HP-UX Secure Resource Partition (SRP) A.02.00.
© Copyright 2001–2009 Hewlett-Packard Development Company L.P. Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. The information contained herein is subject to change without notice.
Table of Contents HP-UX Secure Resource Partitions.....................................................................................................5 HP-UX SRP Documentation.................................................................................................5 1 HP-UX SRP.................................................................................................................................7 1.1 HP-UX SRP Overview.......................................................................
HP-UX Secure Resource Partitions The information in this document is for HP-UX Secure Resource Partitions (SRP) A.02.00.001 only. HP-UX SRP Documentation For more information on HP-UX SRP, refer to these documents: • HP-UX Secure Resource Partitions (SRP) Administrator's Guide • HP-UX CMGR Administrator's and Developer's Guide These documents are located at: http://docs.hp.
1 HP-UX SRP 1.1 HP-UX SRP Overview HP-UX Secure Resource Partitions (SRP) provides an environment for securely consolidating multiple applications within a single image of the HP-UX 11i operating system. SRP is a component of the Partitioning Continuum for HP-UX and offers high efficiency in resource utilization along with maximum flexibility and performance for customers seeking the benefits of application consolidation.
— A configuration tool guides the selection of features and options for an SRP. Use this tool to add, update, or delete SRPs. You can also use the tool to assign the following items to an SRP: ◦ users/groups ◦ management roles ◦ IP addresses ◦ file system, networking, and IPC isolation policies — Define startup and shutdown activities per SRP. — Update an SRP by adding or removing features and changing configuration properties. — Remove an SRP when it is no longer needed.
1.4 Frequently Asked Questions This section includes questions frequently asked about HP-UX SRP. Q. How can I configure DNS access for an SRP when the remote DNS Server is not accessible from the SRP, but is accessible from the init compartment? A. With HP-UX SRP A.02.00.001, an SRP only has access to the network interface it is configured to. If a command or application within an SRP requires access to a remote network service that is not accessible on the compartment's network, it will fail.
This problem no longer exists since the patch PHNE_39203 is now installed with SRP A.02.00.001. 1.6 Known Problems in HP-UX SRP A.02.00.001 HP-UX SRP A.02.00.001 contains the following known problems: • The getcwd function, which gets the pathname of the current working directory, fails from within an SRP compartment's home directory. For example, Java fails with the error “Could not determine current working directory”.
such. See the HP-UX System Administrator's Guide: Security Management, available at http://docs.fc.hp.com/en/oshpux11iv3.html#System%20Administration for information on how to configure compartment rules. • Long running connections between a remote client and a process running in a SRP may be periodically reset or dropped. An active gateway may occasionally be marked as non-responsive and temporarily dropped from the internal routing tables, resulting in connection loss or reset.
• User login to an SRP compartment does not work when Trusted Computing is enabled. Login with a valid user name and password will fail or timeout when Trusted Computing is enabled. Trusted Computing creates and uses the /tcb directory, but the SRP compartment does not have access to /tcb/files/auth. Therefore, the following message will be written to the syslog.
