Software Distributor Administration Guide for HP-UX 11i
SD-UX Security
ACL Entries
Chapter 9280
A sample depot ACL that grants its creator all permissions; user george
permission to list and insert software products; members of group swadm
permission to list and insert products, change the ACL and delete the
depot itself; and everyone else permission to list the contents of the
depot, would be:
object_owner:crwit
user:george:-r-i-
group:swadm:crwi-
any_other:-r-
When a depot source object is created, it is automatically protected by a
default ACL derived from its host. Products inserted in that depot will
automatically be protected by an ACL derived from the depot. This
concept is discussed in the “ACL Templates” on page 282.
Product ACLs
Product ACLs only apply to products on depots. Products on roots are
protected by the root’s ACL. There are two classes of principals that are
granted access rights to products:
Permissions on products are:
t (test) Permission to test access to an object and list the
ACL.
Table 9-9 Depot Permissions (Continued)
Table 9-10 Product Principals
users Granted various administrative permissions. This
class includes groups and others, both local and
remote.
hosts Target systems (agent/daemons) granted read
permissions to allow product installation.
Table 9-11 Product Permissions
w (write) Permission to users to change and delete the product
and/or product information.