Software Distributor Administration Guide for HP-UX 11i
SD-UX Security
ACL Entries
Chapter 9 283
• Product ACL Template (global_product_template)
The ACL that is used to initialize the product ACL template on
depots that are created on the host.
There are also two ACLs on product depots:
• The depot’s ACL that is used to determine permissions on the depot.
• The depot’s product ACL template (product_template) that is used
to initialize the ACLs protecting new products on the depot.
There is one ACL on the installation (root):
• The root ACL that protects the root and products installed on it.
And finally, there is one ACL on the product:
• The product’s ACL that is used to determine permissions on the
product.
Every host must have an ACL protecting it and a pair of template ACLs
(product and container) to provide initialization data for implicit depot
and product ACLs. All three are created when SD-UX is installed on the
host.
Default ACL Template Entries
The host system’s container ACL template dictates initial permissions on
all depots and roots that are introduced on that host. The host also
contains a master copy of a product ACL template, which is copied to
each new depot.
A default set of host ACLs is provided at the time SD-UX is installed that
can be altered by the SD-UX administrator. The contents of these
host-system ACLs immediately after SD-UX installation are:
Host ACL
• The host ACL below allows global (any_other) permission to list the
depots and roots on the host:
object_owner:swadm:crwit
any_other:-r---