HP-UX Role-Based Access Control B.11.31.
© Copyright 2001–2008 Hewlett-Packard Development Company L.P. Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. The information contained herein is subject to change without notice.
Table of Contents HP-UX Role-Based Access Control B.11.31.05..................................................................5 HP-UX RBAC Documentation................................................................................................................5 HP-UX RBAC Manpages........................................................................................................................5 1 HP-UX RBAC Overview...................................................................................
List of Tables 1 4 HP-UX RBAC manpages.................................................................................................................
HP-UX Role-Based Access Control B.11.31.05 The information in this document is for HP-UX Role-Based Access Control (RBAC) version B.11.31.05 only. HP-UX RBAC Documentation Use the following documents in conjunction with each other when using HP-UX RBAC B.11.31.05: • HP-UX RBAC B.11.31.05 Release Notes • HP-UX System Administrator's Guide: Security Management These documents are located at: http://docs.hp.
1 HP-UX RBAC Overview HP-UX RBAC is an alternative to the traditional “all-or-nothing” root user model, which grants permissions to the root user for all operations, and denies permissions to non-root users for certain operations. HP-UX RBAC allows you to distribute administrative responsibilities by creating roles with appropriate authorizations and assigning them to non-root users and groups.
2 New in HP-UX RBAC B.11.31.05 With HP-UX RBAC B.11.31.05, an authorized user can now generate "keystroke logs" for selected users, as well as generate a log of commands invoked through RBAC without the need for the HP-UX audit system. This section describes these new features: • Keystroke logging • Alternate logging Keystroke Logging In many situations, it is sufficient to simply log the set of privilege commands invoked by a user.
Alternate logging works in an identical fashion to the audit logging and may be configured using the /etc/rbac/aud_filter file, as described in HP-UX System Administrator's Guide: Security Management. The traditional RBAC audit log generation continues to work. If both auditing and logging are enabled, two sets of logs will be generated. 10 New in HP-UX RBAC B.11.31.
3 Acquiring and Installing HP-UX RBAC HP-UX RBAC is available free of charge from Software Depot: http://www.software.hp.com Compatibility Information and Installation Requirements The minimum requirements to install and run HP-UX RBAC B.11.31.
3. 4. Logon to your system as the root user. Install HP-UX RBAC using the following command: # swinstall -s /tmp/.depot AccessControl 5. The name and location of the HP-UX RBAC depot above is for example only—the actual name and location may vary. Verify the installation using the swverify AccessControl command.
4 Known Problems in HP-UX RBAC B.11.31.05 HP-UX RBAC B.11.31.05 contains no known problems.
