HP-UX Reference (11i v1 00/12) - 1M System Administration Commands N-Z (vol 4)
__________________________________________________________________________________________________________________________________________________________________________________________________
__________________________________________________________________________________________________________________________________________________________________________________________________
STANDARD Printed by: Nora Chuang [nchuang] STANDARD
/build/1111/BRICK/man1m/naaagt.1m
________________________________________________________________
___ ___
s
swacl(1M) swacl(1M)
other:@newdist:-r--t.)
user Permissions for a named user. This type of ACL entry must include a key that
identifies that user. The format for user can be: user:user_name:permissions or
user:user_name@hostname:permissions. (Example: user:rml:crwit.)
Permissions
Permissions are represented as the single character abbreviations indicated below. Some permissions
either apply only to, or have different meaning for, certain types of objects, as detailed below. The follow-
ing permissions may be granted:
r ead Grants permission to read the object. On host, depot,or root objects, read permis-
sion allows swlist operations. On products within depots, read permission allows pro-
duct files to be installed or copied with swinstall or swcopy.
w rite Grants permission to modify the object itself.
• On a root object (e.g. installed root filesystem), this also grants permission to modify
the products installed (contained) within it.
• On a depot object, it does not grant permission to modify the products contained
within it. Write access on products is required to modify products in a depot.
• On a
host container, write permission grants permission to unregister depots. It
does not grant permission to modify the depots or roots contained within it.
i nsert On a host object, grants permission to create (insert) a new software depot or root
filesystem object, and to register roots and depots. On a depot object, grants permis-
sion to create (insert) a new product object into the depot.
c ontrol Grants permission to modify the ACL using swacl.
t est Grants permission to perform access checks and to list the ACL.
a ll A wildcard which grants all of the above permissions. It is expanded by swacl to
crwit.
List Output Format
The output of a list operation is in the following format:
# swacl Object_type Access Control List
#
# For
depot|host:[host]:[/directory]
#
# Date:
date_stamp
#
# Object Ownership: User=
user_name
# Group= group_name
# Realm= host_name
#
# default_realm =
host_name
entry_type:[key:]permissions
entry_type:[key:]permissions
entry_type:[key:]permissions
You can save this output into a file, modified it, then use it as input to a
swacl modify operation (see the
-F option above).
Object Ownership
An owner is also associated with every SD object, as defined by the user name, group and hostname. The
owner is the user who created the object. When using swacl to view an ACL, the owner is printed as a
comment in the header.
Default Realm
An ACL defines a default realm for an object. The realm is currently defined as the name of the host sys-
tem on which the object resides. When using swacl to view an ACL, the default realm is printed as a
comment in the header.
Section 1M−−830 − 7 − HP-UX Release 11i: December 2000
___
___