NAME
vhardlinks — checks the consistency of compartment rules for files with multiple hardlinks
SYNOPSIS
vhardlinks
[-m
mount_point[...]]
DESCRIPTION
vhardlinks
checks the consistency of compartment rules for files that have multiple
hard links pointing to them.
If a file has multiple hard links, it is possible to create compartment
rules such that the file will have conflicting rules controlling access to it.
If you invoke
vhardlinks
without arguments, a list of mount points is taken from the
default file
/etc/cmpt/hardlinks/hardlinks.config,
which contains a list of system mount points, one per line.
If the line is commented with a
#
or if it is not the absolute path of a mount point,
it is skipped.
Output is logged to the
/var/adm/syslog/cmpt.log
file.
Options
vhardlinks
recognizes the following option:
- -m mount_point
Specifies mount points.
mount_point(s)
specifies the mount point(s) to check for files with multiple hard links
when using the
-m
option.
Multiple mount points are specified as a white space separated list.
Security Restrictions
The user invoking this command must have one of the following
authorizations:
hpux.security.xsec.secrules.unrestricted
hpux.security.xsec.secrules.restricted
A user with
hpux.security.xsec.secrules.unrestricted
authorization
can invoke this command from any compartment, while a user with
hpux.security.xsec.secrules.restricted
authorization can invoke
this command from only those compartments that have read and
write access to the
/etc/cmpt
directory heirarchy.
See
authadm(1M)).
FILES
- /etc/cmpt/hardlinks/hardlinks.config
Default file; a list of system mount points.
- /var/adm/syslog/cmpt.log
Log file to which output from
vhardlinks
is directed.
Printable version
