If you want to install CA ControlMinder in Solaris branded zones, you must use an ioctl instead of a syscall to communicate with the kernel module.
Follow these steps:
Stop the last zone to disable event interception and prepare the kernel module for unloading.
zlogin -z zone_name /opt/CA/AccessControl/bin/secons -sk
SEOS_load -u
Note: The SEOS_load -u command ensures that CA ControlMinder is not running on any non-global zone before unloading it.
SEOS_use_ioctl = 1
SEOS_load
This installs a pseudo device to let CA ControlMinder communicate with its kernel module via ioctl, and identifies zones that require a reboot so that they can utilize the ioctl.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|