HP-UX Whitelisting A.01.02 Administrator Guide (766164-001, March 2014)
Figure 1 WLI architecture
Commands
WLI commands are described in detail through the HP-UX manpage facility on installed platforms,
and are not reproduced here. The following briefly describes these commands:
wlipolicy Manage WLI file access policies
wlisign Manage WLI signatures on binary executables
wlitool Sign ELF executable files with or without WLI installed
wliwrap Run commands with WLI capabilities
wlixfr Transfer WLI file access policies from one file to another
wliadm Manage WLI administrator keys
wlicert Manage WLI user keys and capabilities
wlisys Manage WLI configuration attributes
wlisyspolicy Manage WLI security attributes
wlitrace Unsupported diagnostic tool for HP support personnel only
Application API
The shared library /opt/wli/lib/libwliapi.so provides API functions for applications to
add, delete, and verify access rights for WLI file access policies. For details on libwliapi
functions, see libwliapi(3).
WLI architecture 11