Software Distributor Administration Guide HP-UX 11i v1, 11i v2, and 11i v3 (5900-2561, March 2013)
#
# For host: newdist
#
# Date: Fri Nov 03 10:34:06 2001
#
# Object Ownership: User= root
# Group=sys
# Realm=newdist.fc.hp.com
#
# default_realm=newdist.fc.hp.com
user:fred:crwit
user:root:crwit
user:smp:crwit
user:root@udltools.fc.hp.com:crwit
user:fred@hpfred.fc.hp.com:crwit
user:chrisr@prewd.fc.hp.com:crwit
any_other:-r---
• To list the users with access to all products (“\*”) in a depot:
swacl -l product \* @ newdist:/var/spool/sw
#
# swacl Product Access Control Lists
#
# For depot: newdist:/var/spool/sw
#
# Date: Fri Nov 03 10:34:06 2001
#
# For product: product1,r=1.0
#
# Object Ownership: User= root
# Group=other
# Realm=newdist.fc.hp.com
#
# default_realm=newdist.fc.hp.com
object_owner:crwit
user:root:crwit
user:root@prewd.fc.hp.com:crwit
any_other:-r---
9.3.2 Allowing Users to Manage Products in a Depot
Users that are packaging products may need access to the SD-UX depots to store their products.
In ACLs, a is a shorthand notation for all permissions (crwit).
To allow user mary to add new products to the depot:
swacl -l depot -M user:mary:a [@ host:depot]
To allow access for user mary to modify all existing products in a depot:
swacl -l product -M user:mary:a \* [@ host]
To modify the template so that user mary can modify new products created by others in the depot:
swacl -l global_product_template -M user:mary:a [@ host]
(In the above examples, change user to group and use a group name to add group access to
the depot structures.)
9.3.3 Allowing Users to Manage Roots (Install/Remove)
To give a user (mary) the necessary permissions to be able to install or remove software on host
mysys:
150 SD-UX Security