Manualshelf

HP 9000 Containers A.03.01 on HP Integrity Server Administrator Guide HP-UX 11i v3 (5900-3112, June 2013)

ManualsBrandsHP ManualsSoftwareHP-UX Containers (SRP)
21222324252627282930
1. Open the display screens file:
For example, /etc/X11/X0screens
2. Comment out any line containing /dev/crt.
3. Add configuration:
ServerOptions
ServerMode XVfb
4. Open the /etc/dt/config/Xservers file.
5. Comment out line containing /usr/bin/X11/X :0 or modify it to /usr/bin/X11/Xvfb
:0 -fbdir /tmp.
If X-server is required in only one container on the system, and not required in global, then it can
be configured with graphics devices using the following steps:
1. Open the /etc/cmpt/<srp_name>.rules file and insert the following line just before the
first line containing #include:
# define ALLOW_RDEVOPS
2. Reset compartment rules:
$ setrules
3. Enable graphics module on the host system and reboot (if not already loaded). For example,
$ kcmodule gvid_core=best gvid=best
$ reboot
4. Verify whether the module is loaded:
$ kcmodule | grep gvid
5. Copy the graphics devices into the container:
$ srp -add <srp_name> -tune device=/dev/gvid
$ srp -add <srp_name> -tune device=/dev/gvid0
$ srp -add <srp_name> -tune device=/dev/gvid_info
6. Copy the input devices into the container. For example,
$ srp -add <srp_name> -tune device=/dev/hid
7. Change the /var/hpsrp/<srp_name>/etc/X11/XF86Config file to reflect new devices.
For example,
Option "Device" "/dev/hid/hid_000"
4.5.13 Configuring additional privileges for HP 9000 system container
The setprivgrp command is not currently supported inside an HP 9000 container. Hence,
privileges such as RTPRIO and MLOCK cannot be configured in the /etc/privgroup file inside
the container. A workaround is to use the setprivgrp command and the /etc/privgroup
configuration file from the global after copying the affected group name and GID to the global
container.
NOTE: The global configuration applies to groups with the same GIDs in other system containers
on the same host. Therefore, this is not recommended where there are multiple containers on the
host unless it can be ensured that a unique GID is used (across the system) for groups, which need
the privilege.
4.5.14 Configuring DDFA
If DDFA is required inside the container, open the /etc/cmpt/<srp_name>.rules file and
insert the line #define ALLOW_MKNOD before the first line containing #include.
28 Creating and configuring HP 9000 system container