HP-UX Secure Resource Partitions (SRP) A.02.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Containers (SRP)

Default: 8081.

Tomcat AJP port

number

Specifies the TCP port number on which the compartment Tomcat server will

receive request from apache webserver.

Variable Name: ajp_port.

Valid Input: A TCP port number in the range 1- 65535.

Default: 8009.

IPFilter Port

Numbers

Specifies the local TCP port numbers for IPFilter rules that allow inbound

packets.

Variable Name: ipf_tcp_ports.

Valid Input: One or more TCP port numbers each in the range 1- 65535,

separated by commas.

Default: 8085,8081,8009

*https port is disabled by default in tomcat.

8.1.2.2 Configuration Data

If the compartment address is an IPv4 address, SRP adds IPFilter rules to the

/etc/opt/ipf/ipf.conf file. If the compartment address is an IPv6 address, SRP adds IPFilter

rules to the /etc/opt/ipf/ipf6.conf file.

SRP configures rules that allow inbound packets from any remote IP address to the compartment IP

address with the specified destination TCP port numbers.

SRP inserts these rules at the top of the IPFilter rules file and uses the quick keyword.

The IPFilter configuration file already contains rules from the base template to allow all outbound

TCP, UDP, and ICMP packets from the compartment IP address, as described in

Configuration Data.

8.1.3 The provision Service

The provision service executes the script /opt/hpsrp/bin/util/tomcat_setup to provision

(deploy) a tomcat service in the SRP compartment.

8.1.3.1 Input Data

SRP prompts for the following data. You can also specify a variable name and value in the command

line, as described in 13.1 Creating an SRP Compartment or Adding Data to a Compartment.

Tomcat Web

Server Suite

Version

The HP-UX Webserver Suite version of Tomcat Servlet Engine to be used to

configure the template

Variable Name: wss_version.

Default: 3.0.

Tomcat

executable

path

The root directory for Tomcat executables.

Variable Name: exec_path.

Default: /opt/hpws22/tomcat.

Copy Tomcat

data from

path

The directory from which you want to copy Tomcat data. The provision

service

creates a copy of this subtree and its contents and installs it in the specified

data_path for use by the SRP compartment. The input for this variable is

typically the

newconfig

subdirectory under the Tomcat product directory.