container_workload.5 (2011 09)
CONTAINER_WORKLOAD(5) CONTAINER_WORKLOAD(5)
Software Management
The Software Distributor (sd(5)) is used to install or remove software. You must be in the global view to
install or remove software. A workload container shares filesystem namespace with the global view, so by
default. Products installed in the global view are accessible from a workload container.
Device Access
All devices in the global filesystem view are accessible in a workload container.
Disallowed Privileges
By default, no privileges are disallowed in a workload container. A system administrator may customize
a workload container to restrict privileged tasks by updating the disallowed privileges in the compart-
ment rules file for a specific container. Refer to privileges(5) for a description of privileges that may be
disallowed and compartments(4) for a description of how to change the container’s compartment
configuration file.
MANAGING WORKLOAD CONTAINERS
Workload containers can be created, modified, deleted, and migrated or cloned across systems via the
srp(1M) command. Workload containers can be started and stopped in a similar manner to starting and
stopping an individual system, including startup and shutdown processing. See sys_sys(1M), srp(1M) and
srp_init(1M).
A workload container must be created via the srp(1M) command using the workload template.
RESTRICTIONS
Users in a container are prevented from accessing files or directories in another container via compart-
ments(4) rules.
SEE ALSO
container(5), container_system(5), srp(1M), srp_sys(1M), srp_su(1M), srp_init(1M), compartments(5),
privileges(5), chroot(1M).
2 Hewlett-Packard Company − 2 − HP-UX 11i Version 3: September 2011