Chapter 6. Security in workload partition environments 165
Algorithm ................ RSA_1024
Validity ................. Key is valid
global@lpar13#efsmgr -r global_file -u glagent
global@lpar13#efsmgr -l global_file
EFS File information:
List of keys that can open the file:
Algorithm : RSA_1024
Who : uid 204
Key fingerprint : 3f77390a:ac67372e:d3868009:dc4b4cfb:3529dd68
cat: 0652-050 Cannot open /fs/global_file.
This technique can be used when access to global data needs to be granted to
local users and global environment still retains control over the data.
6.4 Users and groups
To understand user and group management features related to WPAR, you must
first understand the nature of WPARs as they relate to users.
Application WPARs are created mostly for running a specific application, so they
usually share the user space and security context with the global environment.
On the other hand, system WPARs are intended to behave like independent
environments. They inherit the traditional AIX management tasks, control
features, and security attributes with respect to both users and groups, so all
user and group management activities are similar to those performed on
stand-alone AIX systems.