cmpt_tune man page on HP-UX

Man page or keyword search:  
man Server   10987 pages
apropos Keyword Search (all sections)
Output format
HP-UX logo
[printable version]

cmpt_tune(1M)							 cmpt_tune(1M)

       cmpt_tune - query, enable, or disable compartmentalization feature




       queries,	 enables,  or disables the compartmentalization feature.  Com‐
       partmentalization is not a dynamic feature; enabling or	disabling  the
       feature requires a reboot.  If you make a change and do not specify the
       flag, reports a reboot reminder message.	 If no options are  specified,
       the option is assumed.

       If  no  compartments  have  been	 defined  when compartmentalization is
       enabled, the network interfaces currently installed on the  system  are
       assigned to a new compartment and the administrator is given the oppor‐
       tunity to reassign these interfaces (see getrules(1M)).

       The system initially boots into a predefined compartment, A process  in
       the  compartment can access all objects (that is, all processes, files,
       IPC objects, etc., are accessible from the compartment).	 See  compart‐
       ments(5)	  for	more   information.    Using  the  command  (see  set‐
       filexsec(1M)), an administrator can  set	 specific  binaries  to	 start
       automatically  in  other compartments; that is, when a process executes
       the binary, it may find its  compartment	 modified  as  a  side-effect.
       This concept is similar to a setuid binary changing a process's euid.

       When the or option is specified without the option, the current running
       configuration is modified.  If or is  specified	with  the  option  and
       boot_image  does	 not  exist, it is created as though the administrator
       ran the following command:

       In any case, boot_image is marked for use on the next boot.

       The command recognizes the following options:

	      Disables compartments.

	      Enables compartments.

	      Prints a help message.

	      Makes changes to or queries the specified
			boot_image.  If this option is not specified, defaults
			to  If	no  other options are specified, the option is

	      Queries the current state of compartments.

	      Queries the state of compartments after the next reboot.

	      Reboots after making changes.
			You can only use this option with the or options.

	      Sets silent mode.
			Only the exit status is set.

       returns the following values:

	      When querying, the compartmentalization feature is enabled.
		     When  making  changes,  the  changes   are	  successfully

	      An option processing error occurred.
		     When  querying,  the compartmentalization feature is dis‐
		     abled.  When making changes, and is specified, the reboot
		     option  is	 ignored (for example, to allow for editing of
		     compartment configuration files).

	      When querying, the kernel configuration specified does not exist
		     or has no support for compartmentalization.

       A network interface that is not assigned to any compartment  cannot  be
       accessed	 by  any  process  and	effectively cannot be used.  Assign at
       least one network interface to a compartment so that network communica‐
       tions can function.

       If  the	or  option  is	used in conjunction with the option, any prior
       changes pending to the current configuration are lost.

       If the compartments feature is enabled on a kernel  configuration  that
       does  not  reflect  the	required  patch	 levels	 (for  example,	 patch
       PHKL_32798 is missing), the system may not boot	properly  or  may  not
       have network connectivity.

       authadm(1M),  kconfig(1M), getrules(1M), setfilexsec(1M), setrules(1M),
       compartments(4), compartments(5).


List of man pages available for HP-UX

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
Vote for polarhome
Free Shell Accounts :: the biggest list on the net