Manuals
/
HP
/
Computer Equipment
/
Software
HP
UX Security Products and Features Software
manual
Models:
UX Security Products and Features Software
1
62
62
Download
62 pages
27.73 Kb
55
56
57
58
59
60
61
62
<
>
Install
Symbols
Administrator keys
Configuring
Software distributor issues
File access policies
Quick setup examples
Commands
Bpbackup -f backuplist
# make clean
Page 62
Image 62
Page 61
Page 62
Image 62
Page 61
Contents
HP-UX Whitelisting A.01.00 Administrator Guide
Copyright 2010 Hewlett-Packard Development Company, L.P
Table of Contents
HP Serviceguard considerations
Glossary Index
List of Figures
List of Examples
Page
File lock access controls
Security features
File access policies
Identity-based access controls
Capabilities
4 api
Page
Product overview
WLI architecture
Commands
Application API
Applications
WLI database
WLI metadata files
3 .$WLISIGNATURE$
Page
Key usage
Generating keys
Administrator keys
User keys
Installing WLI
Installing, removing, and upgrading
Installation requirements
Removing WLI
Upgrading WLI
Page
Authorizing administrator keys
Configuring
Authorizing the recovery key
Signing DLKMs
Backing up the WLI database
Rebooting to restricted mode
Page
Creating a Flac policy
Enhancing security with WLI
Signing an executable binary
Creating an Ibac policy
Removing a file access policy
Enabling DLKMs to load during boot
Loading unsigned DLKMs
# wlisign -a -k /home/admin1/adminpriv /usr/conf/mod/ciss
Wlisign -a -k adminpriv /usr/sbin/kcmodule
# kcmodule ciss=unused
Page
WLI database files
Backup and restore considerations
Overview
Read/write protected files
Policy protected and metadata files
Write protected
Recommendations
Metadata files
Flac policies
Ibac policies
Page
WLI database
HP Serviceguard considerations
Administration
Policy protected files
WLI reinstallation
Troubleshooting and known issues
Software distributor issues
Lost WLI administrator key or passphrase
# tar -xf /tmp/wlikeydb.tar
Wlisyspolicy -s mode=maintenance -k adminkey
Su root # rm -r /etc/wli
# kcmodule wli=unused # shutdown -r
Related information
Support and other resources
Contacting HP
User input
Typographic conventions
Websites
Times
Page
# make all
# make clean
Instructions
# su wliusr1
Flac add and delete program
Ibac add and delete program
Ibac add and delete program
Page
Administration examples
Wlicert -s -c wli.admin1 -o wmd -k adm1.pvt
Su root # wlisign -a -k adm1.pvt /usr/bin/tar
Cat /tmp/.$WLIFSPARMS$
Tar -vtf tartest.tar
Bdf mydir
Wlisys -k adm1.pvt -s wmdstoretype=pseudo
Bpbackup -f backuplist
Bprestore -f backuplist
Authorizing an administrator key
Quick setup examples
Configuring WLI
Authorizing a user key
Creating a Flac policy
Testing a Flac policy
Flac policies
Enabling a Flac policy
Ibac policies
Disabling an Ibac policy
Removing an Ibac policy
Glossary
ASM
Page
Symbols
Index
Index
