Manualshelf

Software Distributor Administrator Guide (September 2010)

ManualsBrandsHP ManualsSoftwareHP-UX Software Distributor
211212213214215216217218219220
provide the /etc/logingroup link to /etc/group to activate HP-UX supplementary
groups.
NOTE: /etc/logingroup is an HP-UX utility to support both SVR2/3 and BSD
group semantics selectively. When /etc/logingroup is linked to /etc/group,
HP-UX gives BSD (and SVR4) semantics.
If the file /etc/logingroup does not exist on systems targeted as SD-UX Controllers,
execute the following command (as superuser) on each appropriate system:
ln -s /etc/group /etc/logingroup
9.9.1 Security in Remote Distributions
A common use of SD-UX remote operations capabilities is for a software administrator
to push software from a local depot out to numerous remote targets.
You can set up of this kind of configuration:
1. Establish the group swadm on the controller host as described above.
2. Edit the three host ACLs on each target system. If you used the suggested setup
discussed in “Setting Up Remote Operations” (page 159) to install the agents on
the target systems, you may edit the three host ACLs on the Targets as superuser
on the system from which you performed setup:
swacl -l host \
-M group:swadm@`hostname`:a @ remsys1. . .remsysN
swacl -l global_soc_template \
-M group:swadm@`hostname`:a @ remsys1. . .remsysN
swacl -l global_product_template \
-M group:swadm@`hostname`:a @ remsys1. . .remsysN
You may want to grant permissions to specific users to manage particular products on
the primary depot. For example, user ramon may be assigned responsibility to manage
the ALLBASE product on your depot, installing new versions and patches when they
become available. To add ramon to the ACL for ALLBASE on the local depot and grant
him all permissions on that one product, run the command:
swacl -l product -M user:ramon:a ALLBASE
At the same time, you may want to eliminate the ACL entry for group swadm for the
same product:
swacl -l product -D group:swadm ALLBASE
9.9.2 Security in Local Distributions
Host administrators may grant permission to individual users or groups, trusted at
the local host, to administer software locally. Trusted local users have root ACL entries
granting insert and write permissions. At the source depot, access to all software
9.9 Security Use Models 215