Manualshelf

HP-UX Secure Resource Partitions (SRP) A.02.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Containers (SRP)
51525354555657585960
58
9 Using the custom Template
The custom template enables you to specify additional Security Containment file access rules and
IPFilter rules for an SRP compartment. You can also use the custom template to accommodate
additional applications in a SRP compartment, or to add compartment or IPFilter rules to increase
security controls for an SRP compartment.
You can also use the custom template to delete or modify the custom template data for a
compartment.
This chapter addresses the following topics:
9.1 Adding the custom Template to an SRP Compartment
9.2 Replacing or Deleting Custom SRP Data
9.1 Adding the custom Template to an SRP Compartment
To use the custom template, you must create a base SRP compartment first, then use the srp -add
command to add the custom template to the compartment.
For example:
# srp -add mySRP # create a base SRP compartment
# srp -add mySRP -template custom -id myID
The syntax for adding the custom template to an SRP compartment is as follows:
srp -a[dd] compartment_name -t[emplate] custom -i[d] instance [-s[ervice]
service[,service]...]
Where:
compartment_name
Specifies the name of an existing SRP compartment.
instance
Unique string identifier used to identify an instance of an application of the
custom template (the custom template can be added multiple times to the same
SRP compartment).
Valid Input: A text string with alphanumeric, dash (-) , or underscore (_)
characters. The maximum length is 20 characters.
Default: None.
service
Specifies the name of the service to configure. The following services are valid
with the custom template:
cmpt
ipfilter
provision
If you do not specify any services in the command line, srp prompts you for
the services you want to apply and displays a list of the default services that
are valid with the custom template. If you are using the factory-configured
default services, the only valid default service is cmpt.
The input data for these services and the data configured are described in the
sections that follow. If SRP uses input data for multiple services, the srp utility
prompts you for the data once and reuses the value.