The following procedures explain how to upgrade to SunScreen EFS 3.0 from either SunScreen EFS 1.1 or 2.0.
The upgrade software automatically backs up your system in case the upgrade fails. If there are any other system backups you want to make, do so now before performing the upgrade.
Open a terminal window and become root.
Ensure that the OpenWindows File Manager is not running because it interferes with the operation of the volcheck command used for installation.
Insert the SunScreen EFS 3.0 CD-ROM into the CD-ROM drive.
Mount the CD-ROM by typing:
# volcheck |
Start the upgrade software by typing:
# /cdrom/cdrom0/upgrade |
The software backs up existing SunScreen EFS packages for you. The file and package names will appear as output on your monitor. Wait until this completes.
Next, the software automatically removes the existing SunScreen SKIP and SunScreen EFS 1.1 or 2.0 software packages. Wait until this completes.
The packages are removed automatically one-by-one. No confirmations are needed or accepted. The file and package names will appear as output on your monitor.
Next, the SunScreen EFS 3.0 software is automatically installed for you. Wait until this completes.
The file and package names will appear as output on your monitor.
Next your existing SunScreen EFS 1.1 or 2.0 configurations are automatically converted to SunScreen EFS 3.0 policies. Wait until this completes.
If there are any conversion errors, they are itemized as output on your monitor.
Remove the SunScreen EFS, Release 1.1 or 2.0 PATH and MANPATH from your shell initialization file.
Set the SunScreen EFS 3.0 PATH and MANPATH by editing your shell initialization file (such as .profile or .login file).
Eject the CD from the CD-ROM drive by typing:
# eject cdrom0 |
Install any SKIP upgrades (Export Controlled [1024-bit] or U.S. and Canada Use Only [2048-bit] keys) as instructed in the documentation that is included with the upgrade SKIP CD-ROM.
While you do not need to use encryption in a locally administered SunScreen EFS, you may want to use encrypted communication over public and private networks.
Do not run the installation wizard as it is for an initial installation only and can corrupt your existing configurations.
Reboot by typing:
# sync; init 6 |
Open a terminal window and become root, if not already.
List the policies that have been converted by typing:
# ssadm policy -l |
NAT mappings have changed considerably in SunScreen EFS 3.0. If you are using NAT, you must modify it before activating the configuration. If you are converting from SunScreen EFS 1.1, be aware that ordered rules is a new feature. See the SunScreen EFS 3.0 Reference Manual for more detail.
Choose the one policy that you want to activate by typing:
# ssadm activate configuration_name |
To configure and manage your SunScreen from your Administration Station, run a Java-enabled Web browser compliant with JDK 1.1.3 or later, and launch the Administration GUI by typing the following URL:
http://localhost:3852 |
The Administration GUI login page appears, as shown in Figure 6-1
To configure and manage SunScreen EFS, see the SunScreen EFS 3.0 Administration Guide.