Configure a system to operate in Common Criteria enabled Security Mode.
mkCCadmin { [ -m ] | [ -a address ] hostname }
The mkCCadmin command initializes the security directories for use in a Common Criteria enabled System configuration. The distributed database directories are created and symbolic links initialized. When a system is being configured as the Administrative Host (using the -m flag), an additional file system is created to hold the master copies of the administrative database files. Those files are stored in the directory /etc/data.master which has a logical volume name of hd10sec.
The administrative database files are divided into three categories. Those files that must be shared, those files that optionally may be shared, and those files that may not be shared. Optionally sharable files are described in the file /etc/security/files.config. That file consists of multiple lines of the format:
[y|n]|filename
and is editable by the administrator. To select an optionally sharable filename, the administrator sets the first field to the value y. To make an optionally sharable file be unshared, the field is set to the value n. All hosts in the Common Criteria enabled System must have an identical /etc/security/files.config file.
The system hostname must be defined in the /etc/hosts file at the time this command is run. If not, the IP address of the new Common Criteria enabled System Administrative Host may be provided with the -a option, and an entry will be added to /etc/hosts.
-a address | Use address as the IP address of hostname. |
-m | Configure the host as the administrative master. |
hostname | Specifies the hostname. |
/usr/sbin/mkCCadmin | Contains the mkCCadmin command. |
The chCCadmin command, isCChost command, lsCCadmin command, rmCCadmin command.