wlisyspolicy.1m (2011 03)

wlisyspolicy(1M)

Optional WLI Product Required

wlisyspolicy(1M)

• flac={enabled | disabled}

•

Failure A message and non-zero exit code.

Success An exit code of 0.

Retrieve current and deferred WLI system policy values:

% wlisyspolicy -g

If WLI has just been installed, the command response will be:

WLI Global Policy Attributes

Values in effect currently:

write lock protection (FLAC): enabled

protection mode: restricted

allow security downgrade: deferred

Note that the values in the above example provide the highest level of security. Any requested change

from these values will be deferred until the next system reboot completes.

In the following example, the administrator private key,

keyadminp, resides in the current working

directory. Provide the private key passphrase with the environment variable

PW

maintenance, and change the security downgrade policy to immediate:

current mode unchanged; will be maintenance following reboot

downgrade policy unchanged; will be immediate following reboot

In the following example, provide the private key passphrase

my pass on stdin, change the FLAC policy

to enabled, and change the IBAC policy to disabled:

% echo "my pass" | wlisyspolicy -k keymemp -p stdin

If downgrade=deferred is currently in effect, the response will be:

current FLAC policy is enabled

current IBAC policy unchanged; will be disabled following reboot

2 Hewlett-Packard Company − 2 − HP-UX 11iv3: Sep 2010 Web Release