Query: getrules
OS: hpux
Section: 1m
Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar
getrules(1M) getrules(1M)NAMEgetrules - display compartment rulesSYNOPSIS[compartment_name]... interface_name[...] ipaddr/mask[...] [interface_name...] [IPaddress...]DESCRIPTIONdisplays rules defined for compartment(s) or network interface(s). This command can only be used when compartmentalization is enabled (see cmpt_tune(1M)). If no options are specified, all subsystem rules for the given compartment are displayed. If no compartment_name is specified, information on all compartments is displayed. Options recognizes the following options: Displays all the compartments configured on the system. Displays the file system rules for the compartment(s). Displays the IPC system rules for the compartment(s). Displays the compartment names associated with the interface(s) and the IP address/mask as set by a previous invocation of Either the interface_name or the ipaddr/mask must be specified. More than one interface_name and/or IPaddress can be specified. Displays the compartment names associated with the logical interface(s) and the IP addresses as applied by the kernel. When interface rules conflict with each other, this option can be used to find how the conflicts are resolved. If no arguments are specified, information about all currently active interfaces is displayed. Displays the network system rules for the compartment(s). Displays all the interface rules being applied by the kernel on the specified compartment(s). If no compartment name is specified all the interface rules being applied by the kernel on all the existing compartments will be displayed. Displays the disallowed privileges list in short form for compartment(s). The short form includes compound privileges in the privilege list. Displays the disallowed privileges list in literal form for compartment(s). The literal form expands compound privileges in the privilege list. Displays all the compartment rules of the specified compartment(s) in the machine parsable format. Using the "" or "" command is useful when used in combination with discover mode. See compart- ments(5). Operands recognizes the following operands: compartment_name Name of the compartment for which information is displayed. interface_name Name of the network interface for which information is displayed. IPaddress An IPv4 or IPv6 address ipaddr/mask An IPv4 address or an IPv6 address and the corresponding mask. Notes The command is provided for diagnostic purposes, and as such the output of the command may change. Some rules can be expressed in multiple forms. For instance, specifying that it can send a signal to is the same as specifying that it can receive signals from As this command displays the rules only once, it can be misleading when interpreting the output. Security Restrictions The user invoking this command must have one of the following authorizations: See authadm(1M)).RETURN VALUEreturns the following values: Successful completion. The rules are displayed. An error occurred. An error can be caused by an invalid option or because the user does not have permissions to perform the operation.EXAMPLESExample: Display all file system rules for the compartment named web: Sample output: Compartment Name: web : sealed Disallowed Privileges: POLICY File System Rules: ------------------ PERMISSION PATHNAME read, write, create, unlink /SEE ALSOcmpt_tune(1M), setrules(1M), compartments(4), compartments(5), privileges(5). getrules(1M)
| Related Man Pages |
|---|
| privrun(1m) - hpux |
| cmpt_endent(3) - hpux |
| cmpt_get(3) - hpux |
| cmpt_getbyname(3) - hpux |
| compartments(5) - hpux |
| Similar Topics in the Unix Linux Community |
|---|
| HP-UX 11i Security Containment |
| ipaddr.py 1.0.0 (Default branch) |
| The Value of (Production) Rules … |
| Luminescent Enhancement of Reflective Displays |