mkC2admin Command

Purpose

Configure a system to operate in C2 Security Mode.

Syntax

mkC2admin { [ -m ] | [ -a address ] hostname }

Description

The mkC2admin command initializes the security directories for use in a C2 System configuration. The distributed database directories are created and symbolic links initialized. When a system is being configured as the Administrative Host (using the -m flag), an additional file system is created to hold the master copies of the administrative database files. Those files are stored in the directory /etc/data.master which has a logical volume name of hd10sec.

The administrative database files are divided into three categories. Those files that must be shared, those files that optionally may be shared, and those files that may not be shared. Optionally sharable files are described in the file /etc/security/files.config. That file consists of multiple lines of the format:
[y|n]|filename
and is editable by the administrator. To select an optionally sharable filename, the administrator sets the first field to the value y. To make an optionally sharable file be unshared, the field is set to the value n. All hosts in the C2 System must have an identical /etc/security/files.config file.

The system hostname must be defined in the /etc/hosts file at the time this command is run. If not, the IP address of the new C2 System Administrative Host may be provided with the -a option, and an entry will be added to /etc/hosts.

Flags

Item Description
-a address Use address as the IP address of hostname.
-m Configure the host as the administrative master.

Parameters

Item Description
hostname Specifies the hostname.

Exit Status

0
The system has been properly configured to operate in the C2 mode.
1
The system was not installed with the C2 option.
2
The system could not be successfully configured to operate in C2 mode.
3
The system was previously configured to operate in C2 mode without having first been unconfigured.

Files

Item Description
/usr/sbin/mkC2admin Contains the mkC2admin command.