HP-UX Containers (SRP) A.03.01 Release Notes
13
CHANGECMPT
Grants a process the ability to change its compartment. Example: privrun (1M)
CMPTREAD
Allows a process to open a file or directory for reading, executing, or searching, bypassing
compartment rules.
CMPTWRITE
Allows a process to write to a file or directory, bypassing compartment rules.
COMMALLOWED
Allows a process to override compartment rules in the IPC and network subsystems.
CORESYSATTR
Allows a process to manage system attributes such as kernel tunables and system time.
Example: kctune(1M), date(1M)
DLKM
Allows a process to load a kernel module, change the global search path for DLKM.
Example: kcmodule(1M)
FSS, FSSTHREAD
Allows a process/thread to configure fair share scheduler.
MKNOD
Allows a process to create character or block special files. Example: mknod(1M)
MPCTL
Allows a process to change processor binding, locality domain binding,
or launch policy of a process.
NETADMIN
Allows a process to perform network administrative operations such as configuring IP
address and routing tables. Example: Add, delete, update options of ifconfig(1M),
netstat(1M), route(1M)
NETPROMISCUOUS
Allows a process to configure an interface to listen in promiscuous mode.
Example: tcpdump
PSET
Allows change to the system pset configuration.
RDEVOPS
Allows a process to do device specific administrative operations such as tape or disk
formatting.
REBOOT
Allows a process to perform system reboot. Example: reboot(1M)
RULESCONFIG
Allows a process to add and modify compartment rules. Example: setrules(1M)
SPUCTL
Allows a process to perform certain administrative operations in the Instant Capacity product.