HP UX Security Products and Features Software manual Index, Symbols

Page 59

Index

Symbols

.$WLI_FSPARMS$, 17

.$WLI_POLICY$, 17

.$WLI_SIGNATURE$, 17

A

access controls file lock, 9 identity-based, 10

administrator key lost, 39

administrator keys, 20 authorizing, 25

API, 14 api, 11 applications, 15 architecture, 13

B

backup, 26, 33

backup recommendations, 34, 35

C

configuring, 25 contacting HP, 41

D

database, 16

database corruption, 39 database files, 33 DLKM, 26

loading, 30 unsigned loading, 31

dlkm, 10

E

example

backing up policy protected files, 49 backup and restore without wliwrap, 51 libwliapi, 45

manual configuration, 49 restoring policy protected files, 50

F

file access policies, 9 file access policy

removing, 30

file lock access controls, 9 file systems, 16

files database, 33 metadata, 34, 35 protected, 34, 38

FLAC, 9, 46 FLAC policies, 35

FLAC policy, 29

G

generating keys, 19 glossary, 57

I

IBAC, 10, 46 IBAC policies, 35 IBAC policy, 30

identity-based access controls, 10 installation requirements, 21 installing, 21

K

known issues, 39

L

libwliapi, 45

M

mem, 10

metadata files, 16, 34, 35

P

passphrase lost, 39

policies FLAC, 35 IBAC, 35

policy enforcement manager, 15 product overview, 13 protected files, 34, 38

Q

quick setup examples, 53 configuration, 53 FLAC policies, 54 IBAC policies, 55 installation, 53

R

rebooting, 27 recommendations

backup, 34, 35 restore, 34, 35

recovery key authorizing, 25

reinstallation, 39 related information, 41 removing, 21, 22 resources, 41 restore, 33

restore recommendations, 34, 35 restricted mode, 27

59

Image 59

Contents HP-UX Whitelisting A.01.00 Administrator Guide Copyright 2010 Hewlett-Packard Development Company, L.P Table of Contents HP Serviceguard considerations Glossary Index List of Figures List of Examples Page File lock access controls Security featuresFile access policies Capabilities Identity-based access controls4 api Page WLI architecture Product overviewApplication API CommandsApplications WLI metadata files WLI database3 .$WLISIGNATURE$ Page Generating keys Key usageUser keys Administrator keysInstalling WLI Installing, removing, and upgradingInstallation requirements Removing WLI Upgrading WLI Page Authorizing administrator keys ConfiguringAuthorizing the recovery key Backing up the WLI database Signing DLKMsRebooting to restricted mode Page Creating a Flac policy Enhancing security with WLISigning an executable binary Creating an Ibac policy Removing a file access policyEnabling DLKMs to load during boot # kcmodule ciss=unused # wlisign -a -k /home/admin1/adminpriv /usr/conf/mod/cissWlisign -a -k adminpriv /usr/sbin/kcmodule Loading unsigned DLKMsPage WLI database files Backup and restore considerationsOverview Recommendations Policy protected and metadata filesWrite protected Read/write protected filesMetadata files Flac policiesIbac policies Page WLI database HP Serviceguard considerationsAdministration Policy protected files Lost WLI administrator key or passphrase Troubleshooting and known issuesSoftware distributor issues WLI reinstallation# kcmodule wli=unused # shutdown -r Wlisyspolicy -s mode=maintenance -k adminkeySu root # rm -r /etc/wli # tar -xf /tmp/wlikeydb.tarRelated information Support and other resourcesContacting HP User input Typographic conventionsWebsites Times Page # su wliusr1 # make cleanInstructions # make allIbac add and delete program Flac add and delete programIbac add and delete program Page Administration examples Su root # wlisign -a -k adm1.pvt /usr/bin/tar Wlicert -s -c wli.admin1 -o wmd -k adm1.pvtWlisys -k adm1.pvt -s wmdstoretype=pseudo Tar -vtf tartest.tarBdf mydir Cat /tmp/.$WLIFSPARMS$Bprestore -f backuplist Bpbackup -f backuplistAuthorizing a user key Quick setup examplesConfiguring WLI Authorizing an administrator keyEnabling a Flac policy Testing a Flac policyFlac policies Creating a Flac policyIbac policies Removing an Ibac policy Disabling an Ibac policyASM GlossaryPage Index SymbolsIndex

Related manuals

Manual 130 pages 58.55 Kb