Manualshelf

HP-UX Secure Resource Partitions (SRP) A.02.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Containers (SRP)
41424344454647484950
for the compartment is executed, as described in “Network Initialization and Shutdown Service”
(page 41).
Network Initialization and Shutdown Service
If the specified IP address was not already configured for the system, SRP creates the file
/var/hpsrp/compartment_name/sbin/init.d/srp_net to bring the IP interface up or
down. This script also adds or deletes the default gateway route for the compartment interface.
This script is executed when the srp -start or srp -stop command is executed for the
compartment. By default, it is also executed when the system starts up or shuts down.
The /var/hpsrp/compartment_name/sbin/init.d/srp_net file is linked to
/var/hpsrp/compartment_name/sbin/init.d/rc2.d/S340srp_net and
/var/hpsrp/compartment_name/sbin/init.d/rc1.d/K660srp_net.
For more information about SRP initialization and shutdown scripts, see Chapter 10 (page 65).
Security Containment Compartment
If the IP address is not already owned by another compartment, SRP adds a network interface
rule for the IP address to the compartment rules file (/etc/cmpt/compartment_name.rules).
The init Service
The init service creates startup and shutdown scripts for the compartment, and a
compartment-specific init directory structure that replicates the /sbin/init.d directory
structure. SRP also configures the autostart feature for the compartment so that the system startup
and shutdown scripts automatically execute the compartment startup and shutdown scripts.
Input Data
None.
Configuration Data
SRP configures the following data:
SRP adds the following entries to the /etc/rc.config.d/srpconf file to enable the
autostart feature for the compartment:
SRP_NAME[n]="compartment_name"
START_SRP[n]=1
Where n is a unique index number and compartment_name is the name of the compartment.
SRP creates compartment-specific init subdirectories below the
/var/hpsrp/compartment_name/sbin that contain startup and shutdown scripts. For
more information about the directory structure, files, and how they are executed at system
startup and shutdown time, see “SRP Startup and Shutdown Processing” (page 65).
The login Service
The login service enables you to specify the HP-UX user group whose members are authorized
to log in to the compartment. If you do not configure the login service and you are using the
default RBAC system configuration, only the root user is authorized to log in to the compartment.
You can use the login service to grant non-root users the authorization to log in to the
compartment. These users perform administrative tasks for compartment applications and
compartment data.
Creating a Base SRP Compartment 41