Manualshelf

HP-UX Reference (11i v1 00/12) - 1M System Administration Commands N-Z (vol 4)

ManualsBrandsHP ManualsSoftwareHP-UX Reference Manuals
331332333334335336337338339340
__________________________________________________________________________________________________________________________________________________________________________________________________
__________________________________________________________________________________________________________________________________________________________________________________________________
STANDARD Printed by: Nora Chuang [nchuang] STANDARD
/build/1111/BRICK/man1m/naaagt.1m
________________________________________________________________
___ ___
s
swacl(1M) swacl(1M)
swacl -l product -D user:allen@gemini OPENVIEW @ lehi
To revoke any previously issued access to the OPENVIEW product in the default depot on host lehi by
users on host numenal:
swacl -l product -D host:numenal OPENVIEW @ lehi
To deny all access to the users steve and george for the depot /var/spool/sw at host newdist:
swacl -l depot -M user:steve:- -M user:george:- \
@ newdist:/var/spool/sw
To delete entries for local user rick from all products in the default local depot:
swacl -l product -D user:rick \*
WARNINGS
You can edit an ACL in such a way that it will leave a system inaccessible. Do not remove all con-
trol
permissions on an ACL. (Note, however, that the local super-user can always edit SD ACLs,
regardless of permissions.)
ACLs can grant the equivalent of local superuser permission. SD loads and runs files and scripts as
superuser. Therefore, if an SD ACL gives a user write permission on a root filesystem or insert per-
mission on a host, that user has the equivalent of superuser privileges.
Note that swacl is not a general purpose ACL editor. It works only on ACLs protecting SD objects.
FILES
$HOME/.swdefaults
Contains the user-specific default values for some or all SD options.
/usr/lib/sw/sys.defaults
Contains the master list of current SD options (with their default values).
/var/adm/sw/
The directory which contains all of the configurable (and non-configurable) data for SD. This directory
is also the default location of logfiles.
/var/adm/sw/defaults
Contains the active system-wide default values for some or all SD options.
/var/adm/sw/products/
The Installed Products Database (IPD), a catalog of all products installed on a system.
/var/adm/sw/security/
The directory which contains ACLs for the system itself, template ACLS, and the secrets file used to
authenticate remote requests.
/var/spool/sw/
The default location of a source and target software depot.
AUTHOR
swacl was developed by the Hewlett-Packard Company.
SEE ALSO
sd(5), sd(4), swpackage(4), swagentd(1M), swask(1M), swconfig(1M), swcopy(1M), swinstall(1M), swjob(1M),
swlist(1M), swmodify(1M), swpackage(1M), swreg(1M), swremove(1M), swverify(1M), install-sd(1M).
Software Distributor Administration Guide, available at
http://docs.hp.com.
SD customer web site at
http://software.hp.com/SD_AT_HP/
.
HP-UX Release 11i: December 2000 10 Section 1M833
___
___