HP
UX Security Products and Features Software
manual
Install
Symbols
Administrator keys
Configuring
Software distributor issues
File access policies
Quick setup examples
Commands
Bpbackup -f backuplist
# make clean
Page 18
18
Page 17
Page 19
Image 18
Page 17
Page 19
Contents
HP-UX Whitelisting A.01.00 Administrator Guide
Copyright 2010 Hewlett-Packard Development Company, L.P
Table of Contents
HP Serviceguard considerations
Glossary Index
List of Figures
List of Examples
Page
Security features
File access policies
File lock access controls
Identity-based access controls
Capabilities
4 api
Page
Product overview
WLI architecture
Commands
Application API
Applications
WLI database
WLI metadata files
3 .$WLISIGNATURE$
Page
Key usage
Generating keys
Administrator keys
User keys
Installing, removing, and upgrading
Installation requirements
Installing WLI
Removing WLI
Upgrading WLI
Page
Configuring
Authorizing the recovery key
Authorizing administrator keys
Signing DLKMs
Backing up the WLI database
Rebooting to restricted mode
Page
Enhancing security with WLI
Signing an executable binary
Creating a Flac policy
Removing a file access policy
Enabling DLKMs to load during boot
Creating an Ibac policy
Loading unsigned DLKMs
# wlisign -a -k /home/admin1/adminpriv /usr/conf/mod/ciss
Wlisign -a -k adminpriv /usr/sbin/kcmodule
# kcmodule ciss=unused
Page
Backup and restore considerations
Overview
WLI database files
Read/write protected files
Policy protected and metadata files
Write protected
Recommendations
Flac policies
Ibac policies
Metadata files
Page
HP Serviceguard considerations
Administration
WLI database
Policy protected files
WLI reinstallation
Troubleshooting and known issues
Software distributor issues
Lost WLI administrator key or passphrase
# tar -xf /tmp/wlikeydb.tar
Wlisyspolicy -s mode=maintenance -k adminkey
Su root # rm -r /etc/wli
# kcmodule wli=unused # shutdown -r
Support and other resources
Contacting HP
Related information
Typographic conventions
Websites
User input
Times
Page
# make all
# make clean
Instructions
# su wliusr1
Flac add and delete program
Ibac add and delete program
Ibac add and delete program
Page
Administration examples
Wlicert -s -c wli.admin1 -o wmd -k adm1.pvt
Su root # wlisign -a -k adm1.pvt /usr/bin/tar
Cat /tmp/.$WLIFSPARMS$
Tar -vtf tartest.tar
Bdf mydir
Wlisys -k adm1.pvt -s wmdstoretype=pseudo
Bpbackup -f backuplist
Bprestore -f backuplist
Authorizing an administrator key
Quick setup examples
Configuring WLI
Authorizing a user key
Creating a Flac policy
Testing a Flac policy
Flac policies
Enabling a Flac policy
Ibac policies
Disabling an Ibac policy
Removing an Ibac policy
Glossary
ASM
Page
Symbols
Index
Index
Related pages
Troubleshooting Sound problems for Lenovo B450
Hard drive specifications for HP 17
Indicator lights for Indesit PWDC 8125 W
Replacement Blade Set Chart for Prince Castle Cutters
How to calculate your destina for Pioneer AVIC-Z1
Installing for using PC-Cam for Samsung VP-X110L
Parts List for Impex MWM-7300
Remote Control Code List for Humax HDPVR-1000C
Headphones for Panasonic TH-L42S20K
What are the licensing details for Samsung TVs?
Find Out More
Top
Page
Image
Contents