Manuals / HP / Computer Equipment / Software

HP UX Encrypted Volume and Filesystem (EVFS) Configuring an Alternate Evfs Pseudo-User, Example

Models: UX Encrypted Volume and Filesystem (EVFS)

1 174
Download 174 pages 22.98 Kb
Page 37
Image 37

Step 1: Configuring an Alternate EVFS Pseudo-User

EVFS uses the pseudo-user evfs to own and control internal resources. When you install EVFS for the first time, the installation script attempts to add the user account evfs and the group evfs for the EVFS pseudo-user. If the evfs user account or evfs group already exists on the system when you initially install EVFS, you must configure a different user account and group for the EVFS pseudo-user.

TIP: Skip this step if you can use the name evfs as the user and group name for the EVFS pseudo-user.

If you cannot use evfs as the user and group name for the EVFS pseudo-user, use the following procedure to configure alternative names:

a.Set the evfs_user attribute in the /etc/evfs/evfs.conf file to an alternate user name.

b.Create an alternate user group for the EVFS pseudo-user.

c.Create the alternative user account for the EVFS pseudo-user.

Step 1a: Setting the evfs_user Attribute

Set the evfs_user attribute in the /etc/evfs/evfs.conf file to an alternative user name for the EVFS pseudo-user.

Example

The following entry in the /etc/evfs/evfs.conf file sets the name of the EVFS pseudo-user to my_evfs_user:

evfs_user = my_evfs_user

Step 1b: Creating the User Group

Create a user group reserved for the EVFS pseudo-user.

Example

The following groupadd command creates the user account my_evfs_group:

#groupadd my_evfs_group

Step 1c: Creating the EVFS Pseudo-User Account

Create the alternate EVFS pseudo-user account with the following characteristics:

Name: This must match the value of the evfs_user attribute in the /etc/evfs/evfs.conf file.

Password: Do not specify a password, and do not enable the password. The entry in /etc/passwd will contain an asterisk in the password field.

User ID (UID): A unique ID greater than 100 so it does not conflict with UIDs reserved for HP-UX system components. Do not use the superuser UID (0).

Group ID: Any. HP recommends that you create a new group reserved the EVFS pseudo-user.

Gecos ID (comment field): Add a comment indicating that this account is used by EVFS.

Initial Working Directory: Any directory, such as /tmp or /home/evfs.

Shell: Non-interactive shell, such as /usr/bin/false or no shell.

Example

The following useradd command creates the user account my_evfs_user. The account name my_evfs_user matches the value for the evfs_user account in the file /etc/evfs/evfs.conf.

Step 1: Configuring an Alternate EVFS Pseudo-User

37

Page 36 Page 38
Page 37
Image 37
HP UX Encrypted Volume and Filesystem (EVFS) Configuring an Alternate Evfs Pseudo-User, Setting the evfsuser Attribute
Page 36 Page 38