Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
HP-UX System Administrator's Guide: Security Management: HP-UX 11i Version 3

About this Document


Technical documentation

Complete book in PDF
» Feedback
Content starts here

 » Table of Contents

 » Glossary

 » Index

Publication History

The document publication date and part number indicate its current edition. The publication date will change when a new edition is released.

To ensure that you receive the new editions, you should subscribe to the appropriate product support service. Contact your HP sales representative for details.

You can find the various versions of this document at:


March 2008

Part Number 5992–3387

  • Divided the document into three parts: Protecting Systems, Protecting Data, and Protecting Identity.

  • Added a chapter to document HP-UX Standard Mode Security Extensions (see Chapter 4).

  • Replaced Security Patch Check with Software Assistant.

  • Added a figure to show the HP-UX Bastille user interface (see Section ).

  • Added the HP-UX Bastille configuration log file assessment-log.config (see Section ).

  • Made various edits.

October 2007

Part Number 5992-2395

  • Added a chapter to describe HP-UX Bastille.

August 2007

Part Number 5992-1933

  • Removed Process Resource Manager (PRM) from the product list that does not support shadow passwords (see Section ).

  • Corrected search to nsearch in permission_list (see Section ).

February 2007

Part Number 5991-6482

First Edition

NOTE: The volumes in the HP-UX System Administrator’s Guide can be updated independently. Therefore, the latest versions of the volumes in the set can vary with time and with respect to each other. The latest versions of each volume are available at:


Intended Audience

The HP-UX System Administrator’s Guide is written for administrators of HP-UX systems of all skill levels needing to administer HP-UX systems beginning with Release HP-UX 11i version 3.

While many topics in this set apply to previous releases, much has changed in HP-UX 11i version 3; therefore, for information about prior releases, see Managing Systems and Workgroups, a Guide for System Administrators.

About This Document Set

The HP-UX System Administrator’s Guide documents the core set of tasks (and associated concepts) necessary to administer systems running HP-UX 11i Version 3. It is comprised of the following volumes:


Provides a high-level view of HP-UX 11i, its components, and how they relate to each other.

Configuration Management

Describes many of the tasks that you must perform to configure and customize system settings and the behavior of subsystems.

Logical Volume Management

Documents how to configure physical volumes, volume groups, and logical volumes using the HP Logical Volume Manager (LVM).

Security Management

Documents the data and system security features of HP-UX 11i.

Routine Management Tasks

Documents many of the ongoing tasks you must perform to keep your system running smoothly.

HP-UX System Administrator's Guide: Security Management is divided into three parts: Protecting Systems, Protecting Data, and Protecting Identity. These parts include the following topics:

Chapter 1

Describes security considerations related to the boot and installation process.

Chapter 2

Describes how to administer user and system security after the operating system is installed.

Chapter 3

Describes how to harden and lockdown a system using HP-UX Bastille to enhance the security of the HP-UX operating system.

Chapter 4

Describes the features and components of HP-UX Standard Mode Security Extentions.

Chapter 5

Describes how to secure remote access to your system.

Chapter 6

Describes how to control and protect file systems.

Chapter 7

Describes compartments and how to isolate components of a system from one another.

Chapter 8

Describes fine-grained privileges and how to divide the powers of superusers into a set of privileges.

Chapter 9

Describes the features and components of HP-UX Role-Based Access Control.

Chapter 10

Describes the administration of the audit system.

Appendix A

Describes trusted systems.

Appendix B

Describes other security products.

HP-UX 11i Release Names and Release Identifiers

With HP-UX 11i, HP delivers a highly available, secure, and manageable operating system. HP-UX 11i supports enterprise, mission-critical, and technical computing environments and is available on both HP 9000 systems and HP Integrity servers.

Each HP-UX 11i release has an associated release name and release identifier. The uname command with the -r option returns the release identifier. See the following table for a list of releases available for HP-UX 11i:

Release IdentifierRelease NameSupported Processor Architecture


HP-UX 11i version 1

HP 9000


HP-UX 11i version 2



HP-UX 11i version 2, September 2004

HP 9000



HP-UX 11i version 3

HP 9000


For information on supported systems and processor architecture for various versions of HP-UX 11i, see the HP-UX 11i system release notes specific to the version of HP-UX you are running (for example, the HP-UX 11i Version 3 Release Notes).

Finding HP-UX Information

The following table outlines where to find general system administration information for HP-UX. However, it does not include information for specific products.

If you need toRefer ToLocated at

find out:

  • What has changed in HP-UX releases

  • The contents of the Operating Environments

  • Firmware requirements and supported systems for a specific release

the HP-UX 11i Release Notes specific to your version of HP-UX. For example, you may want to see the HP-UX 11i Version 3 Release Notes.

The /usr/share/doc directory contains only the original release note for your version of HP-UX. For revised release notes, see your latest HP Instant Information media or http://docs.hp.com.

Install or update HP-UX

  • Read Before Installing or Updating to HP-UX

  • HP-UX 11i Installation and Update Guide

(Note: See the documents for your specific version of HP-UX.)

  • Media Kit (supplied with the Operating Environment)

  • HP Instant Information media

Administer an HP-UX system

Releases beginning with HP-UX 11i Version 3:

  • HP-UX System Administrator’s Guide (a multivolume set)

other sources of system administration information:

Related Information

Additional information about Security and HP-UX can be found at http://docs.hp.com. In particular, the following documents are available:

  • HP-UX AAA Server Administrator's Guide

  • HP-UX Host Intrusion Detection System Administrator's Guide

  • HP-UX IPFilter Administrator's Guide

  • HP-UX IPSec Administrator's Guide

  • HP-UX Secure Shell Release Notes


This document uses the following typographical conventions.


An HP-UX manpage. reboot is the name and 1M is the section in the HP-UX Reference. On the Web and on the Instant Information media, it may be a hot link to the manpage itself. From the HP-UX command line, you can enter “man reboot” or “man 1M reboot” to view the manpage. See man(1) for more information.

Book Title

The title of a book. On the web and on the Instant Information media, it may be a hot link to the book itself.


The name of a keyboard key. Return and Enter both refer to the same key.


Text that is emphasized.


Text that is strongly emphasized.


The introduction of an important word or phrase.


Text displayed by the computer.


Commands and other text that you type.


A command name or qualified command phrase.


The name of a variable that you may replace in a command or function or information in a display that represents several possible values.

[ ]

The contents are optional in formats and command descriptions.

{ }

The contents are required in formats and command descriptions. If the contents are a list separated by |, you must choose one of the items

. . .

The preceding element may be repeated an arbitrary number of times.


Separates items in a list of choices.

Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 2008 Hewlett-Packard Development Company, L.P.