Manualshelf

HP-UX Secure Resource Partitions (SRP) A.02.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Containers (SRP)
51525354555657585960
services that are valid with the custom template. If you are using the
factory-configured default services, the only valid default service is
cmpt.
The input data for these services and the data configured are described
in the sections that follow. If SRP uses input data for multiple services,
the srp utility prompts you for the data once and reuses the value.
The cmpt Service
The cmpt service for the custom template applies additional compartment rules to your
compartment. You can specify a rules file to include and/or specify file system paths to configure
for different access rules.
Input Data
SRP prompts for the following data. You can also specify a variable name and value in the
command line, as described in “Creating an SRP Compartment or Adding Data to a Compartment”
(page 67).
Compartment rule files
Specifies compartment rules files to include in the
compartment rules file for this SRP compartment.
To specify multiple files, use commas to separate file names.
Variable Name: cmpt_rule_file.
Default: None.
Read access paths Specifies directories to configure with read access (nsearch
and read) in the compartment rules file for this SRP
compartment.
To specify multiple directories, use commas to separate
directory names.
Variable Name: read_access.
Default: None.
All access paths Specifies directories to configure with all access in the
compartment rules file for this SRP compartment.
To specify multiple directories, use commas to separate
directory names.
Variable Name: all_access.
Default: None.
no access paths Specifies directories to configure with none access in the
compartment rules file for this SRP compartment.
To specify multiple directories, use commas to separate
directory names.
Variable Name: no_access.
Default: None.
Configuration Data
SRP adds entries to the rules file for the SRP compartment to authorize access according to the
descriptions in the previous sections. SRP also adds an include statement to add the rules from
the files specified by cmpt_rule_file.
54 Using the custom Template