Manualshelf

HP-UX Role-Based Access Control B.11.23.06.01 Release Notes

ManualsBrandsHP ManualsSoftwareHP-UX 11i Role-based Access Control (RBAC) Software
12345678910
3. Logon to your system as the root user.
4. Install HP-UX RBAC using the following command:
# swinstall -x autoreboot=true -s /tmp/<RBAC-depotname>.depot AccessControl
The name and location of the HP-UX RBAC depot above is for example only—the actual
name and location may vary.
5. Verify the installation using the swverify AccessControl command. If HP-UX RBAC
installed correctly on the system, the swverify command output includes the following
text:
* Verification succeeded
HP-UX RBAC installs in /usr/bin/ and /usr/sbin/. The swinstall tool displays an error
message if the installation fails. Check /var/opt/adm/sw/swagent.log for information if
the installation failed.
NOTE: The HP-UX 11i Security Containment feature contains HP-UX RBAC as one of its
components. If you install the HP-UX 11i Security Containment feature on a system that already
has HP-UX RBAC on it, you must reconfigure HP-UX RBAC before you can use it with the
Fine-Grained Privileges or Compartments component of the HP-UX 11i Security Containment
feature. Use the following command to reconfigure HP-UX RBAC:
# swconfig -x autoselect_dependencies=false -x reconfigure=true RBAC
To remove (un-install) HP-UX RBAC B.11.23.06.01 from your HP-UX 11i v2 systems, you must
complete the following steps:
1. Logon to your system as the root user.
2. Use the following command to remove HP-UX RBAC:
# swremove AccessControl
3. Use the swlist RBAC command to verify that HP-UX RBAC was removed from the system.
If HP-UX RBAC was removed from the system, the swlist command will report the
following:
# swlist RBAC
# Initializing...
Contacting target "<hostname>"...
ERROR: Software "RBAC" was not found on <hostname>.
1.5 Fixes in HP-UX RBAC B.11.23.06.01
HP-UX RBAC B.11.23.06.01 includes the following problem fixes:
The privedit(1M) command works correctly when the Fine-Grained Privileges is not
configured on the system.
In RBAC B.11.23.06, the privedit(1M) command incorrectly used some of the functionality
of the Fine-Grained Privileges component that is part of the Security Containment feature.
Therefore, the privedit(1M) command failed with an error when the Fine-Grained Privileges
product was not configured on the system.
Defect number: QXCR1000984858
The privrun(1M) command provides the symbolic link pathname as the first argument
instead of the target pathname of the link.
In RBAC B.11.23.06, when the privrun(1M) command was invoked with a command that
was a symbolic link, privrun(1M) was supplying the pathname of the command that the
symbolic link pointed to as the first argument to the command being invoked.
1.5 Fixes in HP-UX RBAC B.11.23.06.01 9