srpgen(1)srpgen(1)NAMEsrpgen - generate minimal configuration files for Secure Resource Par‐
titions
SYNOPSISDESCRIPTION
The HP-UX feature Security Containment, available for HP-UX 11i v2
(B.11.23) and later, provides secure compartments. Placing secure com‐
partments inside PRM groups produces Secure Resource Partitions, or
SRPs.
generates minimal configuration files for both Security Containment and
PRM based on user input. For each SRP name entered, a secure compart‐
ment and a PRM group is added to the configuration files.
COMMAND AVAILABILITY
Only a superuser can run
OPTIONS
Include memory records for each PRM group in the generated PRM
configuration file. Each group's memory allocation is set to the
same value.
Specifies
basepath as the path and base filename for the generated config‐
uration files. The Security Containment configuration file will
be named basepath.scp. The PRM configuration file will be named
basepath.prm.
The basepath.scp file must not already exist and cannot be in a
directory that is owned by a user other than root or is writable
by a user other than owner.
USAGE
prompts you to:
· Enter names for the secure compartments to create, and
· Assign network interfaces (defined in the file /etc/rc.config.d/net‐
conf) to the compartments
An interface not assigned to a secure compartment is not usable by the
system, even from the init secure compartment. If any interfaces are
left unassigned when srpgen completes, a warning message is printed.
The process of assigning interfaces has two parts:
1. Choosing a secure compartment needing an interface assigned
2. Choosing the interface to assign
(You can unassign previously assigned interfaces in this process as
well.)
Once you have assigned all interfaces, writes the Security Containment
configuration file and the PRM configuration file, then displays their
names.
You are encouraged to manually edit and fine-tune your configuration
files, possibly taking advantage of other features of PRM and Security
Containment.
You will need to load/activate the configuration files. For information
on loading the Security Containment configuration, see the setrules(1M)
manpage. For information on loading the PRM configuration, see the prm‐
config(1) manpage.
The prompts from are given below with explanations of the options.
Prompt:
Add Compartment [ -DONE- ] : NAME, ? for list, - for Delete:
While adding compartments, the available options are:
-DONE- Select your ENTER key to stop adding compartments and begin
assigning interfaces
NAME Add a compartment with the specified name
? List defined compartments and their assigned interfaces if any
- Switch to deleting compartments
Prompt:
Delete Compartment [ Resume Adding ] : NAME, ? for list:
While removing compartments, the available options are:
Resume Adding
Select you ENTER key to return to adding compartments
NAME Remove the compartment with the specified name. If this is the
last compartment defined, switch to adding compartments
? List defined compartments and their assigned interfaces if any
Prompt:
Compartment to modify assignments for [ -DONE- ] :
Compartment to modify assignments for [ <name> ] :
-DONE- Select your ENTER key to exit modification and stop assigning
network interfaces to secure compartments
<name> Select your ENTER key to assign a network interface to the next
compartment for which there is no network interface assigned
Prompt:
Add interface: [ -DONE- ], NAME, ? for list, - to delete:
While assigning interfaces to a compartment, the available options are:
-DONE- Select your ENTER key to stop assigning interfaces for the cur‐
rent compartment
NAME Specify the name of an interface to assign to the current com‐
partment
? List the defined compartments and their assigned interfaces.
Also list unassigned interfaces
- Switch to deleting interfaces from the current compartment.
Prompt:
Delete interface: [ -ALL- ], NAME, ? for list, + to add:
While unassigning interfaces, the available options are:
-ALL- Select your ENTER key to remove all interfaces from the current
compartment and return to adding interfaces
NAME Remove the specified interface from the current compartment
? List defined compartments and interfaces
+ Return to adding interfaces (assigning interfaces)
RETURN VALUE
Zero is returned if the command is completed successfully.
Nonzero is returned if errors are detected.
SEE ALSOprm(1), prm2scomp(1), scomp2prm(1), prmconfig(1), setrules(1M)
HP Process Resource Manager User's Guide (/opt/prm/doc/PRM.ug.pdf)
HP Process Resource Manager homepage (http://www.hp.com/go/prm)
srpgen(1)