Preface

The Solaris Trusted Extensions Administrator's Procedures guide provides procedures for enabling and initially configuring Solaris^TM Trusted Extensions on the Solaris Operating System. This guide also provides procedures for managing users, zones, devices, and hosts that are labeled with Solaris Trusted Extensions software.

Note –

This Solaris release supports systems that use the SPARC® and x86 families of processor architectures. The supported systems appear in the Solaris OS: Hardware Compatibility Lists. This document cites any implementation differences between the platform types.

In this document these x86 related terms mean the following:

“x86” refers to the larger family of 64-bit and 32-bit x86 compatible products.
“x64” relates specifically to 64-bit x86 compatible CPUs.
“32-bit x86” points out specific 32-bit information about x86 based systems.

For supported systems, see the Solaris OS: Hardware Compatibility Lists.

Who Should Use This Book

This book is for knowledgeable system administrators and security administrators who are configuring and administering Trusted Extensions software. The level of trust that is required by your site security policy, and your level of expertise, determines who can perform the configuration tasks.

Administrators should be familiar with Solaris administration. In addition, administrators should understand the following:

The security features of Trusted Extensions and your site security policy
Basic concepts and procedures for using a host that is configured with Trusted Extensions, as described in the Solaris Trusted Extensions User’s Guide
How administrative tasks are divided among roles at your site

Trusted Extensions and the Solaris Operating System

Trusted Extensions runs on top of the Solaris Operating System (Solaris OS). Because Trusted Extensions software can modify the Solaris OS, Trusted Extensions can require specific settings for Solaris installation options. Part I of this guide describes how to prepare the Solaris OS for Trusted Extensions, how to enable Trusted Extensions, and how to initially configure the software. Part II of this guide describes how to administer the uniquely Trusted Extensions features of the system.

How the Solaris Trusted Extensions Books Are Organized

The Solaris Trusted Extensions documentation set supplements the documentation for the Solaris Express Community Edition release. Review both sets of documentation for a more complete understanding of Solaris Trusted Extensions. The Solaris Trusted Extensions documentation set consists of the following books.

Book Title	Topics	Audience
Solaris Trusted Extensions Transition Guide	Obsolete. Provides an overview of the differences between Trusted Solaris 8 software, Solaris Express Developer Edition 9/07 software, and Solaris Trusted Extensions software. For this release, the What's New document for the Solaris OS provides an overview of Trusted Extensions changes.	All
Solaris Trusted Extensions Reference Manual	Obsolete. Provides Solaris Trusted Extensions man pages for releases prior to the Solaris Express Developer Edition 9/07 release. For this release, Trusted Extensions man pages are included with the Solaris man pages.	All
Solaris Trusted Extensions User’s Guide	Describes the basic features of Solaris Trusted Extensions. This book contains a glossary.	End users, administrators, developers
Solaris Trusted Extensions Installation and Configuration	Obsolete. Describes how to plan for, install, and configure Solaris Trusted Extensions for the Solaris 10 11/06 and Solaris 10 8/07 releases of Trusted Extensions.	Administrators, developers
Solaris Trusted Extensions Administrator’s Procedures	For this release, Part I describes how to prepare for, enable, and initially configure Trusted Extensions. Part I replaces Solaris Trusted Extensions Installation and Configuration. Part II describes how to administer a Trusted Extensions system. This book contains a glossary.	Administrators, developers
Solaris Trusted Extensions Developer’s Guide	Describes how to develop applications with Solaris Trusted Extensions.	Developers, administrators
Solaris Trusted Extensions Label Administration	Provides information about how to specify label components in the label encodings file.	Administrators
Compartmented Mode Workstation Labeling: Encodings Format	Describes the syntax used in the label encodings file. The syntax enforces the various rules for well-formed labels for a system.	Administrators

Related Books From Sun Microsystems

The following books contain information that is useful when you prepare for and run Solaris Trusted Extensions software.

Solaris Express Installation Guide: Planning for Installation and Upgrade – Provides guidance on installing the Solaris OS

Solaris Express Installation Guide: Custom JumpStart and Advanced Installations – Provides guidance on installation methods and configuration options

Book Title	Topics
System Administration Guide: Basic Administration	User accounts and groups, server and client support, shutting down and booting a system, managing services, and managing software (packages and patches)
System Administration Guide: Advanced Administration	Terminals and modems, system resources (disk quotas, accounting, and crontabs), system processes, and troubleshooting Solaris software problems
System Administration Guide: Devices and File Systems	Removable media, disks and devices, file systems, and backing up and restoring data
System Administration Guide: IP Services	TCP/IP network administration, IPv4 and IPv6 address administration, DHCP, IPsec, IKE, Solaris IP filter, Mobile IP, IP network multipathing (IPMP), and IPQoS
System Administration Guide: Network Interfaces and Network Virtualization	Networking stack, NIC driver property configuration, network interface configuration, administration of VLANs and link aggregations, configuring WiFi wireless networking.
System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP)	DNS, NIS, and LDAP naming and directory services, including transitioning from NIS to LDAP and transitioning from NIS+ to LDAP
System Administration Guide: Network Services	Web cache servers, time-related services, network file systems (NFS and Autofs), mail, SLP, and PPP
System Administration Guide: Security Services	Auditing, device management, file security, BART, Kerberos services, PAM, Solaris Cryptographic Framework, privileges, RBAC, SASL, and Solaris Secure Shell
System Administration Guide: Virtualization Using the Solaris Operating System	Resource management features, which enable you to control how applications use available system resources; zones software partitioning technology, which virtualizes operating system services to create an isolated environment for running applications; and virtualization using Sun^TM xVM hypervisor technology, which supports multiple operating system instances simultaneously
Solaris CIFS Administration Guide	Solaris CIFS service, which enables you to configure a Solaris system to make CIFS shares available to CIFS clients; and native identity mapping services, which enables you to map user and group identities between Solaris systems and Windows systems
Solaris ZFS Administration Guide	ZFS storage pool and file system creation and management, snapshots, clones, backups, using access control lists (ACLs) to protect ZFS files, using ZFS on a Solaris system with zones installed, emulated volumes, and troubleshooting and data recovery
System Administration Guide: Solaris Printing	Solaris printing topics and tasks, using services, tools, protocols, and technologies to set up and administer printing services and printers

Books From Elsewhere

Your site security policy document – Describes the security policy and security procedures at your site

Solaris Common Desktop Environment: Advanced User's and System Administrator's Guide – Describes the Common Desktop Environment (CDE)

The administrator guide for your currently installed operating system – Describes how to back up system files

Related Third-Party Web Site References

Third-party URLs are referenced in this document and provide additional, related information.

Note –

Sun is not responsible for the availability of third-party web sites that are mentioned in this document. Sun does not endorse and is not responsible or liable for any content, advertising, products, or other materials that are available on or through such sites or resources. Sun will not be responsible or liable for any actual or alleged damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any such content, goods, or services that are available on or through such sites or resources.

Documentation, Support, and Training

The Sun web site provides information about the following additional resources:

Sun Welcomes Your Comments

Sun is interested in improving its documentation and welcomes your comments and suggestions. To share your comments, go to http://docs.sun.com and click Feedback.

Typographic Conventions

The following table describes the typographic conventions that are used in this book.

Table P–1 Typographic Conventions


Typeface	Meaning	Example
`AaBbCc123`	The names of commands, files, and directories, and onscreen computer output	Edit your `.login` file. Use `ls -a` to list all files. `machine_name% you have mail.`
`AaBbCc123`	What you type, contrasted with onscreen computer output	`machine_name%` `su` `Password:`
`aabbcc123`	Placeholder: replace with a real name or value	The command to remove a file is `rm` `filename`.
AaBbCc123	Book titles, new terms, and terms to be emphasized	Read Chapter 6 in the User's Guide. A cache is a copy that is stored locally. Do not save the file. Note: Some emphasized items appear bold online.

Shell Prompts in Command Examples

The following table shows the default UNIX® system prompt and superuser prompt for the C shell, Bourne shell, and Korn shell.

Table P–2 Shell Prompts


Shell	Prompt
C shell	`machine_name%`
C shell for superuser	`machine_name#`
Bourne shell and Korn shell	`$`
Bourne shell and Korn shell for superuser	`#`