( ) |
| |
| | Solaris Management Console |
| | | administering trusted network ( ) |
| | | administering users ( ) |
| | | Computers and Networks tool ( ) |
| | | configuring for LDAP ( ) |
| | | configuring LDAP toolbox ( ) |
| | | description of tools and toolboxes ( ) |
| | | enabling LDAP toolbox to be used ( ) |
| | | initializing ( ) |
| | | loading a Trusted Extensions toolbox ( ) |
| | | registering LDAP credentials ( ) |
| | | Security Templates tool ( ) ( ) |
| | | starting ( ) |
| | | toolboxes ( ) |
| | | troubleshooting ( ) ( ) |
| | | Trusted Network Zones tool ( ) |
| | | using Trusted Network Zone Configuration tool ( ) ( ) |
| | | working with Sun Java System Directory Server ( ) |
| |
| | Solaris OS |
| | | differences from Trusted Extensions ( ) |
| | | differences from Trusted Extensions auditing ( ) |
| | | similarities with Trusted Extensions ( ) |
| | | similarities with Trusted Extensions auditing ( ) |
| |
| | solaris.print.nobanner authorization ( ) ( ) |
| |
| | solaris.print.ps authorization ( ) |
| |
| | solaris.print.unlabeled authorization ( ) |
| |
| | Solaris Trusted Extensions, See Trusted Extensions |
| |
| | StarOffice, lengthening timeout when relabeling ( ) |
| |
| | Start Zone action ( ) ( ) |
| |
| | starting |
| | | zones ( ) ( ) |
| |
| | startup files, procedures for customizing ( ) |
| |
| | Stop-A, enabling ( ) |
| |
| | Sun Java System Directory Server, See LDAP server |
| |
| | Sun Ray systems |
| | | enabling initial contact between client and server ( ) |
| | | preventing users from seeing others' processes ( ) |
| |
| | svcs: Pattern 'labeld' doesn't match any instances ( ) |
| |
| | System Administrator role |
| | | adding device_clean script ( ) |
| | | adding print conversion filters ( ) |
| | | administering printers ( ) |
| | | audit tasks ( ) |
| | | enabling music to play automatically ( ) |
| | | preventing File Manager display ( ) |
| | | reclaiming a device ( ) |
| | | restricting ( ) |
| | | reviewing audit records ( ) |
| |
| | system files |
| | | editing ( ) ( ) |
| | | Solaris /etc/default/print ( ) |
| | | Solaris policy.conf ( ) |
| | | Trusted Extensions sel_config ( ) |
| | | Trusted Extensions tsol_separator.ps ( ) |
| | | | |
| T |
| |
| | tape devices |
| | | accessing ( ) |
| | | allocating ( ) |
| |
| | tar command ( ) |
| |
| | Task Map: Configuring Trusted Extensions ( ) |
| |
| | Task Map: Preparing a Solaris System for Trusted Extensions ( ) |
| |
| | Task Map: Preparing For and Enabling Trusted Extensions ( ) |
| |
| | tasks and task maps |
| | | Additional Trusted Extensions Configuration Tasks ( ) |
| | | Administering Trusted Extensions Remotely (Task Map) ( ) |
| | | Associating Network Interfaces With Zones by Using CDE Actions (Task Map) ( ) |
| | | Audit Tasks of the Security Administrator ( ) |
| | | Audit Tasks of the System Administrator ( ) |
| | | Backing Up, Sharing, and Mounting Labeled Files (Task Map) ( ) |
| | | Common Tasks in Trusted Extensions (Task Map) ( ) |
| | | Configuring an LDAP Proxy Server on a Trusted Extensions Host (Task Map) ( ) |
| | | Configuring an LDAP Server on a Trusted Extensions Host (Task Map) ( ) |
| | | Configuring Labeled Printing (Task Map) ( ) |
| | | Configuring Routes and Checking Network Information in Trusted Extensions (Task Map) ( ) |
| | | Configuring the Solaris Management Console for LDAP (Task Map) ( ) |
| | | Configuring Trusted Network Databases (Task Map) ( ) |
| | | Creating Labeled Zones ( ) |
| | | Creating the Labeled Zones by Using CDE Actions (Task Map) ( ) |
| | | Customizing Device Authorizations in Trusted Extensions (Task Map) ( ) |
| | | Customizing User Environment for Security (Task Map) ( ) |
| | | Getting Started as a Trusted Extensions Administrator (Task Map) ( ) |
| | | Handling Devices in Trusted Extensions (Task Map) ( ) |
| | | Handling Other Tasks in the Solaris Management Console (Task Map) ( ) |
| | | Headless System Configuration in Trusted Extensions (Task Map) ( ) |
| | | Managing Devices in Trusted Extensions (Task Map) ( ) |
| | | Managing Printing in Trusted Extensions (Task Map) ( ) |
| | | Managing Software in Trusted Extensions (Tasks) ( ) |
| | | Managing Trusted Networking (Task Map) ( ) |
| | | Managing Users and Rights With the Solaris Management Console ( ) |
| | | Managing Zones (Task Map) ( ) |
| | | Preparing to Create Zones by Using CDE Actions (Task Map) ( ) |
| | | Reducing Printing Restrictions in Trusted Extensions (Task Map) ( ) |
| | | Troubleshooting the Trusted Network (Task Map) ( ) |
| | | Using Devices in Trusted Extensions (Tasks Map) ( ) |
| |
| | tcp_listen=true LDAP setting ( ) |
| |
| | text label equivalents, determining ( ) |
| |
| | Thunderbird, lengthening timeout when relabeling ( ) |
| |
| | tnchkdb command |
| | | action for checking ( ) |
| | | description ( ) |
| | | summary ( ) |
| |
| | tnctl command |
| | | description ( ) |
| | | summary ( ) |
| | | updating kernel cache ( ) |
| | | using ( ) |
| |
| | tnd command |
| | | description ( ) |
| | | summary ( ) |
| |
| | tninfo command |
| | | description ( ) |
| | | summary ( ) |
| | | using ( ) ( ) |
| |
| | tnrhdb database |
| | | 0.0.0.0 host address ( ) ( ) |
| | | 0.0.0.0 wildcard address ( ) |
| | | action for checking ( ) |
| | | adding to ( ) |
| | | configuring ( ) |
| | | fallback mechanism ( ) ( ) |
| | | tool for administering ( ) |
| | | wildcard address ( ) |
| |
| | tnrhtp database |
| | | action for checking ( ) |
| | | adding to ( ) |
| | | tool for administering ( ) |
| |
| | toolboxes |
| | | adding LDAP server to tsol_ldap.tbx ( ) |
| | | defined ( ) |
| | | loading in Trusted Extensions ( ) |
| | | Scope=LDAP ( ) |
| |
| | tools, See administrative tools |
| |
| | Tools subpanel, Device Allocation Manager ( ) |
| |
| | trailer pages, See banner pages |
| |
| | translation, See localizing |
| |
| | troubleshooting |
| | | accessing X server ( ) |
| | | console window not opening ( ) |
| | | failed login ( ) |
| | | Installation of these packages generated errors: SUNWpkgname ( ) ( ) |
| | | IPv6 configuration ( ) |
| | | LDAP ( ) |
| | | mounted file systems ( ) |
| | | network ( ) |
| | | reclaiming a device ( ) |
| | | repairing labels in internal databases ( ) |
| | | Solaris Management Console ( ) ( ) |
| | | Solaris release that supports the labeld service ( ) |
| | | Trusted Extensions configuration ( ) |
| | | trusted network ( ) |
| | | Trusted Network Zones Properties ( ) |
| | | verifying interface is up ( ) |
| | | viewing ZFS dataset mounted in lower-level zone ( ) |
| |
| | Troubleshooting the Trusted Network (Task Map) ( ) |
| |
| | trusted actions, in CDE ( ) |
| |
| | trusted applications, in a role workspace ( ) |
| |
| | trusted_edit trusted editor ( ) |
| |
| | trusted editor |
| | | assigning your favorite editor ( ) |
| | | starting ( ) |
| |
| | Trusted Extensions |
| | | See also Trusted Extensions planning | |
| | | collecting information before enabling ( ) |
| | | decisions to make before enabling ( ) |
| | | differences from Solaris administrator's perspective ( ) |
| | | differences from Solaris auditing ( ) |
| | | differences from Solaris OS ( ) |
| | | disabling ( ) |
| | | enabling ( ) |
| | | man pages quick reference ( ) |
| | | memory requirements ( ) |
| | | planning configuration strategy ( ) |
| | | planning for ( ) |
| | | planning hardware ( ) |
| | | planning network ( ) |
| | | preparing for ( ) ( ) |
| | | quick reference to administration ( ) |
| | | results before configuration ( ) |
| | | separation of duty ( ) |
| | | similarities with Solaris auditing ( ) |
| | | similarities with Solaris OS ( ) |
| | | two-role configuration strategy ( ) |
| |
| | Trusted Extensions configuration |
| | | adding network databases to LDAP server ( ) |
| | | changing default DOI value ( ) |
| | | databases for LDAP ( ) |
| | | division of tasks ( ) |
| | | evaluated configuration ( ) |
| | | headless systems ( ) |
| | | initial procedures ( ) |
| | | initial setup team responsibilities ( ) |
| | | labeled zones ( ) ( ) |
| | | LDAP ( ) |
| | | reboot to activate labels ( ) |
| | | task maps ( ) |
| | | troubleshooting ( ) |
| |
| | Trusted Extensions DOI, enabling DOI different from 1 ( ) |
| |
| | Trusted_Extensions folder |
| | | location ( ) |
| | | using actions in ( ) |
| | | using Admin Editor from ( ) |
| |
| | Trusted Extensions network |
| | | adding zone-specific interface ( ) |
| | | adding zone-specific nscd daemon ( ) |
| | | enabling IPv6 ( ) |
| | | planning ( ) |
| | | removing zone-specific nscd daemon ( ) |
| | | specifying default routes for labeled zones ( ) |
| | | specifying labeles for IP addresses ( ) |
| | | specifying labels for interfaces ( ) |
| |
| | Trusted Extensions requirements |
| | | root password ( ) |
| | | Solaris installation ( ) |
| | | Solaris installed systems ( ) |
| |
| | trusted grab, key combination ( ) |
| |
| | trusted network |
| | | 0.0.0.0 tnrhdb entry ( ) |
| | | action for setting default routes ( ) |
| | | administering with Solaris Management Console ( ) |
| | | checking syntax of files ( ) |
| | | concepts ( ) |
| | | default labeling ( ) |
| | | editing local files ( ) |
| | | example of routing ( ) |
| | | host types ( ) |
| | | labels and MAC enforcement ( ) |
| | | using templates ( ) |
| |
| | Trusted Network tools |
| | | description ( ) |
| | | using ( ) |
| |
| | Trusted Network Zones tool |
| | | assigning labels to named zones ( ) ( ) |
| | | configuring a multilevel port ( ) |
| | | configuring a multilevel print server ( ) |
| | | creating a multilevel port ( ) |
| | | description ( ) ( ) |
| | | troubleshooting ( ) |
| |
| | trusted path attribute, when available ( ) |
| |
| | Trusted Path menu, Assume Role ( ) |
| |
| | trusted processes |
| | | in the window system ( ) |
| | | starting actions ( ) |
| |
| | trusted programs |
| | | adding ( ) |
| | | defined ( ) |
| |
| | trusted stripe |
| | | on multiheaded system ( ) |
| | | warping pointer to ( ) |
| |
| | trustworthy programs ( ) |
| |
| | tsol_ldap.tbx file ( ) |
| |
| | tsol_separator.ps file |
| | | configurable values ( ) |
| | | customizing labeled printing ( ) |
| |
| | txzonemgr script ( ) ( ) |
| | | | |
| U |
| |
| | unlabeled printing, configuring ( ) |
| |
| | updatehome command ( ) ( ) |
| |
| | Upgrade DragNDrop or CutPaste Info authorization ( ) |
| |
| | Upgrade File Label authorization ( ) |
| |
| | upgrading labels, configuring rules for selection confirmer ( ) |
| |
| | User Accounts tool ( ) |
| |
| | useradd command ( ) |
| |
| | users |
| | | accessing devices ( ) ( ) |
| | | accessing printers ( ) |
| | | adding from NIS server ( ) |
| | | adding local user with useradd ( ) |
| | | assigning authorizations to ( ) |
| | | assigning labels ( ) |
| | | assigning passwords ( ) |
| | | assigning rights ( ) |
| | | assigning roles to ( ) |
| | | authorizations for ( ) |
| | | Change Password menu item ( ) |
| | | changing default privileges ( ) |
| | | creating ( ) |
| | | creating initial users ( ) |
| | | customizing environment ( ) |
| | | deletion precautions ( ) |
| | | labels of processes ( ) |
| | | lengthening timeout when relabeling ( ) |
| | | logging in remotely to the global zone ( ) |
| | | logging in to a failsafe session ( ) |
| | | modifying security defaults ( ) |
| | | modifying security defaults for all users ( ) |
| | | planning for ( ) |
| | | preventing account locking ( ) |
| | | preventing from seeing others' processes ( ) |
| | | printing ( ) |
| | | removing some privileges ( ) |
| | | requiring two roles to create user ( ) |
| | | requiring two roles to create users ( ) |
| | | restoring control of desktop focus ( ) |
| | | security precautions ( ) |
| | | security training ( ) ( ) ( ) |
| | | session range ( ) |
| | | setting up skeleton directories ( ) |
| | | startup files ( ) |
| | | using .copy_files file ( ) |
| | | using .link_files file ( ) |
| | | using devices ( ) |
| |
| | Using Devices in Trusted Extensions (Task Map) ( ) |
| |
| | /usr/dt/bin/trusted_edit trusted editor ( ) |
| |
| | /usr/dt/config/sel_config file ( ) ( ) |
| |
| | /usr/lib/lp/postscript/tsol_separator.ps file, labeling printer output ( ) |
| |
| | /usr/local/scripts/getmounts script ( ) |
| |
| | /usr/local/scripts/getzonelabels script ( ) |
| |
| | /usr/sbin/txzonemgr script ( ) ( ) |
| |
| | /usr/sbin/txzonemgr script ( ) ( ) ( ) |
| |
| | utadm command, default Sun Ray server configuration ( ) |
| | | | |
| V |
| |
| | VCL.xcu file ( ) |
| |
| | verifying |
| | | interface is up ( ) |
| | | label_encodings file ( ) |
| | | roles are working ( ) |
| | | syntax of network databases ( ) |
| | | zone status ( ) |
| |
| | viewing, See accessing |
| |
| | virtual network computing (vnc), See Xvnc systems running Trusted Extensions |
| | | | |
| W |
| |
| | well-formed labels ( ) |
| |
| | wildcard address, See fallback mechanism |
| |
| | window manager ( ) |
| |
| | window system, trusted processes ( ) |
| |
| | workspaces |
| | | color changes ( ) |
| | | colors indicating label of ( ) |
| | | global zone ( ) |
| | | initial display ( ) |
| | | | |
| X |
| |
| | X audit classes ( ) |
| |
| | xatom audit token ( ) |
| |
| | xc audit class ( ) |
| |
| | xclient audit token ( ) |
| |
| | xcolormap audit token ( ) |
| |
| | xcursor audit token ( ) |
| |
| | xfont audit token ( ) |
| |
| | xgc audit token ( ) |
| |
| | xp audit class ( ) |
| |
| | xpixmap audit token ( ) |
| |
| | xproperty audit token ( ) |
| |
| | xs audit class ( ) |
| |
| | xselect audit token ( ) |
| |
| | Xtsolusersession script ( ) |
| |
| | Xvnc systems running Trusted Extensions |
| | | remote access to ( ) ( ) |
| |
| | xwindow audit token ( ) |
| |
| | xx audit class ( ) |
| | | | |
| Z |
| |
| | zenity script ( ) |
| |
| | ZFS |
| | | adding dataset to labeled zone ( ) |
| | | mounting dataset read-write on labeled zone ( ) |
| | | unsupported but fast zone creation method ( ) |
| | | viewing mounted dataset read-only from higher-level zone ( ) |
| |
| | ZFS pools, creating for cloning zones ( ) |
| |
| | Zone Console, output ( ) |
| |
| | /zone/public/etc/dfs/dfstab file ( ) |
| |
| | Zone Terminal Console action ( ) |
| | | output ( ) ( ) |
| | | using ( ) |
| |
| | zones |
| | | action for cloning ( ) |
| | | action for configuring ( ) |
| | | action for copying ( ) |
| | | action for initializing ( ) |
| | | action for installing ( ) |
| | | action for restarting ( ) |
| | | action for sharing logical interface ( ) |
| | | action for sharing physical interface ( ) |
| | | action for shutting down ( ) |
| | | action for starting ( ) |
| | | action for viewing from console ( ) |
| | | adding network interface ( ) |
| | | adding nscd daemon to each labeled zone ( ) |
| | | administering ( ) |
| | | administering from Trusted JDS ( ) |
| | | associating zone names with labels ( ) ( ) |
| | | booting ( ) ( ) |
| | | creating ( ) |
| | | creating MLP ( ) |
| | | creating MLP for NFSv3 ( ) |
| | | creating ZFS pool for cloning ( ) |
| | | customizing ( ) |
| | | deciding creation method ( ) |
| | | deleting ( ) |
| | | displaying labels of file systems ( ) |
| | | displaying status ( ) |
| | | enabling login to ( ) |
| | | global ( ) |
| | | halting ( ) |
| | | in Trusted Extensions ( ) |
| | | initializing ( ) |
| | | initializing for LDAP ( ) |
| | | installing ( ) ( ) |
| | | isolating with default routes ( ) |
| | | managing ( ) |
| | | net_mac_aware privilege ( ) |
| | | removing nscd daemon from labeled zones ( ) |
| | | showing zone activity ( ) ( ) ( ) |
| | | shutting down ( ) |
| | | specifying a shared IP address ( ) |
| | | specifying default routes ( ) |
| | | specifying labels ( ) ( ) |
| | | specifying names ( ) ( ) |
| | | specifying one IP address for all zones ( ) ( ) |
| | | starting ( ) |
| | | tool for labeling ( ) |
| | | troubleshooting access ( ) |
| | | troubleshooting installation ( ) |
| | | txzonemgr script ( ) |
| | | /usr/sbin/txzonemgr script ( ) ( ) |
| | | verifying status ( ) |
|
