Manualshelf

HP-UX Secure Resource Partitions (SRP) A.02.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Containers (SRP)
12345678910
10
a role with the RBAC authorization to log in to cmpt1, and assign the user user1 to that role. You
can configure the system so that user1 can log in only to cmpt1 and access only the files available
to cmpt1. You can also use RBAC to configure the system so that an executable can run in only
cmpt1. These security restriction are examples of only a small subset of the restrictions and conditions
you can configure using HP-UX Security Containment. For more information, see HP-UX System
Administrator's Guide: Security Management.
1.1.3 HP Process Resource Manager (PRM)
HP Process Resource Manager (PRM) manages processor and memory allocation and enables you to
configure dedicated resources for an SRP compartment. PRM can guarantee a minimum allocation of
system resources available to a set of users and applications joined together in a PRM group. Each
PRM group is allocated certain amounts of system resources, including CPU bandwidth, core
processors, and memory, and disk bandwidth.
1.1.4 IP Interfaces
You can use SRP to create an IP interface for exclusive use by the compartment. You do not have to
use a dedicated network interface card for this IP interface; you can create a logical IP interface on a
network interface card.
An SRP compartment can also use an IP interface that is already in use by the system if it is not
assigned to another compartment.
1.1.5 Initialization and Shutdown Services
You can use SRP to create an initialization and shutdown directory structure for the compartment with
compartment control scripts that are automatically executed when the system starts up or shuts down.
You can also execute a compartment control script to manually start or shut down an SRP
compartment.
1.1.6 HP-UX IPFilter
HP-UX IPFilter is a host-based firewall software solution that enables you to restrict network traffic
according to packet attributes, such as:
Source IP address
Destination IP address
Protocol (such as TCP or UDP)
TCP and UDP port numbers
1.1.7 HP-UX IPSec
HP-UX IPSec enables you to secure IP packets by encrypting and authenticating IP data. You configure
IPSec to select packets for security according to packet attributes, such as:
Source IP address
Destination IP address
Protocol (such as TCP or UDP)
TCP and UDP port numbers
1.2 SRP Components
SRP includes the following components:
The srp_sys utility
The srp utility