HP-UX Secure Resource Partitions (SRP) A.02.01 Administrator's Guide
29
//
// allow access to the shared sshd files
//
perm nsearch /opt
perm nsearch /opt/ssh
perm nsearch,read /opt/ssh
perm nsearch /var
perm nsearch /var/hpsrp
perm nsearch /var/hpsrp/mySRP
perm nsearch /var/hpsrp/mySRP/opt
perm nsearch /var/hpsrp/mySRP/opt/ssh
perm all /var/hpsrp/mySRP/opt/ssh
//
// add shared rules from the include file at
"/opt/hpsrp/etc/cmpt/sshd.srp_incl"
//
#include "/opt/hpsrp/etc/cmpt/sshd.srp_incl"
Compartment: mySRP Template: sshd Service: provision
----------------------------------------------------------------------
SSHD Configuration File:
/var/hpsrp/mySRP/opt/ssh/sshd_config
SSHD Port:
22
SSHD Key Files:
/var/hpsrp/mySRP/opt/ssh/ssh_host_rsa_key
/var/hpsrp/mySRP/opt/ssh/ssh_host_rsa_key.pub
/var/hpsrp/mySRP/opt/ssh/ssh_host_dsa_key
/var/hpsrp/mySRP/opt/ssh/ssh_host_dsa_key.pub
SSHD Pid File:
/var/hpsrp/mySRP/opt/ssh/sshd.pid
SSHD Startup/Shutdown Script:
/var/hpsrp/mySRP/sbin/init.d/secsh
SSHD Provision Script:
/opt/hpsrp/bin/util/sec_sh
Step 7: Starting the SRP Compartment
To start an SRP compartment, enter the following command:
srp -start compartment_name
The srp utility starts the SRP compartment by setting the SRP state to Started and executing the
initialization scripts in the /var/hpsrp/compartment_name/sbin/init.d subdirectories.
# /opt/hpsrp/bin/srp -start mySRP
***********************************************
Compartment mySRP startup in progress
Mon Dec 7 13:58:18 IST 2009
***********************************************