Index

A

access policy

devices, Device Access Policies

Discretionary Access Control (DAC)

Trusted Extensions Software and the Solaris OS

Differences Between Trusted Extensions and the Solaris OS

Mandatory Access Control (MAC), Differences Between Trusted Extensions and the Solaris OS

access, See computer access

accessing the X server, Labeled Zone Is Unable to Access the X Server

accessing

Admin Editor action, How to Edit Administrative Files in Trusted Extensions

administrative tools, Getting Started as a Trusted Extensions Administrator (Task Map)

audit records by label, Audit Tasks of the System Administrator

devices, Device Protection With Trusted Extensions Software

global zone, How to Enter the Global Zone in Trusted Extensions

home directories, Zones in Trusted Extensions

printers, Labels, Printers, and Printing

remote multilevel desktop, How to Use Xvnc to Remotely Access a Trusted Extensions System

Solaris Management Console, How to Administer the Local System With the Solaris Management Console

trusted CDE actions, How to Start CDE Administrative Actions in Trusted Extensions

ZFS dataset mounted in lower-level zone from higher-level zone, How to Share a ZFS Dataset From a Labeled Zone

account locking, preventing, How to Prevent Account Locking for Users

accounts

See roles

planning, Planning User Security in Trusted Extensions

accreditation checks, Trusted Extensions Accreditation Checks

accreditation ranges, label_encodings file, Label Encodings File

Action failed. Reconnect to Solaris Zone?, Labeled Zone Is Unable to Access the X Server

actions

See administrative actions

See also individual actions by name

adding new Trusted CDE actions, Adding Trusted CDE Actions

Admin Editor, How to Edit Administrative Files in Trusted Extensions

Device Allocation Manager, Device Allocation Manager GUI

list of trusted CDE, Trusted CDE Actions

Name Service Switch, How to Debug the Trusted Extensions Network

Print Manager, How to Suppress Banner and Trailer Pages for Specific Users

restricted by rights profiles, Trusted Processes in the Window System

use differences between CDE and Trusted CDE, Adding Trusted CDE Actions

add_allocatable command, Command Line Tools in Trusted Extensions

Add Allocatable Device action, Trusted CDE Actions

adding

default routes for labeled zones, Add a Network Interface That Does Not Use the Global Zone to Route an Existing Labeled Zone

LDAP toolbox, Edit the LDAP Toolbox in the Solaris Management Console

local role with roleadd, Create the Security Administrator Role in Trusted Extensions

local user with useradd, Create Users Who Can Assume Roles in Trusted Extensions

network databases to LDAP server, Populate the Sun Java System Directory Server

nscd daemon to every labeled zone, Configure a Name Service Cache in Each Labeled Zone

roles, Creating Roles and Users in Trusted Extensions

shared network interfaces, Configure the Network Interfaces in Trusted Extensions

Trusted Extensions to a Solaris system, Enable Solaris Trusted Extensions

users by using lpaddent, Add an NIS User to the LDAP Server

users who can assume roles, Create Users Who Can Assume Roles in Trusted Extensions

zone-specific network interface, Add a Network Interface to Route an Existing Labeled Zone

zone-specific nscd daemon, Configure a Name Service Cache in Each Labeled Zone

Additional Trusted Extensions Configuration Tasks, Additional Trusted Extensions Configuration Tasks

addresses

sharing between global and labeled zones, Specify Two IP Addresses for the System by Using a CDE Action

specifying one IP address per system

Configure the Network Interfaces in Trusted Extensions

Specify One IP Address for the System by Using a CDE Action

Admin Editor action, Trusted CDE Actions

opening, How to Edit Administrative Files in Trusted Extensions

ADMIN_HIGH label, Dominance Relationships Between Labels

ADMIN_LOW label

lowest label, Dominance Relationships Between Labels

protecting administrative files, Password Protection

Administering Trusted Extensions Remotely (Task Map), Administering Trusted Extensions Remotely (Task Map)

administering

account locking, How to Prevent Account Locking for Users

assigning device authorizations, How to Assign Device Authorizations

audio device to play music, How to Configure an Audio Player Program for Use in Trusted CDE

auditing in Trusted Extensions, Audit Management by Role in Trusted Extensions

changing label of information, How to Enable a User to Change the Security Level of Data

convenient authorizations for users, How to Create a Rights Profile for Convenient Authorizations

device allocation, How to Assign Device Authorizations

device authorizations, How to Create New Device Authorizations

devices

Managing Devices for Trusted Extensions (Tasks)

Managing Devices in Trusted Extensions (Task Map)

file systems

mounting, How to NFS Mount Files in a Labeled Zone

overview, Sharing and Mounting Files in Trusted Extensions

troubleshooting, How to Troubleshoot Mount Failures in Trusted Extensions

files

backing up, How to Back Up Files in Trusted Extensions

restoring, How to Restore Files in Trusted Extensions

from the global zone, How to Enter the Global Zone in Trusted Extensions

hiding labels from users, How to Hide Labels From a User

labeled printing, Managing Labeled Printing (Tasks)

LDAP, Trusted Extensions and LDAP (Overview)

mail, Multilevel Mail in Trusted Extensions (Overview)

multilevel ports, How to Compare Trusted Network Database Information With the Kernel Cache

network in Trusted Extensions, Managing Networks in Trusted Extensions (Tasks)

network of users, Managing Users and Rights With the Solaris Management Console (Task Map)

PostScript printing, How to Enable Users to Print PostScript Files in Trusted Extensions

printing in Trusted Extensions, Managing Printing in Trusted Extensions (Task Map)

printing interoperability with Trusted Solaris 8, Interoperability of Trusted Extensions With Trusted Solaris 8 Printing

quick reference for administrators, Quick Reference to Trusted Extensions Administration

remote host database, How to Assign a Security Template to a Host or a Group of Hosts

remote host templates, How to Construct a Remote Host Template

remotely by a role, Enable Remote Login by a Role in Trusted Extensions

remotely from command line, How to Log In Remotely From the Command Line in Trusted Extensions

remotely with dtappsession, How to Remotely Administer Trusted Extensions With dtappsession

remotely with Solaris Management Console

How to Remotely Administer Systems by Using the Solaris Management Console From a Trusted Extensions System

How to Remotely Administer Systems by Using the Solaris Management Console From an Unlabeled System

remotely, Remote Administration in Trusted Extensions (Tasks)

routes with security attributes, How to Configure Routes With Security Attributes

serial line for login, How to Configure a Serial Line for Logins

sharing file systems, How to Share Directories From a Labeled Zone

startup files for users, How to Configure Startup Files for Users in Trusted Extensions

system files, How to Change Security Defaults in System Files

third-party software, Software Management in Trusted Extensions (Tasks)

timeout when relabeling information, How to Lengthen the Timeout When Relabeling Information

trusted network databases, Configuring Trusted Network Databases (Task Map)

trusted networking, Managing Networks in Trusted Extensions (Tasks)

unlabeled printing, Reducing Printing Restrictions in Trusted Extensions (Task Map)

user privileges, How to Restrict a User's Set of Privileges

users

Decisions to Make Before Creating Users in Trusted Extensions

Managing Users, Rights, and Roles in Trusted Extensions (Tasks)

zones from Trusted JDS, Zone Administration Utilities in Trusted Extensions

zones, Managing Zones (Task Map)

administrative actions

See also actions

accessing, How to Edit Administrative Files in Trusted Extensions

Check Encodings, Check and Install Your Label Encodings File

Clone Zone, Use the Clone Zone Method in Trusted Extensions

Configure Zone, Specify Zone Names and Zone Labels by Using a CDE Action

Copy Zone, Use the Copy Zone Method in Trusted Extensions

Create LDAP Client, Make the Global Zone an LDAP Client in Trusted Extensions

in CDE, Trusted CDE Actions

in Trusted_Extensions folder, How to Start CDE Administrative Actions in Trusted Extensions

Initialize Zone for LDAP, Install, Initialize, and Boot a Labeled Zone by Using CDE Actions

Install Zone, Install, Initialize, and Boot a Labeled Zone by Using CDE Actions

list of trusted CDE, Trusted CDE Actions

naming services, Using the LDAP Naming Service in Trusted Extensions

Share Logical Interface, Specify Two IP Addresses for the System by Using a CDE Action

Share Physical Interface, Specify One IP Address for the System by Using a CDE Action

Shut Down Zone, Customize a Booted Zone in Trusted Extensions

Start Zone, Install, Initialize, and Boot a Labeled Zone by Using CDE Actions

starting remotely

How to Remotely Administer Systems by Using the Solaris Management Console From a Trusted Extensions System

How to Remotely Administer Systems by Using the Solaris Management Console From an Unlabeled System

trusted, Trusted Processes in the Window System

Zone Terminal Console

Customize the Labeled Zone

Install, Initialize, and Boot a Labeled Zone by Using CDE Actions

administrative labels, Dominance Relationships Between Labels

Administrative Roles tool, Trusted Extensions Tools in the Solaris Management Console

administrative roles, See roles

administrative tools

accessing, Getting Started as a Trusted Extensions Administrator (Task Map)

commands, Command Line Tools in Trusted Extensions

description, Trusted Extensions Administration Tools

Device Allocation Manager, Device Allocation Manager

in Trusted_Extensions folder, How to Start CDE Administrative Actions in Trusted Extensions

label builder, Label Builder in Trusted Extensions

Labeled Zone Manager, txzonemgr Script

Solaris Management Console

Solaris Management Console Tools

How to Administer the Local System With the Solaris Management Console

Trusted CDE actions, Trusted CDE Actions

txzonemgr script, txzonemgr Script

allocate command, Command Line Tools in Trusted Extensions

Allocate Device authorization

How to Create a Rights Profile for Convenient Authorizations

Device Protection With Trusted Extensions Software

How to Assign Device Authorizations

allocate error state, correcting, How to Revoke or Reclaim a Device in Trusted Extensions

allocating devices

for copying data, How to Copy Files to Portable Media in Trusted Extensions

tape drive, How to Copy Files From Portable Media in Trusted Extensions

allocating, using Device Allocation Manager, Device Allocation Manager GUI

Always Print Banner checkbox, How to Suppress Banner and Trailer Pages for Specific Users

applications

evaluating for security, Security Administrator Responsibilities for Trusted Programs

installing, Managing Software in Trusted Extensions (Tasks)

trusted and trustworthy, Evaluating Software for Security

assigning

editor as the trusted editor, How to Assign the Editor of Your Choice as the Trusted Editor

privileges to users, Security Attribute Assignment to Users in Trusted Extensions

rights profiles, Security Attribute Assignment to Users in Trusted Extensions

Associating Network Interfaces With Zones by Using CDE Actions (Task Map), Associating Network Interfaces With Zones by Using CDE Actions (Task Map)

Assume Role menu item, How to Enter the Global Zone in Trusted Extensions

assuming, roles, How to Enter the Global Zone in Trusted Extensions

atohexlabel command

Command Line Tools in Trusted Extensions

How to Obtain the Hexadecimal Equivalent for a Label

audio devices

automatically starting an audio player, How to Configure an Audio Player Program for Use in Trusted CDE

preventing remote allocation, How to Protect Nonallocatable Devices in Trusted Extensions

audit_class file, action for editing, Trusted CDE Actions

Audit Classes action, Trusted CDE Actions

audit classes for Trusted Extensions, list of new X audit classes, Trusted Extensions Audit Classes

Audit Control action, Trusted CDE Actions

audit_control file, action for editing, Trusted CDE Actions

audit_event file, Trusted CDE Actions

Audit Events action, Trusted CDE Actions

audit events for Trusted Extensions, list of, Trusted Extensions Audit Events

audit planning, Planning for Auditing in Trusted Extensions

audit policy in Trusted Extensions, Trusted Extensions Audit Policy Options

audit records in Trusted Extensions, policy, Trusted Extensions Audit Policy Options

Audit Review profile, reviewing audit records, Audit Tasks of the System Administrator

Audit Startup action, Trusted CDE Actions

audit_startup command, action for editing, Trusted CDE Actions

Audit Tasks of the System Administrator, Audit Tasks of the System Administrator

audit tokens for Trusted Extensions

label token, label Token

list of, Trusted Extensions Audit Tokens

xatom token, xatom Token

xclient token, xclient Token

xcolormap token, xcolormap Token

xcursor token, xcursor Token

xfont token, xfont Token

xgc token, xgc Token

xpixmap token, xpixmap Token

xproperty token, xproperty Token

xselect token, xselect Token

xwindow token, xwindow Token

auditconfig command, Command Line Tools in Trusted Extensions

auditing in Trusted Extensions

additional audit events, Trusted Extensions Audit Events

additional audit policies, Trusted Extensions Audit Policy Options

additional audit tokens, Trusted Extensions Audit Tokens

additions to existing auditing commands, Extensions to Auditing Commands in Trusted Extensions

differences from Solaris auditing, Trusted Extensions and Auditing

reference, Trusted Extensions Auditing (Overview)

roles for administering, Audit Management by Role in Trusted Extensions

security administrator tasks, Audit Tasks of the Security Administrator

system administrator tasks, Audit Tasks of the System Administrator

tasks, Audit Tasks in Trusted Extensions

X audit classes, Trusted Extensions Audit Classes

auditing, planning, Planning for Auditing in Trusted Extensions

auditreduce command, Command Line Tools in Trusted Extensions

authorizations

adding new device authorizations, How to Create New Device Authorizations

Allocate Device

Device Protection With Trusted Extensions Software

How to Assign Device Authorizations

assigning device authorizations, How to Assign Device Authorizations

assigning, Security Attribute Assignment to Users in Trusted Extensions

authorizing a user or role to change label, How to Enable a User to Change the Security Level of Data

Configure Device Attributes, How to Assign Device Authorizations

convenient for users, How to Create a Rights Profile for Convenient Authorizations

creating customized device authorizations, How to Create New Device Authorizations

creating local and remote device authorizations, How to Create New Device Authorizations

customizing for devices, How to Add Site-Specific Authorizations to a Device in Trusted Extensions

granted, Trusted Extensions and Access Control

Print Postscript, PostScript Printing of Security Information

Print PostScript, How to Enable Users to Print PostScript Files in Trusted Extensions

profiles that include device allocation authorizations, How to Assign Device Authorizations

Revoke or Reclaim Device

How to Assign Device Authorizations

solaris.print.nobanner, How to Suppress Banner and Trailer Pages for Specific Users

solaris.print.ps, How to Enable Users to Print PostScript Files in Trusted Extensions

authorizing

device allocation, How to Assign Device Authorizations

PostScript printing, Reducing Printing Restrictions in Trusted Extensions (Task Map)

unlabeled printing, Reducing Printing Restrictions in Trusted Extensions (Task Map)

automount command, Command Line Tools in Trusted Extensions