Manualshelf

HP-UX Secure Resource Partitions (SRP) A.02.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Containers (SRP)
11121314151617181920
SRP Templates and Services
The input parameters and data configured by srp are determined by the templates and services
used. SRP templates are XML documents that define the configuration actions performed by
SRP. Configuration actions are grouped into SRP services. You can choose which services to
apply to an SRP, and apply services individually or collectively to an SRP compartment.
Templates
SRP includes the following templates:
base
Configures a base SRP compartment without any application-specific parameters. A base
compartment consists of a Security Containment compartment, a compartment home
directory subtree, a compartment file system view, and other configuration data. After you
create a base SRP compartment, you can apply one of the following application templates
to extend the base with parameters suitable for applications hosted by a compartment.
apache
Manages configuration data for running an HP-UX Apache-based Web Server in an SRP
compartment.
custom
Manages custom configuration of the SRP compartment. You can use this template to specify
additional Security Containment file access rules and IPFilter rules for an SRP compartment.
oracledb
Manages configuration data for running an Oracle Database Server in an SRP compartment.
At time this document was published, HP had certified this template with the Oracle 10g
Database Server.
sshd
Manages configuration data for running an HP-UX Secure Shell server daemon in an SRP
compartment.
Services
SRP supports the following services:
cmpt
Creates and manages an HP-UX Security Containment compartment, which forms the core
of the SRP compartment. You must use the cmpt service when you create an SRP
compartment.
The cmpt service also creates a home directory (/var/hpsrp/compartment_name) for
the SRP compartment.
admin
Assigns an administrator for the SRP compartment. The admin service uses the HP-UX
Security Containment RBAC feature to associate an HP-UX user with an RBAC role that has
authorization to administer the compartment. By default, this authorization enables the
administrator to execute the startup and shutdown scripts for the compartment.
login
Assigns a user group with login access for the SRP compartment. The login service uses
the HP-UX Security Containment RBAC and compartment login features to configure the
compartment login access for an HP-UX user group. If compartment login is enabled for
the system with the default RBAC configuration and you do not configure the SRP login
SRP Components 17