Software Distributor Administration Guide for HP-UX 11i
Managing Software Depots
Registering and Unregistering Depots (swreg)
Chapter 4152
Registration and Security
Because SD-UX stores its objects in the file system, someone could build
a “Trojan Horse” file system image of a software depot. This could breech
the security of any system that installed products from the false depot.
To protect systems from such a situation, SD-UX requires that depots be
registered before software may be installed or copied from it. This check
is always performed before granting access, except when swinstall is run
by the local superuser.
NOTE Registration of a depot does not enforce any access restrictions. Access
enforcement is left to SD security (see Chapter 9, “SD-UX Security,” on
page 255). Registration with swreg requires insert permission in the
host’s ACL.
Authorization
To register a new depot or to unregister an existing depot, swreg requires
read permission on the depot in question and insert permission on the
host. To unregister a registered depot, the swreg command requires
write permission on the host. See Chapter 9, “SD-UX Security,” on
page 255 for more information on permissions.
Using swreg
swreg Syntax swreg -l
level
[-u] [-v] [-C
session_file
] [-f
object_file
]
[-S
session_file
][-t
target_file
][-x
option=value
]
[-X
option_file
][
objects_to_register
][@
target_selections
]
Options and
Operands
-l
level
Specifies the level of the object to register or unregister,
where level can be depot or root.
-u Causes swreg to unregister the specified objects
instead of registering them.
-v Turns on verbose output to stdout and displays all
activity to the screen.