Manualshelf

HP-UX CMGR A.02.01 Administrator's and Developer's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Containers (SRP)
11121314151617181920
17
Attribute Description
compartment
Optional. Common attribute.
id
Optional. Common attribute.
if
Optional. Common attribute.
if_op
Optional. Common attribute.
ipsecactivate
Optional. If FALSE do not execute IPSec activation. If undefined, TRUE will be
used.
ipsecvalidate
Optional. If FALSE do not execute IPSec validation. If undefined, TRUE will be
used.
2.2.7 The login Element
The login element manages the users that are allowed to log into the compartment. Upon
invocation, the admin element handler checks the operation option from the cmgr command and
performs one of the following tasks:
Operation
Description
add
Assigns users and login groups to the specified compartment login role.
Creates the RBAC login role for the compartment and the RBAC
hpux.security.compartment.login
authorization.
delete
Deletes users and groups from the RBAC compartment login role. Also deletes the
RBAC login role, the RBAC hpux.SRPadmin.$compartment authorization, and the
associated
srp_rc
entry in the
/etc/rbac/cmd_priv
file.
replace
Deletes then adds users and groups to the RBAC compartment login role.
list
Lists the RBAC login role associated with the admin user, the RBAC authorizations for
the compartment, and the command privileges.
export
Exports users and groups associated with the RBAC login role. The users and groups
configured for the login role are added to the exchange.xml file that is located under
the /cmgr/body/logins/login path. This is done by using the tag value extracted
from the admin/data element in the template. The exchange.xml file is stored in the
exchange archive.
import
Imports users and groups to be associated with the RBAC login role. Extracts the meta-
tag from the admin/data element in the template then searches the exchange.xml
file within the exchange archive for a matching meta-tag under the
/cmgr/body/logins/login path. The specified users and groups with a matching
tag are added to the RBAC system configuration.
The ipaddress element can have the following attributes:
Attribute Description
compartment
Optional. Common attribute.
id
Optional. Common attribute.
if
Optional. Common attribute.