HP-UX Containers (SRP) A.03.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Containers (SRP)

111

112

113

114

115

116

117

118

119

120

118

Glossary

compartment

Security Containment compartments. Manages isolation and privilege

restrictions for sets of HP-UX processes. Each container includes a

corresponding compartment definition.

container

A container provides process view isolation, IPC isolation, and a

dedicated IP address interface. HP-UX Containers includes two types

of containers: system and workload.

container administrator

A global view user that has been granted the administrator role to

manage one or more containers. This user can perform start, stop,

list, and view on designated containers.

container state stopped: The container is not available. Its network interface is

down, and no container filesystems are mounted. Accessing the

container using srp_su(1M) in the stopped state is not allowed.

started: The container is up and running, and it is accessible by

users. The network interface is up, container filesystems are mounted,

and container service daemons started.

maintenance: SD is performing software management (install or

remove software) in a container. Container service daemons are

stopped and users are not allowed to access the container in this

state.

starting: The container is starting and is not accessible by users.

The srp command will initiate default run level processing (see

init(1M)) immediately before transitioning to the started container

state. Run level processing will complete after the container enters the

started state.

stopping: The container is stopping and is not accessible by users.

The srp command will attempt to gracefully shutdown all container

processes by initiating run-level 0 processing

(see init(1M)). All

container processes not gracefully shutdown will be terminated. In

the unlikely event that the normal shutdown process fails, the srp

command will log the name and process id of all the processes it

terminates in the system log file.

global view

When you enable SRP on a system using the srp_sys command, all

processes not executing within a container execute in the global

view. The global view has no access restrictions, and therefore can

view and manage processes in the global view and all containers.

Processes in the global view are typically assigned to the

compartment named INIT.

HP-UX Containers

Product family for containment technology on HP-UX, including

Secure Resource Partitions (SRP) and HP9000 Containers.