Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
HP-UX System Administrator's Guide: Security Management: HP-UX 11i Version 3 > Chapter 7 Compartments

Compartment Components

» 

Technical documentation

Complete book in PDF
» Feedback
Content starts here

 » Table of Contents

 » Glossary

 » Index

The compartments feature comprises a set of configuration files and commands you use to configure and administer compartments. Manpages are included to assist you in using the compartments features. These components are listed in the following sections:

Compartment Configuration Files

Table 7-1 briefly describes the files you use with compartment components.

Table 7-1 Compartment Configuration Files

Configuration File

Description

/etc/cmpt

The directory in which compartment rules files reside.

/etc/cmpt/*.rules

The file containing the compartment rules configured for the system.

/etc/cmpt/hardlinks/hardlinks.config

The file containing valid mount points to be scanned to check the consistency of compartment rules for files with multiple hardlinks pointing to them.

 

Compartment Commands

Table 7-2 contains the commands you use to manage compartments.

Table 7-2 Compartment Commands

Command

Description

cmpt_tune

Queries, enables, and disables the compartments feature.

setfilexsec

Sets security attributes of binary files, including the compartment attribute.

getfilexsec

Displays security attributes associated with binary executable files, including the compartment attribute.

getprocxsec

Displays security attributes of processes, including the compartment attribute.

getrules

Displays the compartment rules currently active in the kernel.

setrules

Activates new or modified rules in the kernel.

With the -p option, displays the modified rules for review without passing them to the kernel.

vhardlinks

Checks the consistency of compartment rules for files that have multiple hard links, to ensure that conflicting rules for access do not exist.

 

Compartment Manpages

Table 7-3 contains the manpages associated with compartments.

Table 7-3 Compartment Manpages

Manpage

Description

compartments(4)

Describes compartment rule syntax.

compartments(5)

Provides an overview of compartment functionality and describes the use of compartment rules.

cmpt_tune(1M)Describes cmpt_tune functionality and syntax.

setfilexsec(1M)

Describes setfilexsec functionality and syntax.

getfilexsec(1M)

Describes getfilexsec functionality and syntax.

getprocxsec(1M)

Describes getprocxsec functionality and syntax.

getrules(1M)

Describes getrules functionality and syntax.

setrules(1M)

Describes setrules functionality and syntax.

vhardlinks(1M)

Describes vhardlinks functionality and syntax.

 

Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 2008 Hewlett-Packard Development Company, L.P.