Manualshelf

Software Distributor Administration Guide for HP-UX 11i

ManualsBrandsHP ManualsSoftwareHP-UX 11i v1.6 Technical Computing (TCOE) LTU
271272273274275276277278279280
SD-UX Security
ACL Entries
Chapter 9278
The remote host ACL must have two entries granting insert permission:
one for the user, and one for the target host.
For example, for user rob to be allowed to install a product on target host
lucille from an unregistered depot on source host desi, the command
swacl -l host @ desi
must show the minimum ACL entries
user:rob@lucille:-i-
host:lucille:-i-
Rob could alternatively register the depot with the swreg command with
only the first entry above before running swinstall or swcopy.
Host System ACLs
The host system is the highest level of protected object in SD-UX. A host
ACL protects each host system, controlling permission to create depots
and roots. The host ACL may grant the following permissions:
A sample host-system ACL grants depot and root source creation, source
listing, and ACL administration to a user named rob and give open
permission to list the depots and roots on the host, would be:
user:rob:r-ic-
any_other:r
Since any_other does not have t (test) permission, only
rob
can list this
ACL, because he has c (control permission).
Table 9-7 Host ACL Permissions
r (read) Permission to obtain host attributes, including a list of
depots and roots on the host.
w (write) Permission to change the host object.
i (insert) Permission to create and register a new depot or root
on the host.
c (control) Permission to edit or change the ACL.
t (test) Permission to test access to an object and list the ACL.