About this Document

Publication History

The document publication date and part number indicate its current edition. The publication date will change when a new edition is released.

To ensure that you receive the new editions, you should subscribe to the appropriate product support service. Contact your HP sales representative for details.

You can find the various versions of this document at:

http://docs.hp.com

March 2008

Part Number 5992–3387

Divided the document into three parts: Protecting Systems, Protecting Data, and Protecting Identity.
Added a chapter to document HP-UX Standard Mode Security Extensions (see Chapter 4).
Replaced Security Patch Check with Software Assistant.
Added a figure to show the HP-UX Bastille user interface (see Section ).
Added the HP-UX Bastille configuration log file assessment-log.config (see Section ).
Made various edits.

October 2007

Part Number 5992-2395

Added a chapter to describe HP-UX Bastille.

August 2007

Part Number 5992-1933

Removed Process Resource Manager (PRM) from the product list that does not support shadow passwords (see Section ).
Corrected search to nsearch in permission_list (see Section ).

February 2007

Part Number 5991-6482

First Edition




	NOTE: The volumes in the HP-UX System Administrator’s Guide can be updated independently. Therefore, the latest versions of the volumes in the set can vary with time and with respect to each other. The latest versions of each volume are available at: http://docs.hp.com

Intended Audience

The HP-UX System Administrator’s Guide is written for administrators of HP-UX systems of all skill levels needing to administer HP-UX systems beginning with Release HP-UX 11i version 3.

While many topics in this set apply to previous releases, much has changed in HP-UX 11i version 3; therefore, for information about prior releases, see Managing Systems and Workgroups, a Guide for System Administrators.

About This Document Set

The HP-UX System Administrator’s Guide documents the core set of tasks (and associated concepts) necessary to administer systems running HP-UX 11i Version 3. It is comprised of the following volumes:

Overview: Provides a high-level view of HP-UX 11i, its components, and how they relate to each other.
Configuration Management: Describes many of the tasks that you must perform to configure and customize system settings and the behavior of subsystems.
Logical Volume Management: Documents how to configure physical volumes, volume groups, and logical volumes using the HP Logical Volume Manager (LVM).
Security Management: Documents the data and system security features of HP-UX 11i.
Routine Management Tasks: Documents many of the ongoing tasks you must perform to keep your system running smoothly.

HP-UX System Administrator's Guide: Security Management is divided into three parts: Protecting Systems, Protecting Data, and Protecting Identity. These parts include the following topics:

Chapter 1: Describes security considerations related to the boot and installation process.
Chapter 2: Describes how to administer user and system security after the operating system is installed.
Chapter 3: Describes how to harden and lockdown a system using HP-UX Bastille to enhance the security of the HP-UX operating system.
Chapter 4: Describes the features and components of HP-UX Standard Mode Security Extentions.
Chapter 5: Describes how to secure remote access to your system.
Chapter 6: Describes how to control and protect file systems.
Chapter 7: Describes compartments and how to isolate components of a system from one another.
Chapter 8: Describes fine-grained privileges and how to divide the powers of superusers into a set of privileges.
Chapter 9: Describes the features and components of HP-UX Role-Based Access Control.
Chapter 10: Describes the administration of the audit system.
Appendix A: Describes trusted systems.
Appendix B: Describes other security products.

HP-UX 11i Release Names and Release Identifiers

With HP-UX 11i, HP delivers a highly available, secure, and manageable operating system. HP-UX 11i supports enterprise, mission-critical, and technical computing environments and is available on both HP 9000 systems and HP Integrity servers.

Each HP-UX 11i release has an associated release name and release identifier. The uname command with the -r option returns the release identifier. See the following table for a list of releases available for HP-UX 11i:

Release Identifier	Release Name	Supported Processor Architecture
B.11.11	HP-UX 11i version 1	HP 9000
B.11.23	HP-UX 11i version 2	Intel™ Itanium™
B.11.23	HP-UX 11i version 2, September 2004	HP 9000 Itanium
B.11.31	HP-UX 11i version 3	HP 9000 Itanium

For information on supported systems and processor architecture for various versions of HP-UX 11i, see the HP-UX 11i system release notes specific to the version of HP-UX you are running (for example, the HP-UX 11i Version 3 Release Notes).

Finding HP-UX Information

The following table outlines where to find general system administration information for HP-UX. However, it does not include information for specific products.

If you need to Refer To Located at

find out:

What has changed in HP-UX releases
The contents of the Operating Environments
Firmware requirements and supported systems for a specific release

the HP-UX 11i Release Notes specific to your version of HP-UX. For example, you may want to see the HP-UX 11i Version 3 Release Notes.

HP Instant Information media
http://docs.hp.com
/usr/share/doc/ directory

The /usr/share/doc directory contains only the original release note for your version of HP-UX. For revised release notes, see your latest HP Instant Information media or http://docs.hp.com.

Install or update HP-UX

Read Before Installing or Updating to HP-UX
HP-UX 11i Installation and Update Guide

(Note: See the documents for your specific version of HP-UX.)

Media Kit (supplied with the Operating Environment)
HP Instant Information media
http://docs.hp.com

Administer an HP-UX system

Releases beginning with HP-UX 11i Version 3:

HP-UX System Administrator’s Guide (a multivolume set)

other sources of system administration information:

nPartition Admnistrator's Guide
Planning Superdome Configurations (white paper)

HP Instant Information CD-ROM
http://docs.hp.com
Planning Superdome Configurations (white paper)

Related Information

Additional information about Security and HP-UX can be found at http://docs.hp.com. In particular, the following documents are available:

HP-UX AAA Server Administrator's Guide
HP-UX Host Intrusion Detection System Administrator's Guide
HP-UX IPFilter Administrator's Guide
HP-UX IPSec Administrator's Guide
HP-UX Secure Shell Release Notes

Conventions

This document uses the following typographical conventions.

reboot(1M): An HP-UX manpage. reboot is the name and 1M is the section in the HP-UX Reference. On the Web and on the Instant Information media, it may be a hot link to the manpage itself. From the HP-UX command line, you can enter “man reboot” or “man 1M reboot” to view the manpage. See man(1) for more information.
Book Title: The title of a book. On the web and on the Instant Information media, it may be a hot link to the book itself.
KeyCap: The name of a keyboard key. Return and Enter both refer to the same key.
Emphasis: Text that is emphasized.
Emphasis: Text that is strongly emphasized.
Term: The introduction of an important word or phrase.
ComputerOut: Text displayed by the computer.
UserInput: Commands and other text that you type.
Command: A command name or qualified command phrase.
Variable: The name of a variable that you may replace in a command or function or information in a display that represents several possible values.
[ ]: The contents are optional in formats and command descriptions.
{ }: The contents are required in formats and command descriptions. If the contents are a list separated by |, you must choose one of the items
. . .: The preceding element may be repeated an arbitrary number of times.
|: Separates items in a list of choices.

About this Document

Technical documentation

» Table of Contents

» Glossary

» Index