Solaris Trusted Extensions Administrator's Procedures
Previous Next

Command Line Tools in Trusted Extensions

Commands that are unique to Trusted Extensions are contained in the Solaris Trusted Extensions Reference Manual. The Solaris commands that Trusted Extensions modifies are contained in the Solaris Reference Manual. The man command finds all the commands.

The following table lists commands that are unique to Trusted Extensions. The commands are listed in man page format.

Table 8-4 User and Administrative Trusted Extensions Commands

Man Page

Trusted Extensions Modification

For More Information

add_allocatable(1M)

Enables a device to be allocated by adding the device to device allocation databases. By default, removable devices are allocatable.

How to Configure a Device in Trusted Extensions

atohexlabel(1M)

Translates a label into hexadecimal format.

How to Obtain the Hexadecimal Equivalent for a Label

chk_encodings(1M)

Checks the integrity of the label_encodings file.

How to Debug a label_encodings File in Solaris Trusted Extensions Label Administration

dtappsession(1)

Opens a remote Trusted CDE session by using the Application Manager.

Chapter 14, Remote Administration in Trusted Extensions (Tasks)

getlabel(1)

Displays the label of the selected files or directories.

How to Display the Labels of Mounted Files

getzonepath(1)

Displays the full pathname of a specific zone.

Acquiring a Sensitivity Label in Solaris Trusted Extensions Developer’s Guide

hextoalabel(1M)

Translates a hexadecimal label into its readable equivalent.

How to Obtain a Readable Label From Its Hexadecimal Form

plabel(1)

Displays the label of the current process.

See the man page.

remove_allocatable(1M)

Prevents allocation of a device by removing its entry from device allocation databases.

How to Configure a Device in Trusted Extensions

setlabel(1)

Relabels the selected item. Requires the solaris.label.file.downgrade or solaris.label.file.upgrade authorization. These authorizations are in the Object Label Management rights profile.

For the equivalent GUI procedure, see How to Move Files Between Labels in Trusted CDE in Solaris Trusted Extensions User’s Guide.

smtnrhdb(1M)

Manages entries in the tnrhdb database locally or in a naming service database.

For equivalent procedures that use the Solaris Management Console, see Configuring Trusted Network Databases (Task Map).

smtnrhtp(1M)

Manages entries in the tnrhtp database locally or in a naming service database.

See the man page.

smtnzonecfg(1M)

Manages entries in the local tnzonecfg database.

For an equivalent procedure that uses the Solaris Management Console, see How to Create a Multilevel Port for a Zone.

tnchkdb(1M)

Checks the integrity of the tnrhdb and tnrhtp databases.

How to Check the Syntax of Trusted Network Databases

tnctl(1M)

Caches network information in the kernel.

How to Synchronize the Kernel Cache With Trusted Network Databases

tnd(1M)

Executes the trusted network daemon.

How to Synchronize the Kernel Cache With Trusted Network Databases

tninfo(1M)

Displays kernel-level network information and statistics.

How to Compare Trusted Network Database Information With the Kernel Cache.

updatehome(1M)

Updates .copy_files and .link_files for the current label.

How to Configure Startup Files for Users in Trusted Extensions

The following table lists Solaris commands that are modified or extended by Trusted Extensions. The commands are listed in man page format.

Table 8-5 User and Administrative Commands That Trusted Extensions Modifies

Man Page

Purpose of Command

For More Information

allocate(1)

Adds options to clean the allocated device, and to allocate a device to a specific zone. In Trusted Extensions, regular users do not use this command.

How to Allocate a Device in Trusted Extensions in Solaris Trusted Extensions User’s Guide

deallocate(1)

Adds options to clean the device, and to deallocate a device from a specific zone. In Trusted Extensions, regular users do not use this command.

How to Allocate a Device in Trusted Extensions in Solaris Trusted Extensions User’s Guide

list_devices(1)

Adds the -a option to display device attributes, such as authorizations and labels. Adds the -d option to display the default attributes of an allocated device type. Adds the -z option to display available devices that can be allocated to a labeled zone.

See the man page.

tar(1)

Adds the -T option to archive and extract files and directories that are labeled.

How to Back Up Files in Trusted Extensions and How to Restore Files in Trusted Extensions

auditconfig(1M)

Adds the windata_down and windata_up audit policy options.

How to Configure Audit Policy in System Administration Guide: Security Services

auditreduce(1M)

Adds the -l option to select audit records by label.

How to Select Audit Events From the Audit Trail in System Administration Guide: Security Services

automount(1M)

Modifies the names and contents of auto_home maps to account for zone names and zone visibility from higher labels.

Changes to the Automounter in Trusted Extensions

ifconfig(1M)

Adds the all-zones option to make an interface available to every zone on the system.

How to Verify That a Host's Interfaces Are Up

netstat(1M)

Adds the -R option to display extended security attributes for sockets and routing table entries.

How to Debug the Trusted Extensions Network

route(1M)

Adds the -secattr option to display the security attributes of the route: cipso, doi, max_sl, and min_sl.

How to Configure Routes With Security Attributes

Previous Next