BOS installation options
The available options for installing BOS are described.
The installation options are available by typing 3 to change the Security Model and typing 4 to view the More Options field in the Installation and Settings window. These options vary based on installation type (overwrite, preservation, or migration) and security options.
The following choices are available:
- Trusted AIX®
-
Before you begin: Evaluate your system's needs for Trusted AIX with Multi Level Security (MLS) before choosing this installation option.
Applies only to overwrite and preservation installations. The Trusted AIX option installs the MLS version of the AIX operating system. The Trusted AIX environment enables label-based security functions in AIX, including support for:- Labeled objects: such as files, Inter-Process Communication (IPC) objects, and network packets
- Labeled printers
- Trusted network: support for Revised Interconnection Protocol Security Option (RIPSO) and Commercial Internet Protocol Security Option (CIPSO) in Internet Protocol (IP) V4 and IP V6
- EAL4+ configuration install (only available with Trusted AIX)
- The EAL4+ configuration install option installs Trusted AIX in EAL4+ configured mode. EAL4+ configured mode provides for further restrictive security as compared to the Trusted AIX installation.
- Secure by Default
- Applies only to overwrite installation. The Secure by Default option performs a minimal software installation, and removes all clear password access such as Telnet and rlogin. Secure by Default also applies the AIX Security Expert high-security settings. Secure by Default requires direct-connect access to the system, such as TTY or direct-connect display, or a secure means of remote access such as ssh or IPsec Virtual Private Network. For more information about Secure by Default or AIX Security Expert, see Security.
- Trusted Computing Base install
- The Trusted Computing Base (TCB) is the part of the system that is responsible for enforcing the
information security policies of the system. All of the computer's hardware is included in the TCB,
but a person administering the system should be concerned primarily with the software components of
the TCB.
If you install the Trusted Computing Base option, you enable the trusted path, trusted shell, and system-integrity checking (tcbck command). These features can be enabled only during BOS installation.
The choices are yes and no. To enable the Trusted Computing Base, type 2 and press Enter. The default is no.
- Desktop
- The default is CDE for new and complete overwrite installations. If
you select NONE, a minimal configuration is installed including X11, Java™, perl, SMIT (if Graphics Software is
selected).
If you select GNOME or KDE, the BOS installation process prompts you for the AIX Toolbox for Linux® Applications media. If this media is not available, you can type q to continue the installation without the AIX Toolbox for Linux Applications media. You can select additional desktops from the Install More Software menu.
- Import User Volume Groups
- Applies only to migration installation and preservation installation. You have the option to have user volume groups imported after the installation completes. These volume groups can be manually imported at a later time.
- Create JFS2 File Systems
- Applies only to new and complete overwrite installation, as well as preservation installation. Create enhanced journaled file systems during BOS installation.
- Graphics Software
- Applies only to new and complete overwrite installation, as well as preservation installation. Install graphics software support.
- System Management Client Software
- Installs Java, service agent software, and Power Systems server Console runtime software.
- Remove Java 1.1.8 Software
- Applies only to migration installation. You have the option to have all Java version 1.1.8 software removed.
- Enable System Backups
- If you select Enable System Backups to install any system, all devices are installed, so that a system backup can be installed on a different system. For more information about installing a system backup to a different system, see Cloning a system backup.
- Install More Software
- Applies to new and complete overwrite installation method, as well as the preservation installation method. Select Install More Software to choose additional software to install after the BOS installation process finishes. A software bundle file corresponds to each selection that contains the required packages and filesets. The following software bundles are available:
Install More Software
1. Kerberos_5 (Expansion Pack)....................................... No
2. Server (Volume 2)................................................ No
3. GNOME Desktop (Toolbox for Linux Applications).................... No
4. KDE Desktop (Toolbox for Linux Applications)...................... No
>>> 0 Install with the current settings listed above.
88 Help ?
99 Previous Menu
>>> Choice [0]: The
new and complete overwrite installation options (with no security
models) are similar to the following:
Install Options
1. Create JFS2 File Systems......................................... Yes
2. System Management Client Software................................ Yes
3. Graphics Software................................................ Yes
4. Desktop.......................................................... NONE, CDE, GNOME, KDE
5. Enable System Backups to install any system...................... Yes
(Installs all devices)
>>> 6. Install More Software
0 Install with the current settings listed above.
88 Help ?
99 Previous Menu
>>> Choice [6]: The
migration installation options are the following:
Install Options
1. Import User Volume Groups........................................ Yes
2. Enable System Backups to install any system...................... Yes
(Installs all devices)
4. Remove Java 1.1.8 Software....................................... No
>>> 0 Install with the current settings listed above.
88 Help ?
99 Previous Menu
>>> Choice [0]: - Select Edition
- Type the number of this menu item to toggle through the choices of express, standard, or enterprise. The edition selection defines the signature file copied to the /usr/lpp/bos directory. The signature file is used by the IBM® License Metric Tool (ILMT), to facilitate licensing compliance.