Sun System Handbook - ISO 3.4 June 2011 Internal/Partner Edition | |||
|
|
Solution Type Technical Instruction Sure Solution 1002268.1 : Sun Fire[TM] 12K/15K/E25K/E20K Servers: nfs.server and tftpboot services may be open on a System Controller that has Solaris[TM] Security Toolkit software installed or System Management Services 1.5 with Secure by Default.
PreviouslyPublishedAs 203193 Description This document addresses nfs.server and tftpboot services may be open on a System Controller that has Solaris[TM] Security Toolkit software installed or System Management Services 1.5 with Secure by Default. After following the Blueprint: "Securing the Sun Fire[TM] 12K and 15K System Controllers" http://www.sun.com/blueprints/browsesubject.html#security, and using the "Solaris[TM] Security Toolkit" http://www.sun.com/software/security/jass/ your System Controller can still be used as your domain's Steps to Follow Since the Starcat platform has an internal network to each of its domains, the System Controller is the perfect place to create a Solaris JumpStart[TM] software server. If your platform is secure, you will have no problems using your System Controller as a boot server, but after you run "add_install_client" for the first time, this will turn on nfs.server, and tftp. After you are finished with installing Solaris[TM] Operating System(OS), you can stop these services by running the rm_client script for each client. This script will remove the /tftpboot files for this domain and remove the entry from the /etc/bootparams file. If this domain is the last machine-client the system has, it will also unshare If you do not remove the clients, the System Controller will still run these Product Sun Fire E25K Server Sun Fire E20K Server Sun Fire 15K Server Sun Fire 12K Server Internal Comments System Management Services(SMS) 1.5 will be "Secure by Default", so the Solaris Security Toolkit will be already configured out of the box. Most installations do use the System Controller(SC) as a jumpstart server, so this will effect all installations that have SMS 1.5 installed. starcat, jass, security, jumpstart, secure by default Previously Published As 79971 Change History Date: 2005-11-09 User Name: 25440 Action: Approved Comment: Publishing. Version: 6 Date: 2005-11-09 User Name: 25440 Action: Accept Comment: Version: 0 Date: 2005-11-09 User Name: 27166 Action: Approved Comment: Document was updated to include SMS 1.5 Secure By Default reference. Version: 0 Product_uuid d842dd03-059b-11d8-84cb-080020a9ed93|Sun Fire E25K Server 1404a2d3-059a-11d8-84cb-080020a9ed93|Sun Fire E20K Server 29e4659c-0a18-11d6-9fa1-e67bbc033df8|Sun Fire 15K Server 077fd4c5-df8f-4320-ad69-7d01603a674d|Sun Fire 12K Server Attachments This solution has no attachment |
||||||||||||
|