Manualshelf

HP-UX Secure Resource Partitions (SRP) A.02.02 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Containers (SRP)
11121314151617181920
13
login
Defines the users and groups allowed to login to the SRP compartment. Uses the HP-UX
Security Containment RBAC and compartment login features to configure the compartment
login access for a set of HP-UX users and groups. If compartment login is enabled for the
system with the default RBAC configuration and you do not configure the SRP login service,
only the root (UID 0) user is allowed to log in to the compartment.
prm
Configures a PRM group for the SRP compartment. You can specify the PRM group type and
the CPU and memory allocations for the group.
provision
Executes a script to deploy an application in an SRP compartment. HP provides provision
scripts for Apache Web Server, Tomcat Servlet Engine, and Secure Shell daemon (sshd)
templates.
network
Configures an IP interface for use by a compartment. By default, SRP IP interfaces will not
be shared between SRPs, however these interfaces are accessible by default from the INIT
compartment.
init
Creates compartment startup and shutdown scripts and a compartment-specific init
directory structure that replicates the /sbin/init.d directory structure. By default, the
scripts are automatically executed by the system startup and shutdown scripts.
ipfilter
Configures IPFilter rules for the compartment. For the base template, SRP configures rules that
restrict inbound IP packets to the compartment's IP interface. When used with application
templates, SRP prompts you for local port numbers and configures rules that allow packets
that match the specified ports.
ipsec
Configures HP-UX IPSec policies for the compartment. SRP prompts you for the local and
remote IP addresses and configures IPSec polices to encrypt and authenticate packets that
match the address specifications. The ipsec service also configures an Internet Key
Exchange (IKE) policy and an IKE preshared key.
1.2.7 Configuration Synchronization Manager (CMGR) Utility and Libraries
The Configuration Synchronization Manager (CMGR) product is included in the SRP bundle. The
CMGR product includes the cmgr utility and libraries, which enables SRP to coordinate the
configuration of multiple subsystems. The srp utility invokes the cmgr utility.
For more information about CMGR, refer to the
HP-UX CMGR Administrator's and Developer's Guide.