HP UX Security Products and Features Software manual Policy protected and metadata files

Page 34

7.2.1 Write protected

WLI does not inhibit reading of write protected files. Files in this class can be read and backed up in accordance with the file ownership and permission bits. Files in this class are:

/etc/wli/certificates/*

/etc/wli.wlicert.conf

/etc/wli/wlisys.conf

/etc/wli/wlisyspolicy.conf

For backup procedures, these files can be treated the same as other directories and regular files.

Restoration of backup archives for these files is only recommended if the WLI database is corrupted. WLI protects against writes to these file locations in restricted mode. If the WLI database is corrupted, the entire database should be restored from the most recent archive, for internal consistency.

For an example of the procedure for restoring files in this class using wmd capability, see “Administration examples” (page 49).

7.2.2 Read/write protected files

Files in this class have WLI read and write protection. Even with wmd capability granted to a command, these files cannot be backed up or restored. Files in this class are:

/etc/wli/keys/*

These files include encrypted administrator keys that are read/write protected for security reasons. HP recommends that all WLI administrator keys are generated during initialization, followed by a backup, while the system is in maintenance mode. Authorizing new administrator keys should be very uncommon. Only the wliadm command updates keys in this class.

Except for files in this class, backups can be generated in restricted mode. The recovery key, or any administrator key can have its passphrase changed without affecting the WLI database.

7.2.3Recommendations

Avoid adding and deleting administrator keys as much as possible because this obsoletes a WLI database backup. A backup archive can only be refreshed in maintenance mode if administrator keys are added or deleted. Only the wliadm command can add or delete administrator keys.

Refresh WLI database backups when the wlisys, wlisyspolicy, and wlicert commands are executed. Updates from these commands can be backed up in restricted mode.

Do not attempt to restore a WLI database backup in restricted mode. Restoring a WLI Database is only possible in maintenance mode. Backup in restricted mode should only be considered as a disaster recovery operation.

Do not restore a WLI Database on a system different than the one for which the archive was created. Restoring a WLI database backup on a different system results in unpredictable behavior and WLI failure.

Do not partially restore a WLI database. Restore the archive entirely to maintain its internal consistency. The database maintains internal relationships between different files that must be intact for WLI to operate correctly.

7.3 Policy protected and metadata files

Files in this class include files with access protection policies and files created by WLI to store metadata. The WLI protections are in effect only in restricted mode. For more detail on backing up and restoring policy protected files and metadata, see Example B-2 (page 49) and Example B-3 (page 50). For more detail on backing up policy protected files and metadata without wliwrap, Example B-4 (page 51).

34 Backup and restore considerations

Page 33 Page 35
Image 34
Page 33 Page 35
Contents HP-UX Whitelisting A.01.00 Administrator Guide Copyright 2010 Hewlett-Packard Development Company, L.P Table of Contents HP Serviceguard considerations Glossary Index List of Figures List of Examples Page File access policies Security featuresFile lock access controls Identity-based access controls Capabilities4 api Page Product overview WLI architectureCommands Application APIApplications WLI database WLI metadata files3 .$WLISIGNATURE$ Page Key usage Generating keysAdministrator keys User keysInstallation requirements Installing, removing, and upgradingInstalling WLI Removing WLI Upgrading WLI Page Authorizing the recovery key ConfiguringAuthorizing administrator keys Signing DLKMs Backing up the WLI databaseRebooting to restricted mode Page Signing an executable binary Enhancing security with WLICreating a Flac policy Enabling DLKMs to load during boot Removing a file access policyCreating an Ibac policy Loading unsigned DLKMs # wlisign -a -k /home/admin1/adminpriv /usr/conf/mod/cissWlisign -a -k adminpriv /usr/sbin/kcmodule # kcmodule ciss=unusedPage Overview Backup and restore considerationsWLI database files Read/write protected files Policy protected and metadata filesWrite protected RecommendationsIbac policies Flac policiesMetadata files Page Administration HP Serviceguard considerationsWLI database Policy protected files WLI reinstallation Troubleshooting and known issuesSoftware distributor issues Lost WLI administrator key or passphrase# tar -xf /tmp/wlikeydb.tar Wlisyspolicy -s mode=maintenance -k adminkeySu root # rm -r /etc/wli # kcmodule wli=unused # shutdown -rContacting HP Support and other resourcesRelated information Websites Typographic conventionsUser input Times Page # make all # make cleanInstructions # su wliusr1Flac add and delete program Ibac add and delete programIbac add and delete program Page Administration examples Wlicert -s -c wli.admin1 -o wmd -k adm1.pvt Su root # wlisign -a -k adm1.pvt /usr/bin/tarCat /tmp/.$WLIFSPARMS$ Tar -vtf tartest.tarBdf mydir Wlisys -k adm1.pvt -s wmdstoretype=pseudoBpbackup -f backuplist Bprestore -f backuplistAuthorizing an administrator key Quick setup examplesConfiguring WLI Authorizing a user keyCreating a Flac policy Testing a Flac policyFlac policies Enabling a Flac policyIbac policies Disabling an Ibac policy Removing an Ibac policyGlossary ASMPage Symbols IndexIndex
Top Page Image Contents