Manualshelf

HP-UX Secure Resource Partitions (SRP) A.02.02 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Containers (SRP)
31323334353637383940
40
8 Using the base Template
The base template manages SRP compartment data that is not application-specific. This chapter
describes how to use the base template to create an SRP compartment. You can also use the base
template to add additional base services to a compartment or to delete or modify the base services
for a compartment.
This chapter addresses the following topics:
8.1 Creating a SRP Compartment
8.2 Replacing or Deleting Base SRP Data
8.1 Creating a SRP Compartment
You can use the base template to create an SRP compartment. After you create an SRP compartment,
you can use an application template to add application-specific configuration data to the SRP
compartment, such as compartment file access rules for application-specific directories and IPFilter
rules for application-specific port numbers.
To create an SRP compartment, enter the following srp -add command. Specifying the base
template (-t base) is optional; the base template is the default template for the add operation.
The srp add command has the following syntax:
srp -a[dd] srp_name [-t base] [-s service[,service]...]
Where:
srp_name
Specifies the name of the SRP compartment to create.
service
Specifies the name of the service to configure. If you do not specify the -s
option, srp prompts you for a list of services to configure with a list of
default services. The factory-configured default services are as follows
(listed in the order that srp prompts for input):
cmpt - see The cmpt Service
admin - see The admin Service
prm - see The prm Service
network - see The network Service
init - The init Service
You can modify the set of default services using the srp_setup utility as
described in 2 Setting Up an SRP.
The following services are also valid with the base template:
login - see The login Service
ipfilter - see The ipfilter Service
ipsec - see The ipsec Service
The input data for these services and the data configured are described in
the sections that follow. If SRP uses input data for multiple services, the srp
utility prompts you for the data once and reuses the value.