Manualshelf

HP-UX System Administrator's Guide: Security Management HP-UX 11i v3 (B3921-90020, September 2010)

ManualsBrandsHP ManualsSoftwareHP-UX 11i Security Containment Software
12345678910
Table Of Contents
8.4 Planning the HP-UX RBAC Deployment..............................................................145
8.4.1 Planning the Roles.........................................................................................146
8.4.2 Planning Authorizations for the Roles..........................................................146
8.4.3 Planning Command Mappings......................................................................147
8.4.4 HP-UX RBAC Limitations and Restrictions..................................................147
8.5 Configuring HP-UX RBAC....................................................................................148
8.5.1 Configuring Roles..........................................................................................149
8.5.1.1 Creating Roles........................................................................................149
8.5.1.2 Assigning Roles to Users.......................................................................150
8.5.1.3 Assigning Roles to Groups....................................................................151
8.5.2 Configuring Authorizations..........................................................................151
8.5.3 Configuring Additional Command Authorizations and Privileges..............152
8.5.4 Configuring HP-UX RBAC with Fine-Grained Privileges............................154
8.5.5 Configuring HP-UX RBAC with Compartments..........................................156
8.6 Using HP-UX RBAC..............................................................................................157
8.6.1 Using the privrun Command to Run Applications with Privileges..............157
8.6.1.1 HP-UX RBAC in Serviceguard Clusters................................................159
8.6.2 Using the privedit Command to Edit Files Under Access Control...............159
8.6.3 Customizing privrun and privedit Using the ACPS.....................................161
8.6.4 Generating Keystroke and Command Logs..................................................161
8.6.4.1 Keystroke Logging.................................................................................161
8.6.4.2 Alternate Logging..................................................................................162
8.7 Troubleshooting HP-UX RBAC.............................................................................162
8.7.1 The rbacdbchk Database Syntax Tool............................................................163
8.7.2 privrun -v Information...................................................................................163
9 Audit Administration..........................................................................................................165
9.1 Auditing Components...........................................................................................166
9.1.1 Commands.....................................................................................................166
9.1.2 Audit Configuration Files..............................................................................166
9.1.3 Audit Manpages............................................................................................167
9.2 Auditing Your System............................................................................................167
9.2.1 Planning the Auditing Implementation........................................................167
9.2.2 Enabling Auditing.........................................................................................168
9.2.3 Disabling Auditing........................................................................................169
9.2.4 Monitoring Audit Files..................................................................................169
9.2.5 Performance Considerations..........................................................................170
9.2.6 Guidelines for Administering the Auditing System.....................................170
9.3 Auditing Users.......................................................................................................170
9.4 Auditing Events.....................................................................................................171
9.5 Audit Trails............................................................................................................173
9.5.1 Configuring Audit Trails...............................................................................174
9.5.2 Monitoring and Managing Audit Trails........................................................175
8 Table of Contents