Manualshelf

HP-UX Secure Resource Partitions (SRP) A.02.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Containers (SRP)
51525354555657585960
Configuration Data
If the compartment address is an IPv4 address, SRP adds IPFilter rules to the /etc/opt/ipf/
ipf.conf file. If the compartment address is an IPv6 address, SRP adds IPFilter rules to the
/etc/opt/ipf/ipf6.conf file.
SRP configures rules that allow inbound packets from any remote IP address to the compartment
IP address with the specified destination TCP port numbers. SRP also specifies the keep state
keywords to allow outbound responses for these packets.
SRP inserts these rules at the top of the IPFilter rules file and uses the quick keyword.
The IPFilter configuration file already contains rules from the base template to allow all outbound
TCP, UDP, and ICMP packets from the compartment IP address, as described in “Configuration
Data” (page 42).
Completing the Configuration
After applying the cmpt service and optionally the ipfilter service for the oracledb template,
you can deploy an Oracle Database Server in the compartment. You might need to make a copy
or link from the Oracle product installation directory to the exec_path configured for the cmpt
service. You might also need to set up the Oracle configuration and schema under the data_path
configured for the cmpt service.
You can also copy or create a startup and shutdown script for the Oracle processes, and install
or link it to files in a /var/hpsrp/compartment_name/sbin/rcn.d directory.
Starting the SRP Compartment
If the SRP compartment was not started with the base template, you can start it using the
following command:
srp -start compartment_name
For more information about starting SRP compartments, see Chapter 10 (page 65).
Replacing or Deleting Oracle SRP Data
Use the following command to replace oracledb template data in an SRP compartment:
srp -r[eplace] compartment_name -t oracledb [-s service[,service]...]
The srp -replace command deletes the specified data, then prompts you for replacement
data. For example, the following command deletes all the IPFilter data for the oracledb template,
then prompts you for replacement data:
srp -replace myCmpt -t oracledb -s ipfilter
Use the following command to delete oracledb template data from an SRP compartment:
srp -d[elete] compartment_name -t oracledb [-s service[,service]...]
CAUTION: If you do not specify the -template and -service arguments, srp deletes the
compartment or replaces all data for the compartment. For example, the srp -delete myCmpt
command deletes the myCmpt SRP compartment.
For more information, see “Deleting Configuration Data” (page 69) and “Replacing Configuration
Data” (page 69).
Starting the SRP Compartment 59