HP-UX Containers (SRP) A.03.01.007 Release Notes (766153-002, May 2014)

Table Of Contents

Allows a process to manage system attributes such as kernel tunables and system time.

Example: kctune(1M), date(1M)

DLKM

Allows a process to load a kernel module, change the global search path for DLKM.

Example: kcmodule(1M)

FSS, FSSTHREAD

Allows a process/thread to configure fair share scheduler.

MKNOD

Allows a process to create character or block special files. Example: mknod(1M)

MPCTL

Allows a process to change processor binding, locality domain binding,

or launch policy of a process.

NETADMIN

Allows a process to perform network administrative operations such as configuring IP

address and routing tables. Example: Add, delete, update options of ifconfig(1M),

netstat(1M), route(1M)

NETPROMISCUOUS

Allows a process to configure an interface to listen in promiscuous mode.

Example: tcpdump

PSET

Allows change to the system pset configuration.

RDEVOPS

Allows a process to do device specific administrative operations such as tape or disk

formatting.

REBOOT

Allows a process to perform system reboot. Example: reboot(1M)

RULESCONFIG

Allows a process to add and modify compartment rules. Example: setrules(1M)

SPUCTL

Allows a process to perform certain administrative operations in the Instant Capacity product.

SWAPCTL

Allows a process to manage and configure system swap space. Example: swapctl(2),

swapon(1m)

SYSNFS

Allows a process to export a file system.

TRIALMODE

Allows a process to log privileges required to execute in the syslog file.

1.11.3 Disallowed commands in system containers

The commands and system calls that fall into the category of disallowed operations covered in 1.11.1

Disallowed operations in system containers fails in a system container. The disallowed operations can