Installing and Managing HP-UX Virtual Partitions (includes A.03.03)
Primary-Admin vPars Security (vPars A.03.03)
Example HP-UX Shell Scenario (vparadmin)
Chapter 8
225
Example HP-UX Shell Scenario (vparadmin)
Below describes examples that include (from the HP-UX shell):
• a command successfully executed
• a command not executed due to the security feature
• adding a virtual partition to the primary-admin virtual partition list
• deleting a virtual partition from the primary-admin virtual partition list
• listing the virtual partitions in the primary-admin virtual partition list
• changing the security password
• determining whether you are in secure mode
For this section, let’s assume we have the virtual partitions winona1, winona2, and winona3.
A Command Successfully Executed
Because winona1 is in the primary-admin virtual partition list. We can execute a command from winona1
that alters winona2:
winona1# vparmodify -p winona2 -a cpu::1
Note that you will not see any security error messages when security is allowed; you will only see security
error messages when access is denied.
A Command Not Executed Due to the Security Feature
However, because winona2 is not in the primary-admin virtual partition list. We cannot successfully execute a
command from winona2 that alters another partition:
winona2# vparmodify -p winona1 -a cpu::1
vparmodify: Error: Current vPar does not have permission to perform this operation on winona1.
winona2# vparmodify -p winona3 -a cpu::1
vparmodify: Error: Current vPar does not have permission to perform this operation on winona1.
Note that if the target partition is the local virtual partition, then the partition is only altering itself and not
altering another partition, so this will be allowed.
winona2# vparmodify -p winona2 -a cpu::1
Adding a Virtual Partition to the Primary-admin Virtual Partition List
If we want the secondary-admin virtual partition winona2 to be able to alter other virtual partitions, we need
to add it to the primary-admin virtual partition list. This can be done from any virtual partition, but you will
need to know the security password.
winona2# vparadmin -a winona2
password:
Virtual partition winona2 added to Primary-Admin vPars list.
Deleting A Virtual Partition To The Primary-admin Virtual Partition List
If later we want to remove winona2 from the primary-admin virtual partition list, we can do this from any
virtual partition: