Software Distributor Administration Guide for HP-UX 11i
SD-UX Security
ACL Entries
Chapter 9274
Do not confuse the host object (which is a computer system that contains
depots, roots, and software) with the
host
entry type (which defines
permissions for access to target systems).
The user and group of the object’s owner are determined and
automatically recorded at the time the object is created (based on the
identity of the person who creates it). This information is recorded as
user, group, and realm. An object_owner or object_group entry type
in an ACL causes the SD-UX ACL manager to look up the owner and
group information on the object; and if a match to the requester is found,
grant permissions as specified.
There may be many user, group, and host type entries per ACL, while
there may be only one of each of object_owner, object_group and
any_other. There may be at most one local (i.e., no key) other entry and
an unlimited number of remote (i.e., keyed) other entries.
ACL Keys
The second part of the ACL entry is the key. The table below lists the
possible key values for specific entry types.
any_other Principals not matching any
other entry
object_owner Owner of the object
object_group Members of the group to which an
object belongs
Table 9-3 SD-UX ACL Entry Types (Continued)
Type Permissions Apply To
Table 9-4 SD-UX ACL Entry Key Values
Entry Type Key Content
user a user name [optionally, @
remote-host
]
group a group name [optionally, @
remote-host
]
host a host name