Manualshelf

HP-UX Secure Resource Partitions (SRP) A.02.02 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Containers (SRP)
61626364656667686970
62
11 Using the custom Template
The custom template enables you to specify additional Security Containment file access rules and
IPFilter rules for an SRP compartment. You can use the custom template to accommodate additional
applications in a SRP compartment, or to add compartment or IPFilter rules to increase security
controls for an SRP compartment.
You can also use the custom template to delete or modify the custom template data for an SRP
compartment.
This chapter addresses the following topics:
11.1 Adding the custom Template to an SRP Compartment
11.2 Replacing or Deleting Custom SRP Data
11.1 Adding the custom Template to an SRP Compartment
To use the custom template, you must create an SRP compartment first, then use the srp -add
command to add the custom template to the compartment.
For example:
# srp -add mySRP # create a base SRP compartment
# srp -add mySRP -template custom -id myID
The syntax for adding the custom template to an SRP compartment is as follows:
srp -a[dd] srp_name -t[emplate] custom -i[d] instance [-s[ervice]
service[,service]...]
Where:
srp_name
Specifies the name of an existing SRP compartment.
instance
Unique string identifier used to identify an instance of an application of the custom
template (the custom template can be added multiple times to the same SRP
compartment).
Valid Input: A text string with alphanumeric, dash (-) , or underscore (_) characters.
The maximum length is 20 characters.
Default: None.
service
Specifies the name of the service to configure. The following services are valid with
the custom template:
cmpt
ipfilter
provision
If you do not specify any services in the command line, srp prompts you for the
services you want to apply and displays a list of the default services that are va
lid with
the custom template. If you are using the factory-configured default services, the only
valid default service is cmpt.
The input data for these services and the data configured are described in the sections
that follow. If SRP uses input data for multiple services, the srp utility prompts you for
the data once and reuses the value.