smtnrhtp(1M) System Administration Commands smtnrhtp(1M)NAMEsmtnrhtp - manage entries in the trusted network template database
SYNOPSIS
/usr/sadm/bin/smtnrhtp subcommand [auth_args] -- [subcommand_args]
DESCRIPTION
The smtnrhtp command adds, modifies, deletes, and lists entries in the
tnrhtp database.
smtnrhtp subcommands are:
add Adds a new entry to the tnrhtp database. To add an entry, the
administrator must have the solaris.network.security.read and
solaris.network.security.write authorizations.
modify Modifies an entry in the tnrhtp database. To modify an entry,
the administrator must have the solaris.network.security.read
and solaris.network.security.write authorizations.
delete Deletes an entry from tnrhtp database. To delete an entry,
the administrator must have the solaris.network.security.read
and solaris.network.security.write authorizations.
list Lists entries in the tnrhtp database. To list an entry, the
administrator must have the solaris.network.security.read
authorizations.
OPTIONS
The smtnrhtp authentication arguments, auth_args, are derived from the
smc argument set and are the same regardless of which subcommand you
use. The smtnrhtp command requires the Solaris Management Console to be
initialized for the command to succeed (see smc(1M)). After rebooting
the Solaris Management Console server, the first smc connection can
time out, so you might need to retry the command.
The subcommand-specific options, subcommand_args, must be preceded by
the -- option.
auth_args
The valid auth_args are -D, -H, -l, -p, -r, and -u; they are all
optional. If no auth_args are specified, certain defaults will be
assumed and the user might be prompted for additional information, such
as a password for authentication purposes. These letter options can
also be specified by their equivalent option words preceded by a double
dash. For example, you can use either -D or --domain.
-D | --domain domain
Specifies the default domain that you want to manage. The syntax of
domain=type:/host_name/domain_name, where type is dns, ldap, or
file; host_name is the name of the server; and domain_name is the
name of the domain you want to manage.
If you do not specify this option, the Solaris Management Console
assumes the file default domain on whatever server you choose to
manage, meaning that changes are local to the server. Toolboxes can
change the domain on a tool-by-tool basis; this option specifies
the domain for all other tools.
-H | --hostname host_name:port
Specifies the host_name and port to which you want to connect. If
you do not specify a port, the system connects to the default port,
898. If you do not specify host_name:port, the Solaris Management
Console connects to the local host on port 898.
-l | --rolepassword role_password
Specifies the password for the role_name. If you specify a
role_name but do not specify a role_password, the system prompts
you to supply a role_password. Passwords specified on the command
line can be seen by any user on the system, hence this option is
considered insecure.
-p | --password password
Specifies the password for the user_name. If you do not specify a
password, the system prompts you for one. Passwords specified on
the command line can be seen by any user on the system, hence this
option is considered insecure.
-r | --rolename role_name
Specifies a role name for authentication. If you do not specify
this option, no role is assumed.
-u | --username user_name
Specifies the user name for authentication. If you do not specify
this option, the user identity running the console process is
assumed.
--
This option is required and must always follow the preceding
options. If you do not enter the preceding options, you must still
enter the -- option.
subcommand_args
Descriptions and other argument options that contain white spaces must
be enclosed in double quotes.
-h Displays the command's usage statement.
-n templatename Specifies the name of the template.
-t hosttype Specifies the host type of the new host.
Valid values are unlabeled and cipso. The
cipso host type is for hosts that use CIPSO
(Common IP Security Options - Tag Type 1
only) to label packets.
-x doi=doi-value Specifies the DOI value (the domain of inter‐
pretation). In the case of the unlabeled host
type, this is the domain of interpretation
for the def_label.
The domain of interpretation defines the set
of rules for translating between the external
or internal representation of the security
attributes and their network representation.
When systems that are configured with Trusted
Extensions software have the same doi, they
share that set of rules. In the case of the
unlabeled host type, these systems also share
the same interpretation for the default
attributes that are assigned to the unlabeled
templates that have that same doi.
-x max=maximum-label Specifies the maximum label. Together with
min, this value specifies the label accredi‐
tation range for the remote hosts that use
this template. Values can be a hex value or
string (such as admin_high).
-x min=minimum-label Specifies the minimum label. Together with
max, this value specifies the label accredi‐
tation range for the remote hosts that use
this template. For gateway systems, min and
max define the default range for forwarding
labeled packets. The label range for routes
is typically set by using a route(1M) subcom‐
mand with the -secattr option. When the label
range for routes is not specified, the min to
max range in the security template is used.
Values can be a hex value or string (such as
admin_low).
-x label=default-label Specifies the default label to be applied to
incoming data from remote hosts that do not
support these attributes. This option does
not apply if hosttype is cipso. Values can be
a hex value or string (such as admin_low).
-x slset=l1,l2,l3,l4 Specifies a set of sensitivity labels. For
gateway systems, the labels in slset are used
for forwarding labeled packets. slset is
optional. You can specify up to four label
values, separated by commas. Values can be a
hex value or string (such as admin_low).
o One of the following sets of arguments must be specified for
subcommand add:
-n template name (
o -t cipso [ -x doi=doi-value -x min=minimum-label -x
max=maximum-label -x slset=l1,l2,l3,l4 ] |
o -t unlabeled [ -x doi=doi-value -x min=minimum-label -x
max=maximum-label -x label=default-label -x
slset=l1,l2,l3,l4 ] |
o -h
)
o One of the following sets of arguments must be specified for
subcommand modify:
-n template name (
o -t cipso [ -x doi=doi-value -x min=minimum-label -x
max=maximum-label -x slset=l1,l2,l3,l4 ] |
o -t unlabeled [ -x doi=doi-value -x min=minimum-label -x
max=maximum-label -x label=default-label-x
slset=l1,l2,l3,l4 ] |
o -h
)
If the host type is changed, all options for the new host type must
be specified.
o One of the following sets of arguments must be specified for
subcommand delete:
-n templatename |
-h
o The following argument can be specified for subcommand list:
-n templatename |
-h
EXAMPLES
Example 1 Adding a New Entry to the Network Template Database
The admin role connects to port 898 of the LDAP server and creates the
unlabeled_ntk entry in the tnrhtp database. The new template is
assigned a host type of unlabeled, a domain of interpretation of 1,
minimum label of public, maximum label of restricted, and a default
label of needtoknow. The administrator is prompted for the admin pass‐
word.
$ /usr/sadm/bin/smtnrhtp \
add -D ldap:directoryname -H servername:898 -- \
-n unlabeled_ntk -t unlabeled -x DOI=1 \
-x min=public -x max=restricted -x label="need to know"
EXIT STATUS
The following exit values are returned:
0 Successful completion.
1 Invalid command syntax. A usage message displays.
2 An error occurred while executing the command. An error message
displays.
FILES
The following files are used by the smtnrhtp command:
/etc/security/tsol/tnrhtp Trusted network remote-host templates.
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
┌─────────────────────────────┬─────────────────────────────┐
│ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
├─────────────────────────────┼─────────────────────────────┤
│Availability │SUNWmgts │
├─────────────────────────────┼─────────────────────────────┤
│Interface Stability │Committed │
└─────────────────────────────┴─────────────────────────────┘
SEE ALSOsmc(1M), attributes(5)NOTES
The functionality described on this manual page is available only if
the system is configured with Trusted Extensions.
WARNINGS
Changing a template while the network is up can change the security
view of an undetermined number of hosts.
Allowing unlabeled hosts onto a Solaris Trusted Extensions network is a
security risk. To avoid compromising the rest of your network, such
hosts must be trusted in the sense that the administrator is certain
that these unlabeled hosts will not be used to compromise the distrib‐
uted system. These hosts should also be physically protected to
restrict access to authorized individuals. If you cannot guarantee that
an unlabeled host is physically secure from tampering, it and similar
hosts should be isolated on a separate branch of the network.
If the security template is modified while the network is up, the
changes do not take effect immediately unless tnctl(1M) is used to
update the template entries. Otherwise, the changes take effect when
next polled by the trusted network daemon, tnd(1M). Administrators are
allowed to add new templates and modify attributes of existing tem‐
plates while the network is up.
SunOS 5.10 31 Oct 2007 smtnrhtp(1M)
