Manualshelf

Software Distributor Administrator Guide (September 2010)

ManualsBrandsHP ManualsSoftwareHP-UX Software Distributor
121122123124125126127128129130
4.3.1 Register Media or Create Network Depot?
When does it make sense to use your software media as a registered depot versus using
the media to create a network depot? In general, using media as a depot makes sense
for small-scale use, such as when only one or two other systems need to access the
media. If more systems will need to access the media, performance will be better if you
create a network depot from the individual media. See Additional Depot Management
Tasks and Examples” (page 128) for an example.
4.3.2 Registration and Security
Because SD-UX stores its objects in the file system, someone could build a “Trojan
Horse” file system image of a software depot. This could breech the security of any
system that installed products from the false depot. To protect systems from such a
situation, SD-UX requires that depots be registered before software may be installed
or copied from it. This check is always performed before granting access, except when
swinstall is run by the local superuser.
NOTE: Registration of a depot does not enforce any access restrictions. Access
enforcement is left to SD security (see Chapter 9: “SD-UX Security ” (page 187)).
Registration with swreg requires insert permission in the host’s ACL.
4.3.3 Authorization
To register a new depot or to unregister an existing depot, swreg requires read
permission on the depot in question and insert permission on the host. To unregister
a registered depot, the swreg command requires write permission on the host. See
Chapter 9: “SD-UX Security ” (page 187) for more information on permissions.
4.3.4 Using swreg
swreg Syntax
swreg -l level [-u] [-v] [-C session_file] [-f object_file]
[-S session_file] [-t target_file] [-x option=value]
[-X option_file] [objects_to_register] [@ target_selections]
Options and Operands
-l level
Specifies the level of the object to register or unregister,
where level can be depot or root.
-u Causes swreg to unregister the specified objects instead
of registering them.
-v Turns on verbose output to stdout and displays all
activity to the screen.
126 Managing Software Depots