Hi, Dimension wrote: > Hi, > > I tried to install Trusted Extensions on Express b60 following "Installing > the Solaris 10 11/06 Trusted Extensions Software on a Laptop Computer".
> > After the reboot, I can not log into Trusted CDE (the screen just returns to > the login interface). And when I log into Trusted JDS, > a dialog titled "Trusted Path" repeatedly pop-up saying: "! The application > tsoljds-tstripe has crashed." The Trusted Path Stripe > appears to be blank, and all the security labels of windows are not shown. > I assume you plan to acheive a mobile setup. Have you correctly setted up a virtual interface vni0 as your all-zones interface ? This is required for inter zone communications/control if you need a mobile setup on your physical interface. Using DHCP on your phys. interface as the only default mode would break your interzones control communications at DHCP address allocation time. Try to connect under the standard JDS interface (not the Trusted one). This will bring you at the global zone, ADMIN_HIGH level. Open a shell and check your interfaces for having a vni0, as all-zones. Also, check the static IP you defined for vni0 is correctly setted up in the /etc/security/tsol/tnrhdb file as cipso. Personnaly, I have the following setup : At laptop boot time : vni0 up and running defined all-zones, my physical interface (yukonx0) unplumbed. When "external" networking is required : I plumb the yukonx0, then ifconfig it dhcp start, then ifconfig it all-zones and declare the IP allocated by DHCP as cipso to the trusted networking kernel tables thru a tncl -h <DHCP_IP>:cipso. (scripted) If you have your physical interface plumbed and setted up under DHCP at boot time, it means that when reconfigured, the Trusted networking databases are outdated so your zones cannot see themselves. Also, just in case, have you completed the first boot install of your labeled zones after their creation ? HTH, Bruno. > Can anyone help me? > > Thanks! > > > This message posted from opensolaris.org > _______________________________________________ > security-discuss mailing list > security-discuss at opensolaris.org
