Figure 2-1 WLI architecture

2.1.1 Commands

WLI commands are described in detail through the HP-UX manpage facility on installed platforms, and are not reproduced here. The following briefly describes these commands:

wlipolicy

Manage WLI file access policies

wlisign

Manage WLI signatures on binary executables

wlitool

Sign ELF executable files with or without WLI installed

wliwrap

Run commands with WLI capabilities

wlixfr

Transfer WLI file access policies from one file to another

wliadm

Manage WLI administrator keys

wlicert

Manage WLI user keys and capabilities

wlisys

Manage WLI configuration attributes

wlisyspolicy

Manage WLI security attributes

wlitrace

Unsupported diagnostic tool for HP support personnel only

2.1.1.1 Application API

The shared library /opt/wli/lib/libwliapi.so provides API functions for applications to add, delete, and verify access rights for WLI file access policies. For details on libwliapi functions, see libwliapi(3).

14 Product overview

Page 14
Image 14
HP UX Security Products and Features Software manual Commands, Application API