Software Distributor Administration Guide HP-UX 11i v1, 11i v2, and 11i v3 (5900-2561, March 2013)

ManualsBrandsHP ManualsSoftwareHP-UX Software Distributor

231

232

233

234

235

236

237

238

239

240

12 Nonprivileged SD

This chapter provides general guidelines on how to set up Software Distributor to run in

nonprivileged mode.

Table 52 Chapter Topics

Topics:

“Overview” (page 231)

“Setting Up Nonprivileged Mode” (page 232)

“Default Configuration” (page 233)

“Alternative Configuration” (page 233)

12.1 Overview

The nonprivileged mode of SD-UX lets users access application software based on their file system

permissions rather than super-user privilege implemented by SD-UX ACLs. Nonprivileged mode is

honored by almost all SD commands. You can use nonprivileged mode for all aspects of developing,

distributing, and managing applications.

12.1.1 Who Can Benefit?

Nonprivileged SD-UX is primarily intended for administrators of large data centers who must

manage in-house applications without using super-user privilege. You might not benefit from this

feature if you are a casual user wanting to manage your own applications—unless you are

experienced enough at packaging software to take advantage of nonprivileged mode.

12.1.2 How Does It Work?

In nonprivileged mode, most SD-UX operations are done according to the invoking user’s uid, gid,

and umask. In this mode, logfiles and the installed software catalog usually found in /var/adm/sw

are stored by default in user-specific admin directories at /var/home/USER_NAME/sw (in which

USER_NAME is the user’s log-in name). Location of the user’s admin directory and installed software

catalog can be customized using default options.

While you are using nonprivileged mode, you can also package and copy applications that won’t

be used for nonprivileged mode. However, you must use the normal mode of SD-UX (that is with

run_as_superuser set to true and permissions granted by ACLs) to install such applications.

When packaging, file system access on the install target must be considered. See “Packaging

Software for Use in Nonprivileged Mode” (page 232).

12.1.3 Limitations

• Remote targets are not allowed with SD-UX remote operations, except for swlist access to

remote systems and commands that can normally access remote depots. Access to such remote

systems is determined by the SD ACLs on the remote system.

• Nonprivileged mode cannot be used to manage HP-UX operating system software or patches

to it.

• A swinstall or swcopy in nonprivileged mode cannot read a source depot on a local

writable file system that was created with super-user privileges (that is, created by a super-user,

12.1 Overview 231