Enabling the Solaris Trusted Extensions Service
In the Solaris Express Community Edition, Solaris Trusted Extensions is a service that
is managed by the service management facility (SMF). The name of the service
is svc:/system/labeld:default. By default, the labeld service is disabled.
Enable Solaris Trusted Extensions
The labeld service attaches labels to communications endpoints. For example, the following are
labeled:
All zones and the directories and files within each zone
All processes including window processes
All network communications
Before You Begin
You have completed the tasks in Installing or Upgrading the Solaris OS for Trusted Extensions and Collecting Information and Making Decisions Before Enabling Trusted Extensions.
- On a Solaris system, enable the labeld service.
# svcadm enable -s svc:/system/labeld:default
The labeld service adds labels to the system and starts the Solaris auditing
service and device allocation. Do not perform other tasks until the cursor returns
to the prompt.
- Verify that the service is enabled.
# svcs -x labeld
svc:/system/labeld:default (Trusted Extensions)
State: online since weekday month date hour:minute:second year
See: labeld(1M)
Impact: None.
Note - The labels do not appear until after you reboot the system. Setting Up the Global Zone in Trusted Extensions
includes tasks that you might want to perform before rebooting.
Troubleshooting
The following message indicates that you are not running a Solaris release that
supports Trusted Extensions as a service: svcs: Pattern 'labeld' doesn't match any instances.
To run Trusted Extensions on a Solaris system that does not support the
labeld service, follow the instructions in the Solaris Trusted Extensions Installation and Configuration guide.
