Manualshelf

HP-UX Secure Resource Partitions (SRP) A.02.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Containers (SRP)
51525354555657585960
Input Data
SRP prompts for the following data. You can also specify a variable name and value in the
command line, as described in “Creating an SRP Compartment or Adding Data to a Compartment”
(page 67).
Oracle executable path The root directory for Oracle executables. The cmpt service
adds rules to allow the compartment read access to this
directory. Because this parameter is configured per
compartment, you can run different versions of the Oracle
Database server product on the system.
Variable Name: exec_path.
Default:
/opt/var/hpsrp/compartment_name/opt/u01/home/oracle.
Oracle DB data path The root directory for Oracle data. The cmpt service adds
rules to allow the compartment all access to this directory.
Users and processes in the SRP compartment can read, write,
traverse (nsearch), and delete (ulink) the contents of these
directories. In most cases, you would set up the Oracle
configuration and schema under this path, and set the value
of the ORACLE_HOME environment variable to this path.
Variable Name: data_path.
Default:
/var/hpsrp/compartment_name/opt/u01/home/oracle.
Configuration Data
SRP adds entries to the SRP compartment rules file (/etc/cmpt/compartment_name.rules)
that authorize access to the exec_path and data_path directories. SRP also adds an include
statement to add the rules from the /opt/hpsrp/etc/cmpt/oracledb.srp_incl file. As
delivered by HP, this file is empty. You can edit this file to contain compartment rules to be
applied when configuring the cmpt service with the oracledb template.
The ipfilter Service
The ipfilter service for the oracledb template adds rules to allow inbound requests to the
specified ports used by the Oracle database server to pass. You can also specify additional inbound
destination TCP port numbers for IPFilter pass rules.
Input Data
SRP prompts for the following data. You can also specify a variable name and value in the
command line, as described in “Creating an SRP Compartment or Adding Data to a Compartment”
(page 67).
IPFilter Port Numbers
Specifies the local TCP port numbers for IPFilter rules that
allow inbound packets.
Variable Name: ipf_ports.
Valid Input: One or more TCP port numbers each in the range
1- 65535, separated by commas.
Default: 1521. This is the default port number for the Oracle
Net Listener process (commonly referred to as the listener).
58 Using the oracledb Template