Software Distributor Administration Guide for HP-UX 11i
SD-UX Security
Basic Security Tasks
Chapter 9 265
#
# Object Ownership: User= root
# Group=other
# Realm=newdist.fc.hp.com
#
# default_realm=newdist.fc.hp.com
object_owner:crwit
user:root:crwit
user:root@prewd.fc.hp.com:crwit
any_other:-r---
Allowing Users to Manage Products in a Depot
Users that are packaging products may need access to the SD-UX depots
to store their products.
In ACLs, a is a shorthand notation for all permissions (crwit).
To allow user mary to add new products to the depot:
swacl -l depot -M user:mary:a [@
host:depot
]
To allow access for user
mary
to modify all existing products in a depot:
swacl -l product -M user:mary:a \* [@
host
]
To modify the template so that user mary can modify new products
created by others in the depot:
swacl -l global_product_template -M user:mary:a [@
host
]
(In the above examples, change user to group and use a group name to
add group access to the depot structures.)
Allowing Users to Manage Roots (Install/Remove)
To give a user (mary) the necessary permissions to be able to install or
remove software on host mysys:
swacl -l root -M user:mary:a @ mysys
To allow user mary to install software into the default root:
swacl -l root -M user:mary:ri
To give user mary the permission to open the root for reading:
swacl -l root -M user:mary:r